Java 使用 Jersey 客户端的 HTTPS
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2145431/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-13 04:06:13 来源:igfitidea点击:
HTTPS using Jersey Client
提问by Stormshadow
How do I send GET requests using the Jersey Client API to a server which runs on the HTTPS protocol. Is there any sample code that I can use ?
如何使用 Jersey 客户端 API 向运行在 HTTPS 协议上的服务器发送 GET 请求。有我可以使用的示例代码吗?
采纳答案by gmoore
Construct your client as such
像这样构建你的客户
HostnameVerifier hostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
ClientConfig config = new DefaultClientConfig();
SSLContext ctx = SSLContext.getInstance("SSL");
ctx.init(null, myTrustManager, null);
config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(hostnameVerifier, ctx));
Client client = Client.create(config);
Ripped from this blog post with more details: http://blogs.oracle.com/enterprisetechtips/entry/consuming_restful_web_services_with
从这篇博客文章中摘录了更多详细信息:http: //blogs.oracle.com/enterprisetechtips/entry/sumption_restful_web_services_with
For information on setting up your certs, see this nicely answered SO question: Using HTTPS with REST in Java
有关设置证书的信息,请参阅这个很好回答的 SO 问题:在 Java 中使用 HTTPS 和 REST
回答by shahshi15
Waking up a dead question here but the answers provided will not work with jdk 7 (I read somewhere that a bug is open for this for Oracle Engineers but not fixed yet). Along with the link that @Ryan provided, you will have to also add :
在这里唤醒一个死问题,但提供的答案不适用于 jdk 7(我在某处读到 Oracle 工程师为此打开了一个错误,但尚未修复)。除了@Ryan 提供的链接外,您还必须添加:
System.setProperty("jsse.enableSNIExtension", "false");
System.setProperty("jsse.enableSNIExtension", "false");
(Courtesy to many stackoverflow answers combined together to figure this out)
(由许多 stackoverflow 的答案组合在一起来解决这个问题)
The complete code will look as follows which worked for me (without setting the system property the Client Config did not work for me):
完整的代码如下所示,对我有用(没有设置系统属性,客户端配置对我不起作用):
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.config.ClientConfig;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import com.sun.jersey.client.urlconnection.HTTPSProperties;
public class ClientHelper
{
public static ClientConfig configureClient()
{
System.setProperty("jsse.enableSNIExtension", "false");
TrustManager[] certs = new TrustManager[]
{
new X509TrustManager()
{
@Override
public X509Certificate[] getAcceptedIssuers()
{
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException
{
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException
{
}
}
};
SSLContext ctx = null;
try
{
ctx = SSLContext.getInstance("SSL");
ctx.init(null, certs, new SecureRandom());
}
catch (java.security.GeneralSecurityException ex)
{
}
HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
ClientConfig config = new DefaultClientConfig();
try
{
config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(
new HostnameVerifier()
{
@Override
public boolean verify(String hostname, SSLSession session)
{
return true;
}
},
ctx));
}
catch (Exception e)
{
}
return config;
}
public static Client createClient()
{
return Client.create(ClientHelper.configureClient());
}
回答by Aleksandr Panzin
For Jersey 2 you'd need to modify the code:
对于 Jersey 2,您需要修改代码:
return ClientBuilder.newBuilder()
.withConfig(config)
.hostnameVerifier(new TrustAllHostNameVerifier())
.sslContext(ctx)
.build();
https://gist.github.com/JAlexoid/b15dba31e5919586ae51http://www.panz.in/2015/06/jersey2https.html
https://gist.github.com/JAlexoid/b15dba31e5919586ae51 http://www.panz.in/2015/06/jersey2https.html
回答by vaquar khan
HTTPS using Jersey client has two different version if you are using java 6 ,7 and 8 then
如果您使用的是 java 6 ,7 和 8,则使用 Jersey 客户端的 HTTPS 有两个不同的版本
SSLContext sc = SSLContext.getInstance("SSL");
If using java 8 then
如果使用 java 8 那么
SSLContext sc = SSLContext.getInstance("TLSv1");
System.setProperty("https.protocols", "TLSv1");
Please find working code
请找到工作代码
POM
聚甲醛
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>WebserviceJersey2Spring</groupId>
<artifactId>WebserviceJersey2Spring</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>war</packaging>
<properties>
<jersey.version>2.16</jersey.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<repositories>
<repository>
<id>maven2-repository.java.net</id>
<name>Java.net Repository for Maven</name>
<url>http://download.java.net/maven/2/</url>
</repository>
</repositories>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.glassfish.jersey</groupId>
<artifactId>jersey-bom</artifactId>
<version>${jersey.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<!-- Jersey -->
<dependency>
<groupId>org.glassfish.jersey.containers</groupId>
<artifactId>jersey-container-servlet-core</artifactId>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-moxy</artifactId>
</dependency>
<!-- Spring 3 dependencies -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>3.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.core</groupId>
<artifactId>jersey-client</artifactId>
</dependency>
<!-- Jersey + Spring -->
<dependency>
<groupId>org.glassfish.jersey.ext</groupId>
<artifactId>jersey-spring3</artifactId>
<exclusions>
<exclusion>
<artifactId>spring-context</artifactId>
<groupId>org.springframework</groupId>
</exclusion>
<exclusion>
<artifactId>spring-beans</artifactId>
<groupId>org.springframework</groupId>
</exclusion>
<exclusion>
<artifactId>spring-core</artifactId>
<groupId>org.springframework</groupId>
</exclusion>
<exclusion>
<artifactId>spring-web</artifactId>
<groupId>org.springframework</groupId>
</exclusion>
<exclusion>
<artifactId>jersey-server</artifactId>
<groupId>org.glassfish.jersey.core</groupId>
</exclusion>
<exclusion>
<artifactId>
jersey-container-servlet-core
</artifactId>
<groupId>org.glassfish.jersey.containers</groupId>
</exclusion>
<exclusion>
<artifactId>hk2</artifactId>
<groupId>org.glassfish.hk2</groupId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<sourceDirectory>src</sourceDirectory>
<plugins>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.1</version>
<configuration>
<source>1.7</source>
<target>1.7</target>
</configuration>
</plugin>
<plugin>
<artifactId>maven-war-plugin</artifactId>
<version>2.3</version>
<configuration>
<warSourceDirectory>WebContent</warSourceDirectory>
<failOnMissingWebXml>false</failOnMissingWebXml>
</configuration>
</plugin>
</plugins>
</build>
</project>
JAVA CLASS
爪哇类
package com.example.client;
import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature;
import org.springframework.http.HttpStatus;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Response;
public class JerseyClientGet {
public static void main(String[] args) {
String username = "username";
String password = "p@ssword";
String input = "{\"userId\":\"12345\",\"name \":\"Viquar\",\"surname\":\"Khan\",\"Email\":\"[email protected]\"}";
try {
//SSLContext sc = SSLContext.getInstance("SSL");//Java 6
SSLContext sc = SSLContext.getInstance("TLSv1");//Java 8
System.setProperty("https.protocols", "TLSv1");//Java 8
TrustManager[] trustAllCerts = { new InsecureTrustManager() };
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HostnameVerifier allHostsValid = new InsecureHostnameVerifier();
Client client = ClientBuilder.newBuilder().sslContext(sc).hostnameVerifier(allHostsValid).build();
HttpAuthenticationFeature feature = HttpAuthenticationFeature.universalBuilder()
.credentialsForBasic(username, password).credentials(username, password).build();
client.register(feature);
//PUT request, if need uncomment it
//final Response response = client
//.target("https://localhost:7002/VaquarKhanWeb/employee/api/v1/informations")
//.request().put(Entity.entity(input, MediaType.APPLICATION_JSON), Response.class);
//GET Request
final Response response = client
.target("https://localhost:7002/VaquarKhanWeb/employee/api/v1/informations")
.request().get();
if (response.getStatus() != HttpStatus.OK.value()) { throw new RuntimeException("Failed : HTTP error code : "
+ response.getStatus()); }
String output = response.readEntity(String.class);
System.out.println("Output from Server .... \n");
System.out.println(output);
client.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
HELPER CLASS
助手类
package com.example.client;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
public class InsecureHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
Helper class
帮手类
package com.example.client;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509TrustManager;
public class InsecureTrustManager implements X509TrustManager {
/**
* {@inheritDoc}
*/
@Override
public void checkClientTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
// Everyone is trusted!
}
/**
* {@inheritDoc}
*/
@Override
public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
// Everyone is trusted!
}
/**
* {@inheritDoc}
*/
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
Once you start running application will get Certificate error ,download certificate from browser and add into
一旦你开始运行应用程序会得到证书错误,从浏览器下载证书并添加到
C:\java-8\jdk1_8_0\jre\lib\security
Add into cacerts , you will get details in following links.
添加到 cacerts ,您将在以下链接中获得详细信息。
Few useful link to understand error
几个有用的链接来理解错误
http://www.9threes.com/2015/01/restful-java-client-with-jersey-client.html
http://magicmonster.com/kb/prg/java/ssl/pkix_path_building_failed.html
http://www.9threes.com/2015/01/restful-java-client-with-jersey-client.html
Java:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效认证路径
http://magicmonster.com/kb/prg/java/ssl/pkix_path_building_failed.html
导入证书后 Java Keytool 错误,“keytool 错误:java.io.FileNotFoundException & Access Denied”
I have tested following code for get and post method with SSL and basic Authentication here you can skip SSL Certificate , you can directly copy three class and add jar into java project and run.
我已经测试了以下带有 SSL 和基本身份验证的 get 和 post 方法的代码,您可以跳过 SSL Certificate ,您可以直接复制三个类并将 jar 添加到 java 项目中并运行。
package com.rest.client;
import java.io.IOException;
import java.net.*;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.Response;
import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature;
import org.glassfish.jersey.filter.LoggingFilter;
import com.rest.dto.EarUnearmarkCollateralInput;
public class RestClientTest {
/**
* @param args
*/
public static void main(String[] args) {
try {
//
sslRestClientGETReport();
//
sslRestClientPostEarmark();
//
sslRestClientGETRankColl();
//
} catch (KeyManagementException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (NoSuchAlgorithmException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
}
//
private static WebTarget target = null;
private static String userName = "username";
private static String passWord = "password";
//
public static void sslRestClientGETReport() throws KeyManagementException, IOException, NoSuchAlgorithmException {
//
//
SSLContext sc = SSLContext.getInstance("SSL");
TrustManager[] trustAllCerts = { new InsecureTrustManager() };
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HostnameVerifier allHostsValid = new InsecureHostnameVerifier();
//
Client c = ClientBuilder.newBuilder().sslContext(sc).hostnameVerifier(allHostsValid).build();
//
String baseUrl = "https://localhost:7002/VaquarKhanWeb/employee/api/v1/informations/report";
c.register(HttpAuthenticationFeature.basic(userName, passWord));
target = c.target(baseUrl);
target.register(new LoggingFilter());
String responseMsg = target.request().get(String.class);
System.out.println("-------------------------------------------------------");
System.out.println(responseMsg);
System.out.println("-------------------------------------------------------");
//
}
public static void sslRestClientGET() throws KeyManagementException, IOException, NoSuchAlgorithmException {
//Query param Search={JSON}
//
SSLContext sc = SSLContext.getInstance("SSL");
TrustManager[] trustAllCerts = { new InsecureTrustManager() };
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HostnameVerifier allHostsValid = new InsecureHostnameVerifier();
//
Client c = ClientBuilder.newBuilder().sslContext(sc).hostnameVerifier(allHostsValid).build();
//
String baseUrl = "https://localhost:7002/VaquarKhanWeb";
//
c.register(HttpAuthenticationFeature.basic(userName, passWord));
target = c.target(baseUrl);
target = target.path("employee/api/v1/informations/employee/data").queryParam("search","%7B\"name\":\"vaquar\",\"surname\":\"khan\",\"age\":\"30\",\"type\":\"admin\""%7D");
target.register(new LoggingFilter());
String responseMsg = target.request().get(String.class);
System.out.println("-------------------------------------------------------");
System.out.println(responseMsg);
System.out.println("-------------------------------------------------------");
//
}
//TOD need to fix
public static void sslRestClientPost() throws KeyManagementException, IOException, NoSuchAlgorithmException {
//
//
Employee employee = new Employee("vaquar", "khan", "30", "E");
//
SSLContext sc = SSLContext.getInstance("SSL");
TrustManager[] trustAllCerts = { new InsecureTrustManager() };
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HostnameVerifier allHostsValid = new InsecureHostnameVerifier();
//
Client c = ClientBuilder.newBuilder().sslContext(sc).hostnameVerifier(allHostsValid).build();
//
String baseUrl = "https://localhost:7002/VaquarKhanWeb/employee/api/v1/informations/employee";
c.register(HttpAuthenticationFeature.basic(userName, passWord));
target = c.target(baseUrl);
target.register(new LoggingFilter());
//
Response response = target.request().put(Entity.json(employee));
String output = response.readEntity(String.class);
//
System.out.println("-------------------------------------------------------");
System.out.println(output);
System.out.println("-------------------------------------------------------");
}
}
Jars
罐子
repository/javax/ws/rs/javax.ws.rs-api/2.0/javax.ws.rs-api-2.0.jar"
repository/org/glassfish/jersey/core/jersey-client/2.6/jersey-client-2.6.jar"
repository/org/glassfish/jersey/core/jersey-common/2.6/jersey-common-2.6.jar"
repository/org/glassfish/hk2/hk2-api/2.2.0/hk2-api-2.2.0.jar"
repository/org/glassfish/jersey/bundles/repackaged/jersey-guava/2.6/jersey-guava-2.6.jar"
repository/org/glassfish/hk2/hk2-locator/2.2.0/hk2-locator-2.2.0.jar"
repository/org/glassfish/hk2/hk2-utils/2.2.0/hk2-utils-2.2.0.jar"
repository/org/javassist/javassist/3.15.0-GA/javassist-3.15.0-GA.jar"
repository/org/glassfish/hk2/external/javax.inject/2.2.0/javax.inject-2.2.0.jar"
repository/javax/annotation/javax.annotation-api/1.2/javax.annotation-api-1.2.jar"
genson-1.3.jar"
回答by Neo
If you are using Java 8, a shorter version for Jersey2 than the answer provided by Aleksandr.
如果您使用的是 Java 8,Jersey2 的版本比 Aleksandr 提供的答案更短。
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("SSL");
// Create a new X509TrustManager
sslContext.init(null, getTrustManager(), null);
} catch (NoSuchAlgorithmException | KeyManagementException e) {
throw e;
}
final Client client = ClientBuilder.newBuilder().hostnameVerifier((s, session) -> true)
.sslContext(sslContext).build();
return client;
private TrustManager[] getTrustManager() {
return new TrustManager[] {
new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
}
}
};
}
