【问题标题】:SSLHandshakeException talking to a https Web service using Spring WebServiceTemplateSSLHandshakeException 使用 Spring WebServiceTemplate 与 https Web 服务交谈
【发布时间】:2014-01-09 19:59:11
【问题描述】:

我在与 https 网络服务通信时遇到以下错误。

org.springframework.ws.client.WebServiceIOException: I/O error:   
sun.security.validator.ValidatorException: PKIX path building failed:  
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid 
certification path to requested target; nested exception is 
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX  
path 
building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to 
find valid certification path to requested target

我正在使用 spring 的 WebServiceTemplate,下面是我的 xml 配置

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"     
xmlns:p="http://www.springframework.org/schema/p"
xmlns:sws="http://www.springframework.org/schema/web-services"
xmlns:oxm="http://www.springframework.org/schema/oxm"
xsi:schemaLocation="http://www.springframework.org/schema/beans 
       http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
        http://www.springframework.org/schema/web-services
       http://www.springframework.org/schema/web-services/web-services-2.0.xsd
       http://www.springframework.org/schema/oxm 
       http://www.springframework.org/schema/oxm/spring-oxm-1.5.xsd">

<bean id="webServiceTemplate"
class="org.springframework.ws.client.core.WebServiceTemplate"
p:marshaller-ref="jaxbMarshaller" 
p:unmarshaller-ref="jaxbMarshaller"
p:defaultUri="https://XXXXXXXXXXXXXXXX"
p:messageSender-ref="messageSender">
<constructor-arg ref="messageFactory" />
</bean>

<bean id="messageSender"
class="org.springframework.ws.transport.http.CommonsHttpMessageSender" />

 <!-- <bean id="messageSender"
class="org.springframework.ws.transport.http.HttpsUrlConnectionMessageSender" /> -->

<bean id="messageFactory"
class="org.springframework.ws.soap.saaj.SaajSoapMessageFactory" />

<bean id="jaxbMarshaller" class="org.springframework.oxm.jaxb.Jaxb2Marshaller"
p:contextPath="com.test.schemas" />

</beans>

我可以通过soapui 访问该服务,但不能通过我编写的示例Java 代码访问该服务。有人可以指出为什么会发生这种情况以及如何解决这个问题吗?我们是否应该从第 3 方 wsdl 人员那里收到一些安全证书?

【问题讨论】:

  • 更新 - 我尝试获取服务器的证书(在本文之后 - mkyong.com/webservices/jax-ws/…)并将其添加到我的 jdk 信任库,但我现在收到以下错误 - org.springframework.ws.client。 WebServiceTransportException:前提条件失败 [412]

标签: spring web-services ssl https webservicetemplate


【解决方案1】:

根据文档 CommonsHttpMessageSender 已弃用,取而代之的是 HttpComponentsMessageSender。

请配置 HttpComponentsMessageSender 的 httpClient 属性: http://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/transport/http/HttpComponentsMessageSender.html#setHttpClient%28org.apache.http.client.HttpClient%29

请参阅我的另一篇文章,了解如何配置 httpClient bean 以解决自签名证书问题。 sending https post request with post data using spring web

无需将密钥导入密钥库。

【讨论】:

  • 见上面的xml——想法是注入httpClient:
【解决方案2】:

检查这是否有效:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"     
xmlns:p="http://www.springframework.org/schema/p"
xmlns:sws="http://www.springframework.org/schema/web-services"
xmlns:oxm="http://www.springframework.org/schema/oxm"
xsi:schemaLocation="http://www.springframework.org/schema/beans 
       http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
        http://www.springframework.org/schema/web-services
       http://www.springframework.org/schema/web-services/web-services-2.0.xsd
       http://www.springframework.org/schema/oxm 
       http://www.springframework.org/schema/oxm/spring-oxm-1.5.xsd">


<!-- HTTPS connection to trust self signed certificates -->
<bean id="sslSocketFactory" class="org.apache.http.conn.ssl.SSLSocketFactory">
    <constructor-arg name="trustStrategy">
        <bean class="org.apache.http.conn.ssl.TrustSelfSignedStrategy" />
    </constructor-arg>
    <constructor-arg name="hostnameVerifier">
        <bean class="org.apache.http.conn.ssl.AllowAllHostnameVerifier" />
    </constructor-arg>
</bean>

<bean id="httpsSchemaRegistry" class="org.apache.http.conn.scheme.SchemeRegistry">
    <property name="items">
        <map>
            <entry key="https">
                <bean class="org.apache.http.conn.scheme.Scheme">

                    <constructor-arg value="https" />
                    <constructor-arg value="443" />
                    <constructor-arg ref="sslSocketFactory" />
                </bean>
            </entry>
        </map>
    </property>
</bean>
<bean id="httpClient" class="org.apache.http.impl.client.DefaultHttpClient">
    <constructor-arg>
        <bean class="org.apache.http.impl.conn.PoolingClientConnectionManager">
            <constructor-arg ref="httpsSchemaRegistry" />
        </bean>
    </constructor-arg>
</bean>

<!-- <bean id="apacheHttpsRequestFactory"
    class="org.springframework.http.client.HttpComponentsClientHttpRequestFactory">
    <constructor-arg ref="httpClient" />
-->
<bean id="webServiceTemplate"
class="org.springframework.ws.client.core.WebServiceTemplate"
p:marshaller-ref="jaxbMarshaller" 
p:unmarshaller-ref="jaxbMarshaller"
p:defaultUri="https://XXXXXXXXXXXXXXXX"
p:messageSender-ref="messageSender">
<constructor-arg ref="messageFactory" />
</bean>

<bean id="messageSender"
class="org.springframework.ws.transport.http.HttpComponentsMessageSender"
p:httpClient="httpClient" />


<bean id="messageFactory"
class="org.springframework.ws.soap.saaj.SaajSoapMessageFactory" />

<bean id="jaxbMarshaller" class="org.springframework.oxm.jaxb.Jaxb2Marshaller"
p:contextPath="com.test.schemas" />


</beans>

【讨论】:

    猜你喜欢
    • 2011-11-08
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2017-07-08
    • 2020-01-17
    相关资源
    最近更新 更多