web service https client example

Java Web服务安全配置与实现

最新推荐文章于 2025-06-19 21:44:57 发布

原创最新推荐文章于 2025-06-19 21:44:57 发布 · 91 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#webservice #cxf #client

Java 专栏收录该内容

85 篇文章

订阅专栏

本文详细介绍了Java Web服务中使用JAX-WS进行安全配置的方法，包括使用TLS进行安全连接，设置SSL协议，禁用CN检查，以及导入信任证书以确保服务的安全性和可靠性。


import java.io.InputStream;
import java.security.KeyStore;
import java.util.Arrays;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Since Jdk1.5, enumeration is the best way to implement an anti-attack
 * singleton instance.
 * 
 */
public enum WsPort {
    Instance;
    private static Logger log = LoggerFactory.getLogger(WsPort.class);

    @SuppressWarnings("unchecked")
    public <E> E getSSLPort(Class<E> wsImplementationClass, String trustStoreFiltePath, String trustStorePassWord, String wsURLAdress) {
	E port = null;
	try {
	    if (port == null) {
		JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
		factory.setServiceClass(wsImplementationClass);
		factory.setAddress(RwaCfgUtil.getInstance().getRwaWebServiceProperty(wsURLAdress));
		port = (E) factory.create();
		Client proxy = ClientProxy.getClient(port);
		HTTPConduit conduit = (HTTPConduit) proxy.getConduit();
		HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
		httpClientPolicy.setConnectionTimeout(6000000);
		httpClientPolicy.setReceiveTimeout(6000000);
		conduit.setClient(httpClientPolicy);
		TLSClientParameters tlsParams = conduit.getTlsClientParameters();
		if (tlsParams == null) {
		    tlsParams = new TLSClientParameters();
		}
		tlsParams.setSecureSocketProtocol("SSL");
		tlsParams.setDisableCNCheck(true);
		tlsParams.setTrustManagers(getTrustManagers(trustStoreFiltePath, trustStorePassWord));
		conduit.setTlsClientParameters(tlsParams);
	    }
	} catch (Exception e) {
	    log.error("Init port failed!" + Arrays.toString(e.getStackTrace()));
	}
	return port;
    }

    private TrustManager[] getTrustManagers(String trustStoreFiltePath, String trustStorePassWord) throws AppException {
	try {
	    InputStream fp = null;
	    String alg = TrustManagerFactory.getDefaultAlgorithm();
	    TrustManagerFactory factory = TrustManagerFactory.getInstance(alg);
	    KeyStore ks;
	    try {
		fp = MyManager.class.getClassLoader().getResourceAsStream(CfgUtil.getInstance().getWebServiceProperty(trustStoreFiltePath));
		ks = KeyStore.getInstance("JKS");
		ks.load(fp, CfgUtil.getInstance().getWebServiceProperty(trustStorePassWord).toCharArray());
	    } finally {
		if (fp != null) {
		    fp.close();
		}
	    }
	    factory.init(ks);
	    TrustManager[] tms = factory.getTrustManagers();
	    return tms;
	} catch (Exception e) {
	    e.printStackTrace();
	    throw new AppException(e);
	}
    }
}