Java中的SSLSocketFactory，LDAP网络连接 [英] SSLSocketFactory in Java, LDAP network connection

问题描述

我的问题类似于: Java中的SSLSocketFactory

我需要设置一个自定义SSLSocketFactory ...除了我没有具有https连接(它是LDAPS)，所以不能使用:

I need to set a custom SSLSocketFactory...except I do NOT have an https connection (it's LDAPS), so can't use:

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

...设置SSLSocketFactory.我已经初始化了一个SSLContext对象，但是当我建立LDAP连接时，由于未设置我的自定义对象，因此会自动调用默认的SSLContext:

...to set the SSLSocketFactory. I have an SSLContext object initialized but when I make the LDAP connection the default SSLContext is called automatically since my custom one is not set:

dirContext = new InitialDirContext(env); // <-- reverts to default ssl context

下面的第3行是否有非HTTPS等效方法:

Is there a non-HTTPS equivalent method to line #3 below:

1. SSLContext sc = SSLContext.getInstance("SSL");

1. SSLContext sc = SSLContext.getInstance("SSL");

sc.init(myKeyManagerFactory.getKeyManagers()，myTrustManagerArray，新的java.security.SecureRandom());

sc.init(myKeyManagerFactory.getKeyManagers(), myTrustManagerArray, new java.security.SecureRandom());

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

推荐答案

是的.

env.put("java.naming.ldap.factory.socket", UnsecuredSSLSocketFactory.class.getName());

---

UnsecuredSSLSocketFactory.java :

public class UnsecuredSSLSocketFactory extends SSLSocketFactory
{
    private SSLSocketFactory socketFactory;

    public UnsecuredSSLSocketFactory()
    {
        try
        {
            var sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, new TrustManager[]{new X509TrustManager()
            {
                @Override
                public void checkClientTrusted(X509Certificate[] xcs, String string){}

                @Override
                public void checkServerTrusted(X509Certificate[] xcs, String string){}

                @Override
                public X509Certificate[] getAcceptedIssuers()
                {
                    return null;
                }
            }}, new SecureRandom());
            socketFactory = sslContext.getSocketFactory();
        }
        catch(Exception e)
        {
            throw new RuntimeException(e);
        }
    }

    @SuppressWarnings("unused")
    public static SocketFactory getDefault()
    {
        return new UnsecuredSSLSocketFactory();
    }

    @Override
    public String[] getDefaultCipherSuites()
    {
        return socketFactory.getDefaultCipherSuites();
    }

    @Override
    public String[] getSupportedCipherSuites()
    {
        return socketFactory.getSupportedCipherSuites();
    }

    @Override
    public Socket createSocket(Socket socket, String string, int i, boolean bln) throws IOException
    {
        return socketFactory.createSocket(socket, string, i, bln);
    }

    @Override
    public Socket createSocket(String string, int i) throws IOException
    {
        return socketFactory.createSocket(string, i);
    }

    @Override
    public Socket createSocket(String string, int i, InetAddress ia, int i1) throws IOException
    {
        return socketFactory.createSocket(string, i, ia, i1);
    }

    @Override
    public Socket createSocket(InetAddress ia, int i) throws IOException
    {
        return socketFactory.createSocket(ia, i);
    }

    @Override
    public Socket createSocket(InetAddress ia, int i, InetAddress ia1, int i1) throws IOException
    {
        return socketFactory.createSocket(ia, i, ia1, i1);
    }

    @Override
    public Socket createSocket() throws IOException
    {
        return socketFactory.createSocket();
    }
}

这篇关于Java中的SSLSocketFactory，LDAP网络连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！