SSL

最新推荐文章于 2025-08-17 13:10:12 发布

原创最新推荐文章于 2025-08-17 13:10:12 发布 · 473 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#ssl #exception #string #null #templates #url

Java Basic 专栏收录该内容

6 篇文章

订阅专栏

/*
* Created on Jul 30, 2009
*
* TODO To change the template for this generated file go to
* Window - Preferences - Java - Code Style - Code Templates
*/
package com.citigroup.ci.common.util;

import java.io.FileInputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.Principal;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.security.cert.X509Certificate;
/**
* @author sr94651
*
* TODO To change the template for this generated type comment go to
* Window - Preferences - Java - Code Style - Code Templates
*/
public class HttpsURLConnectionUtil implements HostnameVerifier {

    public boolean verify(String hostname, SSLSession session) {
      boolean verified = false;
     try{
       System.out.println(" HttpsURLConnectionUtil | verify | hostname="+hostname);
       X509Certificate[] xcert = session.getPeerCertificateChain();
       String subjectDN = ((Principal)xcert[0].getSubjectDN()).toString();
       System.out.println(" HttpsURLConnectionUtil | verify | subjectDN="+subjectDN);
       int j = subjectDN.indexOf("CN");
       int k = subjectDN.indexOf(",");
       String certHostName = subjectDN.substring(j+3,k);
       System.out.println(" HttpsURLConnectionUtil | verify | certHostName="+certHostName);
    if (hostname.equalsIgnoreCase(certHostName))
        verified = true;
       System.out.println(" HttpsURLConnectionUtil | verify | verified="+verified);
     }catch (Exception e) {
  e.printStackTrace();
  System.err.println("HttpsURLConnectionUtil | verify | GeneralException:"+e.getMessage());
     }
     return verified;
    }

    public HttpsURLConnection getHttpsURLConnection(URL url) {
   HttpsURLConnection httpsConn = null;
   try {
    KeyStore ts = KeyStore.getInstance("JKS");
    ts.load(new FileInputStream(CIConstants.PROPERTY_FILE_PATH+"TrustStore.jks"),CIConstants.DM_TRUSTSTORE_PWD.toCharArray());
    TrustManager[] tm;
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("IbmX509");
    tmf.init(ts);
    tm = tmf.getTrustManagers();

    SSLContext sslContext = SSLContext.getInstance("SSL");
    sslContext.init(null, tm, null);
    SSLSocketFactory sslSocketFactory = sslSocketFactory = sslContext.getSocketFactory();
    httpsConn = (HttpsURLConnection)url.openConnection();
    httpsConn.setSSLSocketFactory(sslSocketFactory);
   } catch (Exception e) {
     e.printStackTrace();
    System.err.println("HttpsURLConnectionUtil | getHttpsURLConnection | GeneralException:"+e.getMessage());
   }
   return httpsConn;
    }
}

*****************************************************************************

   if (endpointURL.substring(0,5).equalsIgnoreCase("https")) {
    URL url = new URL(reformBWEndPointUrl(endpointURL, "https"));
    HttpsURLConnectionUtil connUtil = new HttpsURLConnectionUtil();
    HttpsURLConnection conn = connUtil.getHttpsURLConnection(url);
    conn.setHostnameVerifier(connUtil);
    if (conn==null)
     throw new Exception("CIApplicationProxyServlet | processRequest | HttpsURLConnection is null");

    CILogger.printLog(CILogger.DEBUG,null, "CIApplicationProxyServlet | processRequest | HttpsURLConnection conn: "+conn,FRAMEWORK_LOGGER);
   conn.setRequestMethod("POST");
   conn.setAllowUserInteraction(false);
   conn.setDoOutput(true);

   for (Enumeration enu = request.getHeaderNames(); enu.hasMoreElements();) {
    String pName = (String) enu.nextElement();
    String pValu = request.getHeader(pName);
    if (!pName.toUpperCase().startsWith("HOST")) {
     conn.setRequestProperty(pName, pValu);

    } else {
     conn.setRequestProperty(pName, url.getHost() + ":"
       + url.getPort());
    }
   }

CILogger.printLog(CILogger.DEBUG,null, "CIApplicationProxyServlet | processRequest entered BW Start Request:"+System.currentTimeMillis(),FRAMEWORK_LOGGER);

   OutputStream rawOutStream = conn.getOutputStream();
   PrintStream pw = new PrintStream(rawOutStream,false,"UTF-8");
   pw.print(inputRequest);
   pw.flush();
   pw.close();

   InputStream rawInStream;
   try {
       rawInStream = conn.getInputStream();
   } catch(IOException e) {
       CILogger.printLog(CILogger.ERROR,null,"CIApplicationProxyServlet | processRequest BW IO Exception, code:"
               + conn.getResponseCode() + " message:" + conn.getResponseMessage(),FRAMEWORK_LOGGER);
       rawInStream = conn.getErrorStream();
   }

CILogger.printLog(CILogger.DEBUG,null, "CIApplicationProxyServlet | processRequest entered BW End:"+System.currentTimeMillis(),FRAMEWORK_LOGGER);

Reader rdrInputUTF = new InputStreamReader(rawInStream, "UTF-8");

   BufferedReader rdr = new BufferedReader(rdrInputUTF);
   String line = "";
   String sbOutPut = "";
   while ((line = rdr.readLine()) != null) {
    sbOutPut += line;
   }
   rdr.close();

   response.setStatus(conn.getResponseCode());
   response.setCharacterEncoding("UTF-8");
   response.setContentType(conn.getContentType());

   PrintStream out = new PrintStream(response.getOutputStream(),false,"UTF-8");
   out.print(sbOutPut.toString());
   CILogger.printLog(CILogger.DEBUG,null, "CIApplicationProxyServlet | processRequest entered sbOutPut length:"+sbOutPut.length(),FRAMEWORK_LOGGER);
   out.flush();
   out.close();
   sbOutPut = null;