在春季由resttemplate提出的每个请求中,发送客户证书的正确方法是什么? [英] What is the right way to send a client certificate with every request made by the resttemplate in spring?
本文介绍了在春季由resttemplate提出的每个请求中,发送客户证书的正确方法是什么?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想在我的spring应用程序中使用REST服务.要访问该服务,我需要获得用于授权的客户端证书(自行签名并以.jks格式). 对其余服务进行身份验证的正确方法是什么?
i want to consume a REST service with my spring application. To access that service i have a client certificate (self signed and in .jks format) for authorization. What is the proper way to authenticate against the rest service?
这是我的要求:
public List<Info> getInfo() throws RestClientException, URISyntaxException {
HttpEntity<?> httpEntity = new HttpEntity<>(null, new HttpHeaders());
ResponseEntity<Info[]> resp = restOperations.exchange(
new URI(BASE_URL + "/Info"), HttpMethod.GET,
httpEntity, Info[].class);
return Arrays.asList(resp.getBody());
}
推荐答案
以下是使用 Apache HttpClient
您应该使用配置的SSL上下文定义自己的RestTemplate
:
You should define your own RestTemplate
with configured SSL context:
@Bean
public RestTemplate restTemplate(RestTemplateBuilder builder) throws Exception {
char[] password = "password".toCharArray();
SSLContext sslContext = SSLContextBuilder.create()
.loadKeyMaterial(keyStore("classpath:cert.jks", password), password)
.loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
HttpClient client = HttpClients.custom().setSSLContext(sslContext).build();
return builder
.requestFactory(new HttpComponentsClientHttpRequestFactory(client))
.build();
}
private KeyStore keyStore(String file, char[] password) throws Exception {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
File key = ResourceUtils.getFile(file);
try (InputStream in = new FileInputStream(key)) {
keyStore.load(in, password);
}
return keyStore;
}
现在,此模板执行的所有远程呼叫都将使用cert.jks
签名.
注意:您需要将cert.jks
放入类路径
Now all remote calls performed by this template will be signed with cert.jks
.
Note: You would need to put cert.jks
into your classpath
@Autowired
private RestTemplate restTemplate;
public List<Info> getInfo() throws RestClientException, URISyntaxException {
HttpEntity<?> httpEntity = new HttpEntity<>(null, new HttpHeaders());
ResponseEntity<Info[]> resp = restTemplate.exchange(
new URI(BASE_URL + "/Info"), HttpMethod.GET,
httpEntity, Info[].class);
return Arrays.asList(resp.getBody());
}
这篇关于在春季由resttemplate提出的每个请求中,发送客户证书的正确方法是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文