Fatal编程技术网
  • spring/
  • 在Spring中将SSL和超时设置为WS-call(HttpsUrlConnectionMessageSender,HttpsUrlConnectionMessageSender)

在Spring中将SSL和超时设置为WS-call(HttpsUrlConnectionMessageSender,HttpsUrlConnectionMessageSender)

spring web-services spring-boot

在Spring中将SSL和超时设置为WS-call(HttpsUrlConnectionMessageSender,HttpsUrlConnectionMessageSender),spring,web-services,spring-boot,apache-httpcomponents,httpsurlconnection,Spring,Web Services,Spring Boot,Apache Httpcomponents,Httpsurlconnection,我正在尝试为WS-call设置超时和SSL https: 注:无需将此标记为重复,唯一类似的问题从未得到回答 我尝试添加对自签名HTTPS证书的支持,但它确实支持超时。 当我切换到支持超时连接和读取超时的服务器时,它确实支持SSL。 我想在调用WS时将超时和ssl组合到: webServiceTemplate.setDefaultUri(uri); response = webServiceTemplate.marshalSendAndReceive(inputs, new So

我正在尝试为WS-call设置超时和SSL https:

注:无需将此标记为重复,唯一类似的问题从未得到回答

我尝试添加对自签名HTTPS证书的支持,但它确实支持超时。 当我切换到支持超时连接和读取超时的服务器时,它确实支持SSL。 我想在调用WS时将超时和ssl组合到:

    webServiceTemplate.setDefaultUri(uri);
    response = webServiceTemplate.marshalSendAndReceive(inputs, new SoapHandler(createCredentials(), soapAction));
最后,我使用了它。这是我的密码:

HttpComponentsMessageSender messageSender = new HttpComponentsMessageSender();
HttpClient httpClient = HttpClientFactory.getHttpsClient(sslUtils, timeout);
messageSender.setHttpClient(httpClient);
webServiceTemplate.setMessageSender(messageSender);
我还创建了一个新的工厂类HttpClientFactory,用于设置SSL和超时:

import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;

import org.apache.http.HttpException;
import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.protocol.HTTP;
import org.apache.http.protocol.HttpContext;

public class HttpClientFactory {

    private static CloseableHttpClient client;

    private HttpClientFactory() {
    }

    public static HttpClient getHttpsClient(SslUtils sslUtils, int timeout) throws Exception {

        if (client != null) {
            return client;
        }

        SSLContext sslcontext = getSSLContext(sslUtils);
        SSLConnectionSocketFactory factory = new SSLConnectionSocketFactory(sslcontext, new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        });
        HttpClientBuilder httpClientBuilder = HttpClients.custom();
        httpClientBuilder.addInterceptorFirst(new ContentLengthHeaderRemover());
        RequestConfig config = RequestConfig.custom()
                                    .setConnectTimeout(timeout)
                                    .setConnectionRequestTimeout(timeout)
                                    .setSocketTimeout(timeout)
                                    .build();

        return httpClientBuilder.setSSLSocketFactory(factory)
                    .setDefaultRequestConfig(config)
                    .build();
    }

    private static class ContentLengthHeaderRemover implements HttpRequestInterceptor {
        @Override
        public void process(HttpRequest request, HttpContext context) throws HttpException, IOException {
            request.removeHeaders(HTTP.CONTENT_LEN);
        }
    }

    public static void releaseInstance() {
        client = null;
    }

    private static SSLContext getSSLContext(SslUtils sslUtils) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException {

        KeyStore ks = KeyStore.getInstance("JKS");
        ks.load(sslUtils.getKeystore().getInputStream(), sslUtils.getKeyPwd().toCharArray());
        sslUtils.getKeystore().getInputStream().close();

        KeyStore ts = KeyStore.getInstance("JKS");
        ts.load(sslUtils.getTrustStore().getInputStream(), sslUtils.getTrustPwd().toCharArray());
        sslUtils.getTrustStore().getInputStream().close();

        SSLContextBuilder sslContextBuilder = SSLContexts.custom();
        try {
            sslContextBuilder = SSLContexts.custom().loadKeyMaterial(ks, ssl.getKeyPwd().toCharArray());
        } catch (UnrecoverableKeyException e) {
            e.printStack();
        }
        sslContextBuilder.loadTrustMaterial(ts, new TrustSelfSignedStrategy());
        return sslContextBuilder.build();
    }
}
关于信息,SslUtils只是一个bean类,它保存密钥库和信任库信息:

public class SslUtils {

    private Resource keystore;
    private String keyPwd;
    private Resource trustStore;
    private String trustPwd;

    // Getters and Setters
}
这对我很有用,让我同时使用SSL和超时。我希望这能帮助其他人。

谢谢兄弟!你帮我省去了很多痛苦: