Spring Boot AsyncRestTemplate SSLSocketFactory [英] Spring Boot AsyncRestTemplate SSLSocketFactory

问题描述

在 WebSphere 中部署 Spring Boot 应用程序.由于它们的 SSL 配置，我们需要明确指定 SSLSocketFactory 以确保应用程序使用 WebSphere 证书而不是默认的 Java 密钥/信任存储.

Deploying a Spring Boot application in WebSphere. Due to their SSL configuration, we need to explicitly specify the SSLSocketFactory to ensure the application uses the WebSphere certificates and not the default Java key/trust stores.

通过 RestTemplate 执行此操作很简单:

Doing this via the RestTemplate is straightforward:

protected RestTemplate getRestTemplate() {

    SSLSocketFactory sslSocketFactory = new SSLSocketFactory(
        (javax.net.ssl.SSLSocketFactory) javax.net.ssl.SSLSocketFactory.getDefault(),
        SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER
    );

    SchemeRegistry registry = new SchemeRegistry();
    registry.register(new Scheme(HTTP_SCHEME, HTTP_PORT, PlainSocketFactory.getSocketFactory()));
    registry.register(new Scheme(HTTPS_SCHEME, HTTPS_PORT, sslSocketFactory));

    BasicClientConnectionManager connectionManager = new BasicClientConnectionManager(registry);
    DefaultHttpClient httpClient = new DefaultHttpClient(connectionManager);
    ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);

    return new RestTemplate(requestFactory);
}

但是使用 AsyncRestTemplate，我无法找到如何设置 SSLSocketFactory:

However with the AsyncRestTemplate, I am unable to find how to set the SSLSocketFactory:

protected AsyncRestTemplate getAsyncRestTemplate() throws IOReactorException, NoSuchAlgorithmException {

    SSLIOSessionStrategy strategy = new SSLIOSessionStrategy(
        SSLContext.getDefault(),
        SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER
    );

    Registry<SchemeIOSessionStrategy> registry = RegistryBuilder.<SchemeIOSessionStrategy>create()
        .register(HTTP_SCHEME, NoopIOSessionStrategy.INSTANCE)
        .register(HTTPS_SCHEME, strategy)
        .build();

    PoolingNHttpClientConnectionManager connManager = new PoolingNHttpClientConnectionManager(
        new DefaultConnectingIOReactor(),
        registry
    );

    CloseableHttpAsyncClient httpClient = HttpAsyncClientBuilder
        .create()
        .setConnectionManager(connManager)
        .build();

    AsyncClientHttpRequestFactory requestFactory = new HttpComponentsAsyncClientHttpRequestFactory(httpClient);

    return new AsyncRestTemplate(requestFactory);
}

本质上，我需要调用:

(javax.net.ssl.SSLSocketFactory) javax.net.ssl.SSLSocketFactory.getDefault()

触发 WebSphere 覆盖 SSL 连接处理.

Which triggers WebSphere to override SSL connection handling.

非常感谢您对我所遗漏的任何想法 - 谢谢.

Any ideas on what I'm missing are greatly appreciated - thanks.

推荐答案

你不能.javax.net.SocketFactory 与基于 NIO 的 i/o 模型不兼容.无法将 SSLContext 用于非阻塞 SSL.

You cant. javax.net.SocketFactory is incompatible with NIO based i/o models. There is no way around using SSLContext for non-blocking SSL.

这篇关于Spring Boot AsyncRestTemplate SSLSocketFactory的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！