少年阿賓

那些青春的歲月

BlogJava :: 首頁 :: 聯系 :: 聚合

:: 管理

500 Posts :: 0 Stories :: 135 Comments :: 0 Trackbacks

HttpClient https雙向驗證

已經發布的準備要測試的https服務：

package com.abin.lee.https;

import java.io.IOException;

import java.io.PrintWriter;

import java.util.Map;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

@SuppressWarnings("serial")

public class ReceiveHttpClientRequest extends HttpServlet {

public void service(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException {

System.out.println("receive https request");

Map map=request.getParameterMap();

String user=(((Object[])map.get("user"))[0]).toString();

System.out.println("user="+user);

String pwd=(((Object[])map.get("pwd"))[0]).toString();

System.out.println("pwd="+pwd);

//給調用者返回值

PrintWriter write=response.getWriter();

write.write("receive HttpClient success");

write.flush();

write.close();

}

//web.xml

<servlet-name>httpsClientRequest</servlet-name>

<servlet-class>com.abin.lee.https.ReceiveHttpClientRequest</servlet-class>

</servlet>

<servlet-mapping>

<servlet-name>httpsClientRequest</servlet-name>

<url-pattern>/httpsClientRequest</url-pattern>

</servlet-mapping>

//HttpClient測試類

package com.abin.lee.test;

import java.io.BufferedReader;

import java.io.FileInputStream;

import java.io.InputStreamReader;

import java.security.KeyStore;

import java.util.ArrayList;

import java.util.List;

import javax.net.ssl.KeyManagerFactory;

import javax.net.ssl.SSLContext;

import javax.net.ssl.TrustManager;

import javax.net.ssl.TrustManagerFactory;

import junit.framework.TestCase;

import org.apache.http.HttpResponse;

import org.apache.http.NameValuePair;

import org.apache.http.client.HttpClient;

import org.apache.http.client.entity.UrlEncodedFormEntity;

import org.apache.http.client.methods.HttpPost;

import org.apache.http.conn.scheme.Scheme;

import org.apache.http.conn.ssl.SSLSocketFactory;

import org.apache.http.impl.client.DefaultHttpClient;

import org.apache.http.message.BasicNameValuePair;

import org.apache.http.protocol.HTTP;

import org.junit.Before;

import org.junit.Test;

public class HttpsClient extends TestCase {

private String httpUrl = "https://localhost:8443/global/httpsClientRequest";

// 客戶端密鑰庫

private String sslKeyStorePath;

private String sslKeyStorePassword;

private String sslKeyStoreType;

// 客戶端信任的證書

private String sslTrustStore;

private String sslTrustStorePassword;

@Before

public void setUp() {

sslKeyStorePath = "D:\\home\\tomcat.keystore";

sslKeyStorePassword = "stevenjohn";

sslKeyStoreType = "JKS"; // 密鑰庫類型，有JKS PKCS12等

sslTrustStore = "D:\\home\\tomcat.keystore";

sslTrustStorePassword = "stevenjohn";

System.setProperty("javax.net.ssl.keyStore", sslKeyStorePath);

System.setProperty("javax.net.ssl.keyStorePassword",

sslKeyStorePassword);

System.setProperty("javax.net.ssl.keyStoreType", sslKeyStoreType);

// 設置系統參數

System.setProperty("javax.net.ssl.trustStore", sslTrustStore);

System.setProperty("javax.net.ssl.trustStorePassword",

sslTrustStorePassword);

}

@Test

public void testHttpsClient() {

SSLContext sslContext = null;

try {

KeyStore kstore = KeyStore.getInstance("jks");

kstore.load(new FileInputStream(sslKeyStorePath),

sslKeyStorePassword.toCharArray());

KeyManagerFactory keyFactory = KeyManagerFactory

.getInstance("sunx509");

keyFactory.init(kstore, sslKeyStorePassword.toCharArray());

KeyStore tstore = KeyStore.getInstance("jks");

tstore.load(new FileInputStream(sslTrustStore),

sslTrustStorePassword.toCharArray());

TrustManager[] tm;

TrustManagerFactory tmf = TrustManagerFactory

.getInstance("sunx509");

tmf.init(tstore);

tm = tmf.getTrustManagers();

sslContext = SSLContext.getInstance("SSL");

sslContext.init(keyFactory.getKeyManagers(), tm, null);

} catch (Exception e) {

e.printStackTrace();

}

try {

HttpClient httpClient = new DefaultHttpClient();

SSLSocketFactory socketFactory = new SSLSocketFactory(sslContext);

Scheme sch = new Scheme("https", 8443, socketFactory);

httpClient.getConnectionManager().getSchemeRegistry().register(sch);

HttpPost httpPost = new HttpPost(httpUrl);

List<NameValuePair> nvps = new ArrayList<NameValuePair>();

nvps.add(new BasicNameValuePair("user", "abin"));

nvps.add(new BasicNameValuePair("pwd", "abing"));

httpPost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));

HttpResponse httpResponse = httpClient.execute(httpPost);

String spt = System.getProperty("line.separator");

BufferedReader buffer = new BufferedReader(new InputStreamReader(

httpResponse.getEntity().getContent()));

StringBuffer stb=new StringBuffer();

String line=null;

while((line=buffer.readLine())!=null){

stb.append(line);

}

buffer.close();

String result=stb.toString();

System.out.println("result="+result);

} catch (Exception e) {

e.printStackTrace();

}

//tomcat配置文件：（前提是https雙向驗證證書生成的沒有一點問題）

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"

SSLEnabled="true" maxThreads="150" scheme="https"

secure="true" clientAuth="true" sslProtocol="TLS"

keystoreFile="D:\\home\\tomcat.keystore" keystorePass="stevenjohn"

truststoreFile="D:\\home\\tomcat.keystore" truststorePass="stevenjohn" />

posted on 2012-09-27 00:11 abin 閱讀(3202) 評論(0) 編輯收藏所屬分類: HTTPS

新用戶注冊刷新評論列表


只有注冊用戶登錄后才能發表評論。




網站導航: 博客園 IT新聞 Chat2DB C++博客博問管理
相關文章: Http Https Webservice web.xml中配置http訪問轉向https HttpClient 實現跳轉請求 HttpsUrlConnection https雙向驗證 HttpClient https雙向驗證 Tomcat配置HTTPS方式(單向) Java Https單向，雙向驗證 Https ssl java keytool+tomcat配置HTTPS雙向證書認證

少年阿賓

常用鏈接

留言簿(22)

我參與的團隊

隨筆分類

隨筆檔案

新聞分類

相冊

搜索

最新評論

閱讀排行榜

評論排行榜