【发布时间】:2014-03-21 21:29:17
【问题描述】:
我有一个包含 Web 服务和 Web 服务客户端的项目。我想在不影响 Web 服务的情况下配置 Web 服务客户端。我该怎么做?
我想配置这个客户端,以便它可以设置这些值:https://cwiki.apache.org/confluence/display/CXF20DOC/TLS+Configuration
【问题讨论】:
标签: java spring web-services cxf
【发布时间】:2014-03-21 21:29:17
【问题描述】:
是的,spring config 完全是可选的,最后主要翻译成“java 类和配置”。通常CXF docs 提供弹簧和编程配置,在你的情况下,有这个特殊的段落应该给你一个起点:
请参阅this blog 条目,了解 HTTPConduit TLS 属性如何 可以通过代码设置
由于通常不鼓励仅使用 URL 的答案,因此我将“发送垃圾邮件”此答案,将整个客户端代码复制粘贴给任何可能需要它的人:
public class Client {
private static void configureSSLOnTheClient(Object c) {
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(c);
HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
try {
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setDisableCNCheck(true);
KeyStore keyStore = KeyStore.getInstance("JKS");
String trustpass = "password";
File truststore = new File("certs\\truststore.jks");
keyStore.load(new FileInputStream(truststore), trustpass.toCharArray());
TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustFactory.init(keyStore);
TrustManager[] tm = trustFactory.getTrustManagers();
tlsParams.setTrustManagers(tm);
truststore = new File("certs\\wibble.jks");
keyStore.load(new FileInputStream(truststore), trustpass.toCharArray());
KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyFactory.init(keyStore, trustpass.toCharArray());
KeyManager[] km = keyFactory.getKeyManagers();
tlsParams.setKeyManagers(km);
FiltersType filter = new FiltersType();
filter.getInclude().add(".*_EXPORT_.*");
filter.getInclude().add(".*_EXPORT1024_.*");
filter.getInclude().add(".*_WITH_DES_.*");
filter.getInclude().add(".*_WITH_NULL_.*");
filter.getExclude().add(".*_DH_anon_.*");
tlsParams.setCipherSuitesFilter(filter);
httpConduit.setTlsClientParameters(tlsParams);
} catch (KeyStoreException kse) {
System.out.println("Security configuration failed with the following: " + kse.getCause());
} catch (NoSuchAlgorithmException nsa) {
System.out.println("Security configuration failed with the following: " + nsa.getCause());
} catch (FileNotFoundException fnfe) {
System.out.println("Security configuration failed with the following: " + fnfe.getCause());
} catch (UnrecoverableKeyException uke) {
System.out.println("Security configuration failed with the following: " + uke.getCause());
} catch (CertificateException ce) {
System.out.println("Security configuration failed with the following: " + ce.getCause());
} catch (GeneralSecurityException gse) {
System.out.println("Security configuration failed with the following: " + gse.getCause());
} catch (IOException ioe) {
System.out.println("Security configuration failed with the following: " + ioe.getCause());
}
}
public static void main(String args[]) {
System.out.println("The client's security configuration will be done programatically.");
System.out.println();
String address = "https://localhost:9001/SoapContext/SoapPort";
JaxWsProxyFactoryBean proxyFactory = new JaxWsProxyFactoryBean();
proxyFactory.setServiceClass(Greeter.class);
proxyFactory.setAddress(address);
Greeter client = (Greeter) proxyFactory.create();
configureSSLOnTheClient(client);
System.out.println("Invoking greetMe...");
try {
String resp = client.greetMe(System.getProperty("user.name"));
System.out.println("Server responded with: " + resp);
System.out.println();
} catch (Exception e) {
System.out.println("Invocation failed with the following: " + e.getCause());
System.out.println();
}
}
}
【讨论】:
-
问题是我的代码处于战争状态并且没有
main。我的代码是javax.xml.ws.Service,客户端调用是通过从中获取端口来进行的。该端口是this 的一个实例。我不确定如何摆脱Client -
其实我可以说
ClientProxy.getClient(port)。我会让你知道它是如何工作的 -
干杯伙伴,很高兴我能帮上忙