JAVA请求HTTPS认证/PostMethod发送post请求忽略HTTPS证书验证

原创已于 2024-04-17 17:00:12 修改 · 3.2k 阅读

2 ·

CC 4.0 BY-SA版权

文章标签：

#java #https

于 2019-12-18 14:20:28 首次发布

Java Chronicles 专栏收录该内容

36 篇文章

订阅专栏

本文介绍了一种在Java中创建自定义SSL上下文的方法，通过实现X509TrustManager接口来信任所有证书，适用于HTTPS服务调用。该方法允许在不验证SSL证书的情况下建立HTTPS连接，对于开发测试环境或特定需求场景尤为有用。

package com.wis.mes.core.mq.protocol;

import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;

import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.io.IOException;
import java.net.*;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
/**
 * @Author CHENEY/陈荣根
 * @Date 2019/12/18
 * @Version 1.0
 * @Last Modified By : CHENEY
 * @Last Modified Time : 2019/12/18
 * @Description : CXF -> SOAP remote service
 * @Type https basic protocol
 * @Copyright All rights reserved.2019 WIS Software Co.*
 */
public class ProtocolSSLFactory implements ProtocolSocketFactory {
    private SSLContext sslcontext = null;

    private SSLContext createSSLContext() {
        SSLContext sslcontext = null;
        try {
            sslcontext = SSLContext.getInstance("SSL");
            sslcontext.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }
        return sslcontext;
    }

    private SSLContext getSSLContext() {
        if (this.sslcontext == null) {
            this.sslcontext = createSSLContext();
        }
        return this.sslcontext;
    }

    public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
            throws IOException, UnknownHostException {
        return getSSLContext().getSocketFactory().createSocket(
                socket,
                host,
                port,
                autoClose
        );
    }

    public Socket createSocket(String host, int port) throws IOException,
            UnknownHostException {
        return getSSLContext().getSocketFactory().createSocket(
                host,
                port
        );
    }


    public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort)
            throws IOException, UnknownHostException {
        return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort);
    }

    public Socket createSocket(String host, int port, InetAddress localAddress,
                               int localPort, HttpConnectionParams params) throws IOException,
            UnknownHostException, ConnectTimeoutException {
        if (params == null) {
            throw new IllegalArgumentException("Parameters may not be null");
        }
        int timeout = params.getConnectionTimeout();
        SocketFactory socketfactory = getSSLContext().getSocketFactory();
        if (timeout == 0) {
            return socketfactory.createSocket(host, port, localAddress, localPort);
        } else {
            Socket socket = socketfactory.createSocket();
            SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
            SocketAddress remoteaddr = new InetSocketAddress(host, port);
            socket.bind(localaddr);
            socket.connect(remoteaddr, timeout);
            return socket;
        }
    }

    /**
     * 自定义管理器实现
     */
    private static class TrustAnyTrustManager implements X509TrustManager {
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }

        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[]{};
        }
    }

}

校验规则：

HttpClient http = new HttpClient();
String url = "https://***";
Protocol myhttps = new Protocol("https", new MySSLProtocolSocketFactory(), 443); 
Protocol.registerProtocol("https", myhttps); 
PostMethod post = new PostMethod(url);

应用：

private String static BaseCoreContext.HTTPS_BASIC = "https";    
public static String SOAPHeaderRespStream(String SOAP_URL, String RXML, String userName,String pwd,int timeout) throws Exception {
        if (SOAP_URL.startsWith(BaseCoreContext.HTTPS_BASIC)) {
            Protocol _protocol = new Protocol(BaseCoreContext.HTTPS_BASIC, new ProtocolSSLFactory(), 443);
            Protocol.registerProtocol(BaseCoreContext.HTTPS_BASIC, _protocol);
        }
        HttpClient client = new HttpClient();
        PostMethod method = new PostMethod(SOAP_URL);
        if (timeout != 0) {
            HttpConnectionManagerParams connectionManager= client.getHttpConnectionManager().getParams();
            // 设置 Http 连接超时为timeout 毫秒
            connectionManager.setConnectionTimeout(timeout);
            // 设置读数据超时时间(单位毫秒)
            connectionManager.setSoTimeout(120000);
            // 设置get方法请求超时为 5 秒
            method.getParams().setParameter(HttpMethodParams.SO_TIMEOUT,timeout );
        }
        InputStream is = new ByteArrayInputStream(RXML.getBytes("UTF-8"));
        RequestEntity re = new InputStreamRequestEntity(is, "application/soap+xml; charset=utf-8");
        method.setRequestHeader("Content-Type", "text/xml;charset=utf-8");
        method.setRequestHeader("UserName", userName);
        method.setRequestHeader("Password", pwd);
        method.setRequestEntity(re);
        client.executeMethod(method);
        return method.getResponseBodyAsString();
    }