具有Java应用程序和SSL的Web服务客户端 [英] Web service client with Java application and SSL

问题描述

我正在开发一个Java桌面应用程序，我想在其中使用Web服务。 Web服务需要使用 binarysecuritytoken 进行消息级安全性的双向SSL连接。我使用NetBeans IDE 6.9.1和JDK 1.6.0.23以及JAX-WS作为ws包装器。如何在不使用客户端计算机上的任何Web服务器的情况下与ws进行通信。我读过的大多数东西需要在客户机上有tomcat或其他一些web服务器（在tomcat中配置密钥库等等）。有可能吗？请为基于SSL的ws客户端推荐一些针对Java桌面应用程序的文章。

I am developing a Java desktop application and I want to consume a web service in it. The web service requires two-way SSL connection with message level security using binarysecuritytoken. I am using NetBeans IDE 6.9.1 with JDK 1.6.0.23 and JAX-WS as ws wrapper. How can I communicate with the ws without using any web server on client machine. Most of the stuff I read needs to have tomcat or some other web server on client machine (configuring the keystore in tomcat or so...). Is it possible to do? Please suggest some article for SSL based ws client for Java desktop application.

推荐答案

以下是两种处理WS over SSL的方法< a href =http://ws.apache.org/xmlrpc/ssl.html =nofollow> http://ws.apache.org/xmlrpc/ssl.html 。

正确的方法是为SE和EE解决方案配置和使用密钥库。

下一个快速解决方案也适用于我：

Here are two ways to deal with WS over SSL http://ws.apache.org/xmlrpc/ssl.html.
Correct way is to configure and use your keystore for both SE and EE solutions.
Next quick solution also works for me:

package client;

import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.xml.namespace.QName;

import ws.MyService1;
import ws.MyService1ServiceLocator;

public class Client {

    public static void main(String[] args) throws Exception {
        test();
    }

    public static void test() throws Exception {
        // Create a trust manager that does not validate certificate chains
        TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            public void checkClientTrusted(X509Certificate[] certs, String authType) {
                // Trust always
            }

            public void checkServerTrusted(X509Certificate[] certs, String authType) {
                // Trust always
            }
        } };
        // Install the all-trusting trust manager
        SSLContext sc = SSLContext.getInstance("SSL");
        // Create empty HostnameVerifier
        HostnameVerifier hv = new HostnameVerifier() {
            public boolean verify(String arg0, SSLSession arg1) {
                return true;
            }
        };

        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        HttpsURLConnection.setDefaultHostnameVerifier(hv);

        // use secured service
        QName qname = new QName("http://ws", "MyService1Service");
        String url = "https://127.0.0.1:7002/MyService/wsdl/MyService1.wsdl";
        MyService1 service = new MyService1ServiceLocator(url, qname).getMyService1();
        System.out.println(service.getMessage());
    }
}

这篇关于具有Java应用程序和SSL的Web服务客户端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！