CXF客户端调用https Webservice
2015-12-14 00:00
549 查看
摘要: CXF客户端调用https Webservice
1.生成服务器端所需证书文件
2.生成cxf调用https webservice 所用的证书文件
3.客户端代码
参考资料:
http://bbs.csdn.net/topics/350150090
http://www.educity.cn/wenda/130283.html
http://blog.csdn.net/kongxx/article/details/7534035
http://bbs.csdn.net/topics/350150090
http://aruld.info/programming-ssl-for-jetty-based-cxf-services/
http://blog.csdn.net/zhangliang605/article/details/24101051
http://zhidao.baidu.com/link?url=YCxDHHSJWpuin3OdnmN9QUj7lauIEAHi2RE6BT0cwk22G3eqbX30Dr-OXcJt0hYCHZcp27e3iAx0xIG8IyInOqzq2YUCDbON78D3rOJ1y_7
1.生成服务器端所需证书文件
#设置变量 set OPENSSL_CONF=openssl.cfg # 生成一个RSA密钥 openssl genrsa -des3 -out server.key 1024 # 生成一个证书请求 openssl req -new -key server.key -out server.csr # 拷贝一个不需要输入密码的密钥文件 openssl rsa -in server.key -out server_nopwd.key # 自己签发证书 openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
2.生成cxf调用https webservice 所用的证书文件
#从key和crt生成pkcs12格式的keystore openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12 -name tomcat -CAfile server.crt -caname root -chain #生成需要的keystore keytool -importkeystore -v -srckeystore mycert.p12 -srcstoretype pkcs12 -srcstorepass 123456 -destkeystore tomcat.keystore -deststoretype jks -deststorepass 123456
3.客户端代码
package cn.net.sunge.gdms.util; import java.io.File; import java.io.FileInputStream; import java.security.KeyStore; import java.util.Map; import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import org.apache.cxf.configuration.jsse.TLSClientParameters; import org.apache.cxf.endpoint.Client; import org.apache.cxf.frontend.ClientProxy; import org.apache.cxf.jaxws.JaxWsProxyFactoryBean; import org.apache.cxf.transport.http.HTTPConduit; public class WsClientUtil { public static <T> T getInterface(Class<T> clazz, String address) { return getInterface(clazz, address, null); } @SuppressWarnings("unchecked") public static <T> T getInterface(Class<T> clazz, String address, Map<String, Object> properties) { JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean(); factory.setAddress(address); factory.setServiceClass(clazz); if (null != properties) { factory.setProperties(properties); } return (T) factory.create(); } public static <T> T getHttpsInterface(Class<T> clazz, String address, String jksPath, String jksPwd) { return getHttpsInterface(clazz, address, jksPath, jksPwd, null); } @SuppressWarnings("unchecked") public static <T> T getHttpsInterface(Class<T> clazz, String address, String jksPath, String jksPwd, Map<String, Object> properties) { JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean(); factory.setAddress(address); factory.setServiceClass(clazz); if (null != properties) { factory.setProperties(properties); } T t = (T) factory.create(); configureSSLOnTheClient(t, jksPath, jksPwd); return t; } private static void configureSSLOnTheClient(Object obj, String jksPath, String jksPwd) { File file = new File(jksPath); Client client = ClientProxy.getClient(obj); HTTPConduit httpConduit = (HTTPConduit) client.getConduit(); try { TLSClientParameters tlsParams = new TLSClientParameters(); tlsParams.setDisableCNCheck(true); KeyStore keyStore = KeyStore.getInstance("JKS"); String password = jksPwd; String storePassword = jksPwd; keyStore.load(new FileInputStream(file), storePassword.toCharArray()); TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustFactory.init(keyStore); TrustManager[] trustManagers = trustFactory.getTrustManagers(); tlsParams.setTrustManagers(trustManagers); keyStore.load(new FileInputStream(file), storePassword.toCharArray()); KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); keyFactory.init(keyStore, password.toCharArray()); KeyManager[] keyManagers = keyFactory.getKeyManagers(); tlsParams.setKeyManagers(keyManagers); // FiltersType filtersTypes = new FiltersType(); // filtersTypes.getInclude().add(".*_EXPORT_.*"); // filtersTypes.getInclude().add(".*_EXPORT1024_.*"); // filtersTypes.getInclude().add(".*_WITH_DES_.*"); // filtersTypes.getInclude().add(".*_WITH_NULL_.*"); // filtersTypes.getExclude().add(".*_DH_anon_.*"); // tlsParams.setCipherSuitesFilter(filtersTypes); tlsParams.setDisableCNCheck(true); httpConduit.setTlsClientParameters(tlsParams); } catch (Exception e) { e.printStackTrace(); } } }
参考资料:
http://bbs.csdn.net/topics/350150090
http://www.educity.cn/wenda/130283.html
http://blog.csdn.net/kongxx/article/details/7534035
http://bbs.csdn.net/topics/350150090
http://aruld.info/programming-ssl-for-jetty-based-cxf-services/
http://blog.csdn.net/zhangliang605/article/details/24101051
http://zhidao.baidu.com/link?url=YCxDHHSJWpuin3OdnmN9QUj7lauIEAHi2RE6BT0cwk22G3eqbX30Dr-OXcJt0hYCHZcp27e3iAx0xIG8IyInOqzq2YUCDbON78D3rOJ1y_7
相关文章推荐
- Linux实现https方式访问站点
- HTTPS的七个误解
- android调用web service(cxf)实例应用详解
- Centos 5下配置https服务器的方法
- apache https配置详细步骤讲解
- php使用curl打开https网站的方法
- win2003 https 网站的图文配置教程
- 安卓APP测试之使用Burp Suite实现HTTPS抓包方法
- android教程使用webview访问https的url处理sslerror示例
- PHP简单实现HTTP和HTTPS跨域共享session解决办法
- php之curl实现http与https请求的方法
- apache中使用mod_gnutls模块实现多个SSL站点配置(多个HTTPS协议的虚拟主机)
- Apache mod_rewrite实现HTTP和HTTPS重定向跳转
- 浅析Android系统中HTTPS通信的实现
- 在服务器上配置仅使用HTTPS通信的教程
- php curl 获取https请求的2种方法
- php使用curl获取https请求的方法
- 在 Django/Flask 开发服务器上使用 HTTPS
- python利用hook技术破解https的实例代码