首页 诗词 字典 板报 句子 名言 友答 励志 学校 网站地图
当前位置: 首页 > 教程频道 > 网站开发 > Web前端 >

Apache CXF实战之4 发布使用SSL的Web Service

2013-07-01 
Apache CXF实战之四发布使用SSL的Web Service在使用Web Service的时候,在很多情况下会要求我们发布ssl的we

Apache CXF实战之四 发布使用SSL的Web Service

在使用Web Service的时候,在很多情况下会要求我们发布ssl的web service,此时如果web service是作为一个war包部署在tomcat之类的web容器中的时候,我们可以通过修改tomcat的配置来比较容易的部署发布成ssl的 web service的,当对于独立运行的程序来书,此时发布web service是需要一些操作的,下面看看在CXF中怎样发布并调用SSL的Web Service。

1. 首先是一个pojo的实体类

?

[java] view plaincopyprint?
  1. package?com.googlecode.garbagecan.cxfstudy.ssl;????
  2. public?class?User?{??????private?String?id;??
  3. ????private?String?name;??????private?String?password;??
  4. ????public?String?getId()?{??????????return?id;??
  5. ????}??????public?void?setId(String?id)?{??
  6. ????????this.id?=?id;??????}??
  7. ????public?String?getName()?{??????????return?name;??
  8. ????}??????public?void?setName(String?name)?{??
  9. ????????this.name?=?name;??????}??
  10. ????public?String?getPassword()?{??????????return?password;??
  11. ????}??????public?void?setPassword(String?password)?{??
  12. ????????this.password?=?password;??????}??
  13. }??

2. 下面是Web Service的接口和实现类,这两个类和前面文章中介绍的没什么区别

?

?

[java] view plaincopyprint?
  1. package?com.googlecode.garbagecan.cxfstudy.ssl;????
  2. import?java.util.List;????
  3. import?javax.jws.WebMethod;??import?javax.jws.WebResult;??
  4. import?javax.jws.WebService;????
  5. @WebService??public?interface?UserService?{??
  6. ????@WebMethod??????@WebResult?List<User>?list();??
  7. ??}??
  8. ??package?com.googlecode.garbagecan.cxfstudy.ssl;??
  9. ??import?java.util.ArrayList;??
  10. import?java.util.List;????
  11. public?class?UserServiceImpl?implements?UserService?{????
  12. ????public?List<User>?list()?{??????????List<User>?users?=?new?ArrayList<User>();??
  13. ????????for?(int?i?=?0;?i?<?10;?i++)?{??????????????User?user?=?new?User();??
  14. ????????????user.setId(""?+?i);??????????????user.setName("user_"?+?i);??
  15. ????????????user.setPassword("password_"?+?i);??????????????users.add(user);??
  16. ????????}??????????return?users;??
  17. ????}????
  18. }??

3. 下面看看Server端代码

[java] view plaincopyprint?
  1. package?com.googlecode.garbagecan.cxfstudy.ssl;????
  2. import?java.io.File;??import?java.io.FileInputStream;??
  3. import?java.security.KeyStore;????
  4. import?javax.net.ssl.KeyManager;??import?javax.net.ssl.KeyManagerFactory;??
  5. import?javax.net.ssl.TrustManager;??import?javax.net.ssl.TrustManagerFactory;??
  6. ??import?org.apache.cxf.configuration.jsse.TLSServerParameters;??
  7. import?org.apache.cxf.configuration.security.ClientAuthentication;??import?org.apache.cxf.configuration.security.FiltersType;??
  8. import?org.apache.cxf.endpoint.Server;??import?org.apache.cxf.jaxws.JaxWsServerFactoryBean;??
  9. import?org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory;????
  10. public?class?MyServer?{????
  11. ????private?static?final?int?port?=?12345;????????
  12. ????private?static?final?String?address?=?"https://0.0.0.0:"+port+"/ws/ssl/userService";????
  13. ????public?static?void?main(String[]?args)?throws?Exception?{??????????System.out.println("Starting?Server");??
  14. ??????????????????configureSSLOnTheServer();??
  15. ??????????????????JaxWsServerFactoryBean?factoryBean?=?new?JaxWsServerFactoryBean();??
  16. ????????factoryBean.setServiceClass(UserServiceImpl.class);??????????factoryBean.setAddress(address);??
  17. ??????????????????Server?server?=?factoryBean.create();??
  18. ????????String?endpoint?=?server.getEndpoint().getEndpointInfo().getAddress();????
  19. ????????System.out.println("Server?started?at?"?+?endpoint);??????}??
  20. ??????public?static?void?configureSSLOnTheServer()?{??
  21. ????????File?file?=?new?File(MyServer.class.getResource("/com/googlecode/garbagecan/cxfstudy/ssl/test.jks").getFile());????????????
  22. ????????try?{??????????????TLSServerParameters?tlsParams?=?new?TLSServerParameters();??
  23. ????????????KeyStore?keyStore?=?KeyStore.getInstance("JKS");??????????????String?password?=?"mypassword";??
  24. ????????????String?storePassword?=?"mypassword";????????????????
  25. ????????????keyStore.load(new?FileInputStream(file),?storePassword.toCharArray());??????????????KeyManagerFactory?keyFactory?=?KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());??
  26. ????????????keyFactory.init(keyStore,?password.toCharArray());??????????????KeyManager[]?keyManagers?=?keyFactory.getKeyManagers();??
  27. ????????????tlsParams.setKeyManagers(keyManagers);????
  28. ????????????keyStore.load(new?FileInputStream(file),?storePassword.toCharArray());??????????????TrustManagerFactory?trustFactory?=?TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());??
  29. ????????????trustFactory.init(keyStore);??????????????TrustManager[]?trustManagers?=?trustFactory.getTrustManagers();??
  30. ????????????tlsParams.setTrustManagers(trustManagers);????????????????
  31. ????????????FiltersType?filtersTypes?=?new?FiltersType();??????????????filtersTypes.getInclude().add(".*_EXPORT_.*");??
  32. ????????????filtersTypes.getInclude().add(".*_EXPORT1024_.*");??????????????filtersTypes.getInclude().add(".*_WITH_DES_.*");??
  33. ????????????filtersTypes.getInclude().add(".*_WITH_NULL_.*");??????????????filtersTypes.getExclude().add(".*_DH_anon_.*");??
  34. ????????????tlsParams.setCipherSuitesFilter(filtersTypes);????????????????
  35. ????????????ClientAuthentication?ca?=?new?ClientAuthentication();??????????????ca.setRequired(true);??
  36. ????????????ca.setWant(true);??????????????tlsParams.setClientAuthentication(ca);??
  37. ??????????????????????????JettyHTTPServerEngineFactory?factory?=?new?JettyHTTPServerEngineFactory();??
  38. ????????????factory.setTLSServerParametersForPort(port,?tlsParams);??????????}?catch?(Exception?e)?{??
  39. ????????????e.printStackTrace();??????????}??
  40. ????}????
  41. }??

4. 下面看看Client端代码

?

?

[java] view plaincopyprint?
  1. package?com.googlecode.garbagecan.cxfstudy.ssl;????
  2. import?java.io.File;??import?java.io.FileInputStream;??
  3. import?java.security.KeyStore;????
  4. import?javax.net.ssl.KeyManager;??import?javax.net.ssl.KeyManagerFactory;??
  5. import?javax.net.ssl.TrustManager;??import?javax.net.ssl.TrustManagerFactory;??
  6. ??import?org.apache.cxf.configuration.jsse.TLSClientParameters;??
  7. import?org.apache.cxf.configuration.security.FiltersType;??import?org.apache.cxf.endpoint.Client;??
  8. import?org.apache.cxf.frontend.ClientProxy;??import?org.apache.cxf.jaxws.JaxWsProxyFactoryBean;??
  9. import?org.apache.cxf.transport.http.HTTPConduit;????
  10. public?class?MyClient?{????
  11. ????private?static?final?String?address?=?"https://localhost:12345/ws/ssl/userService";????
  12. ????public?static?void?main(String[]?args)?throws?Exception?{??????????JaxWsProxyFactoryBean?factoryBean?=?new?JaxWsProxyFactoryBean();??
  13. ????????factoryBean.setAddress(address);??????????factoryBean.setServiceClass(UserService.class);??
  14. ????????Object?obj?=?factoryBean.create();??????????UserService?userService?=?(UserService)?obj;??
  15. ??????????????????configureSSLOnTheClient(userService);??
  16. ??????????System.out.println(userService.list());??
  17. ????}????
  18. ????private?static?void?configureSSLOnTheClient(Object?obj)?{??????????File?file?=?new?File(MyServer.class.getResource("/com/googlecode/garbagecan/cxfstudy/ssl/test.jks").getFile());??
  19. ??????????????????Client?client?=?ClientProxy.getClient(obj);??
  20. ????????HTTPConduit?httpConduit?=?(HTTPConduit)?client.getConduit();????
  21. ????????try?{??????????????TLSClientParameters?tlsParams?=?new?TLSClientParameters();??
  22. ????????????tlsParams.setDisableCNCheck(true);????
  23. ????????????KeyStore?keyStore?=?KeyStore.getInstance("JKS");??????????????String?password?=?"mypassword";??
  24. ????????????String?storePassword?=?"mypassword";????????????????
  25. ????????????keyStore.load(new?FileInputStream(file),?storePassword.toCharArray());??????????????TrustManagerFactory?trustFactory?=?TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());??
  26. ????????????trustFactory.init(keyStore);??????????????TrustManager[]?trustManagers?=?trustFactory.getTrustManagers();??
  27. ????????????tlsParams.setTrustManagers(trustManagers);????
  28. ????????????keyStore.load(new?FileInputStream(file),?storePassword.toCharArray());??????????????KeyManagerFactory?keyFactory?=?KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());??
  29. ????????????keyFactory.init(keyStore,?password.toCharArray());??????????????KeyManager[]?keyManagers?=?keyFactory.getKeyManagers();??
  30. ????????????tlsParams.setKeyManagers(keyManagers);????????????????
  31. ????????????FiltersType?filtersTypes?=?new?FiltersType();??????????????filtersTypes.getInclude().add(".*_EXPORT_.*");??
  32. ????????????filtersTypes.getInclude().add(".*_EXPORT1024_.*");??????????????filtersTypes.getInclude().add(".*_WITH_DES_.*");??
  33. ????????????filtersTypes.getInclude().add(".*_WITH_NULL_.*");??????????????filtersTypes.getExclude().add(".*_DH_anon_.*");??
  34. ????????????tlsParams.setCipherSuitesFilter(filtersTypes);????
  35. ????????????httpConduit.setTlsClientParameters(tlsParams);??????????}?catch?(Exception?e)?{??
  36. ????????????e.printStackTrace();??????????}??
  37. ????}??}??

5. 我们需要手动生成jks文件,并将其放在maven工程resources的/com/googlecode/garbagecan/cxfstudy/ssl/目录下,下面是手动生成时使用的命令

?

?

[plain] view plaincopyprint?
  1. keytool?-genkey?-alias?test?-keyalg?RSA?-keypass?mypassword?-storepass?mypassword?-dname?"CN=,?OU=,?O=,?L=,?ST=,?C="?-validity?3650?-keystore?test.jks??

6. 最后我们可以通过启动MyServer和MyClient来验证我们的测试。

读书人精选
热点排行