Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/328.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
openid4java YadisException对等未验证错误_Java_Wso2_Openid_Wso2is_Openid4java - Fatal编程技术网
Fatal编程技术网
  • java/
  • openid4java YadisException对等未验证错误

openid4java YadisException对等未验证错误

java wso2 openid

openid4java YadisException对等未验证错误,java,wso2,openid,wso2is,openid4java,Java,Wso2,Openid,Wso2is,Openid4java,我正在编写一个Java JSP代码,使用openid对WSO2 IS服务器进行身份验证。我从de developer获得了示例代码,因此得到以下内容: <% ConsumerManager manager = new ConsumerManager (); String _returnURL = "https://192.168.15.48:9443/ficlient/secret.jsp"; List discoveries = manag

我正在编写一个Java JSP代码,使用openid对WSO2 IS服务器进行身份验证。我从de developer获得了示例代码,因此得到以下内容:

<%
        ConsumerManager manager = new ConsumerManager ();
        String _returnURL = "https://192.168.15.48:9443/ficlient/secret.jsp";
        List discoveries = manager.discover("https://myserverIP/openid");
        DiscoveryInformation discovered = manager.associate(discoveries);
        session.setAttribute("discovered", discovered);
        AuthRequest authReq = manager.authenticate(discovered, _returnURL);
        nextlink = authReq.getDestinationUrl(true);
%>
       <a href="<%out.println(nextlink);%>">Secret data</a>
我理解这是由于为https通信颁发了无效的ssl证书,并尝试在互联网上包含以下内容,以避免验证:

<% 
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[]{
   new X509TrustManager() {
      public java.security.cert.X509Certificate[] getAcceptedIssuers() {
         return null;
      }

      public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) {}

      public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) {}
   }
};

HostnameVerifier allHostsValid = new HostnameVerifier() {
   public boolean verify(String hostname, SSLSession session) {
      return true;
   }
};

try {
   SSLContext sc = SSLContext.getInstance("SSL");
   sc.init(null, trustAllCerts, new java.security.SecureRandom());
   HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
   HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
} catch (Exception e) {}
%>
但它仍然不起作用。我错过了什么?

我最终通过使用Oltu库进行身份验证解决了这个问题

<% 
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[]{
   new X509TrustManager() {
      public java.security.cert.X509Certificate[] getAcceptedIssuers() {
         return null;
      }

      public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) {}

      public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) {}
   }
};

HostnameVerifier allHostsValid = new HostnameVerifier() {
   public boolean verify(String hostname, SSLSession session) {
      return true;
   }
};

try {
   SSLContext sc = SSLContext.getInstance("SSL");
   sc.init(null, trustAllCerts, new java.security.SecureRandom());
   HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
   HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
} catch (Exception e) {}
%>