使用的是Android的WebView连接,以确保与客户端证书服务器 [英] Using a Android WebView to connect to secure server with Client Certificate
问题描述
能否在网页视图或者更具体地说,PhoneGaps CordovaWebView,使用客户证书来验证服务器?
Can a WebView or more specifically, PhoneGaps CordovaWebView, use client certificates to authenticate to a server?
我理解的原生浏览器可以使用客户端证书,但我想获得一个PhoneGap的Android应用程序交谈,需要一个客户端证书工作,看不出一台服务器。我已经试过我看到的谷歌不同的方法,但他们没有工作在Android版本4.0或更高版本。任何建议将大大appriciated。
I understand the native browser can use client certs but I am trying to get a PhoneGap Android app to talk to a server that requires a client cert to work and can not see how. I have tried various methods I have seen on google, but they are not working on Android version 4.0 or greater. Any suggestions would be greatly appriciated.
推荐答案
这是不可能的。这是需要回答回客户端证书的挑战code不是在SDK中提供。如果你看一下在Android SDK的源WebViewClient你会看到这个方法
It is not possible. The code that is needed to answer back a challenge for a client certificate is not available in the sdk. If you look at the source for WebViewClient in the android sdk you will see this method
/**
* Notify the host application to handle a SSL client certificate
* request (display the request to the user and ask whether to
* proceed with a client certificate or not). The host application
* has to call either handler.cancel() or handler.proceed() as the
* connection is suspended and waiting for the response. The
* default behavior is to cancel, returning no client certificate.
*
* @param view The WebView that is initiating the callback.
* @param handler An ClientCertRequestHandler object that will
* handle the user's response.
* @param host_and_port The host and port of the requesting server.
*
* @hide
*/
public void onReceivedClientCertRequest(WebView view,
ClientCertRequestHandler handler, String host_and_port) {
handler.cancel();
}
你看到的文档节@hide?这意味着不要将此提供给广大市民。我们需要重写此方法,并利用ClientCertRequestHandler的能力,但我们不能。不知道当谷歌将开放这个API,但它是不具备的软糖。
Do you see that @hide in the doc section? That means "do not make this available to the general public." We need the ability to override this method and utilize the ClientCertRequestHandler, but we can't. Not sure when google will open this API but it is not available in JellyBean.
这篇关于使用的是Android的WebView连接,以确保与客户端证书服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
