java 将 javax.xml.ws.Endpoint 与 HTTPS 结合使用
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4621313/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Using javax.xml.ws.Endpoint with HTTPS
提问by marekventur
I'm working on a project to control light and heating in buildings. The backend (written in Java) will run on a Mac Mini and should be accessible via SOAP.
我正在开展一个项目来控制建筑物中的光和热。后端(用 Java 编写)将在 Mac Mini 上运行,应该可以通过 SOAP 访问。
I want to keep the complexity of this project to a minimum because I don't want everyone using it having to set up an application server. So up till now I worked with javax.xml.ws.Endpoint:
我想将这个项目的复杂性降到最低,因为我不希望每个使用它的人都必须设置一个应用程序服务器。所以到目前为止,我一直在使用 javax.xml.ws.Endpoint:
Endpoint endpoint = Endpoint.create(frontendInterface);
String uri = "http://"+config.getHost()+":"+config.getPort()+config.getPath();
endpoint.publish(uri);
This works surprisingly well (hey, when did you last see something in Java working with just 3 lines of code?), but now I'm looking for a way to use HTTPS instead of HTTP.
这非常有效(嘿,您上次看到 Java 中的某些东西只用 3 行代码工作是什么时候?),但现在我正在寻找一种使用 HTTPS 而不是 HTTP 的方法。
Is there a way to do this without using an application server or is there another way to secure this connection?
有没有办法在不使用应用程序服务器的情况下做到这一点,或者有没有另一种方法来保护这个连接?
Greetings, Marek
问候,马雷克
回答by BeN
For server:
对于服务器:
SSLContext ssl = SSLContext.getInstance("TLS");
KeyManagerFactory keyFactory = KeyManagerFactory .getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore store = KeyStore.getInstance("JKS");
store.load(new FileInputStream(keystoreFile),keyPass.toCharArray());
keyFactory.init(store, keyPass.toCharArray());
TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustFactory.init(store);
ssl.init(keyFactory.getKeyManagers(),
trustFactory.getTrustManagers(), new SecureRandom());
HttpsConfigurator configurator = new HttpsConfigurator(ssl);
HttpsServer httpsServer = HttpsServer.create(new InetSocketAddress(hostname, port), port);
httpsServer.setHttpsConfigurator(configurator);
HttpContext httpContext = httpsServer.createContext(uri);
httpsServer.start();
endpoint.publish(httpContext);
For client, be sure you do this:
对于客户,请确保您这样做:
System.setProperty("javax.net.ssl.trustStore", "path");
System.setProperty("javax.net.ssl.keyStore", "password");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
//done to prevent CN verification in client keystore
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
