CXF带SSL支持的客户端示例
WebService接口定义
基于JAX-WS定义的接口:
|
1 2 3 4 5 6 7 8 9 10 11 12 |
@WebService public interface DataTransService { @WebMethod ( operationName = "sendXML" ) @WebResult ( name = "response" ) String sendXML( @WebParam ( name = "userName" ) String userName, @WebParam ( name = "password" ) String password, @WebParam ( name = "msg" ) String msg ); } |
SSL客户端示例
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
public void send(String username,String password,String xml) { String address = "https://127.0.0.1:5051/dataTransService"; JaxWsProxyFactoryBean proxyFactory = new JaxWsProxyFactoryBean(); proxyFactory.setServiceClass( DataTransService.class ); proxyFactory.setAddress( address ); DataTransService service = (DataTransService) proxyFactory.create(); org.apache.cxf.endpoint.Client client = ClientProxy.getClient( service ); HTTPConduit httpConduit = (HTTPConduit) client.getConduit(); TLSClientParameters tlsParams = initTLSClientParameters(); httpConduit.setTlsClientParameters( tlsParams ); service.sendXML( username, password,xml); } private TLSClientParameters initTLSClientParameters() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, UnrecoverableKeyException { TLSClientParameters tlsParams = new TLSClientParameters(); tlsParams.setDisableCNCheck( true ); CanaryConfig cfg = getCanaryConfig(); { KeyStore trustKeyStore = KeyStore.getInstance( cfg.getString( "https.trustManagers.keyStore.type" ) ); String trustKeyStorePassword = cfg.getString( "https.trustManagers.keyStore.password" ); String url = cfg.getString( "https.trustManagers.keyStore.url" ); File trustKeyStoreFile = CanaryHelper.urlToFile( url ); trustKeyStore.load( new FileInputStream( trustKeyStoreFile ), trustKeyStorePassword.toCharArray() ); TrustManagerFactory trustFactory = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm() ); trustFactory.init( trustKeyStore ); TrustManager[] tm = trustFactory.getTrustManagers(); tlsParams.setTrustManagers( tm ); } { KeyStore priKeyStore = KeyStore.getInstance( cfg.getString( "https.keyManagers.keyStore.type" ) ); String priKeyStorePassword = cfg.getString( "https.keyManagers.keyStore.password" ); String url = cfg.getString( "https.keyManagers.keyStore.url" ); File priKeyStoreFile = CanaryHelper.urlToFile( url ); priKeyStore.load( new FileInputStream( priKeyStoreFile ), priKeyStorePassword.toCharArray() ); KeyManagerFactory keyFactory = KeyManagerFactory.getInstance( KeyManagerFactory.getDefaultAlgorithm() ); keyFactory.init( priKeyStore, cfg.getString( "https.keyManagers.keyPassword" ).toCharArray() ); KeyManager[] km = keyFactory.getKeyManagers(); tlsParams.setKeyManagers( km ); } { FiltersType filter = new FiltersType(); filter.getInclude().add( ".*_EXPORT_.*" ); filter.getInclude().add( ".*_EXPORT1024_.*" ); filter.getInclude().add( ".*_WITH_DES_.*" ); filter.getInclude().add( ".*_WITH_NULL_.*" ); filter.getExclude().add( ".*_DH_anon_.*" ); tlsParams.setCipherSuitesFilter( filter ); } return tlsParams; } |
Leave a Reply