加入收藏 | 设为首页 | 会员中心 | 我要投稿 李大同 (https://www.lidatong.com.cn/)- 科技、建站、经验、云计算、5G、大数据,站长网!
当前位置: 首页 > 百科 > 正文

https+xml服务端/客户端java后台编写及soapUI https测试

发布时间:2020-12-16 08:36:28 所属栏目:百科 来源:网络整理
导读:目录(?) [-] 一httpsxml服务端编写 1 创建证书文件 11 创建服务器KeyStore 12 导出服务端证书 13 创建客户端KeyStore 14 导出客户端Cer证书 15 交换证书 2 tomcat https配置 3 服务端java代码编写 31 编写servlet服务端代码 32 webxml配置 33 启动服务端 二h

目录(?)[-]

  1. 一httpsxml服务端编写
    1. 1 创建证书文件
      1. 11 创建服务器KeyStore
      2. 12 导出服务端证书
      3. 13 创建客户端KeyStore
      4. 14 导出客户端Cer证书
      5. 15 交换证书
    2. 2 tomcat https配置
    3. 3 服务端java代码编写
      1. 31 编写servlet服务端代码
      2. 32 webxml配置
      3. 33 启动服务端
  2. 二httpsxml客户端编写
    1. 1 编写客户端java代码示例如下
  3. 三soapUI测试httpsxml接口

一、https+xml服务端编写

1.1 创建证书文件

1.1.1 创建服务器KeyStore

[plain] view plain copy
  1. keytool-genkey-aliasserver_jks_cennavi-keyalgRSA-keypass123456-storepass123456-keystoreserver.jks-validity3650

1.1.2 导出服务端证书

copy
keytool-export-trustcacerts-aliasserver_jks_cennavi-fileserver.cer-keystoreserver.jks-storepass123456

1.1.3 创建客户端KeyStore

copy
keytool-genkey-aliasclient_p12_cennavi-keyalgRSA-keypass123456-storepass123456-keystoreclient.p12-validity3650-storetypePKCS12

1.1.4 导出客户端Cer证书

[html] copy
    keytool-export-trustcacerts-aliasclient_p12_cennavi-fileclient.cer-keystoreclient.p12-storepass123456-storetypePKCS12

1.1.5 交换证书

交换导入服务端和客户端证书,作为双方信任证书。
copy
keytool-import-trustcacerts-aliasclient_p12_cennavi-fileclient.cer-keystoreserver.jks
  • keytool-import-trustcacerts-aliasserver_jks_cennavi-fileserver.cer-keystoreclient.jks

    • 1.2 tomcat https配置

    copy
    <Connectorport="8443"protocol="HTTP/1.1"SSLEnabled="true"
  • maxThreads="150"scheme="https"secure="true"
  • clientAuth="true"sslProtocol="TLS"keystoreFile="C:Usershsinghsuserver.jks"keystorePass="123456"
  • truststoreFile="C:Usershsinghsuserver.jks"truststorePass="123456"/>
    • 注:以上配置为https双向验证,若只要https服务端的单向验证,则将clientAuth="true" 和truststoreFile="C:Usershsinghsuserver.jks" truststorePass="123456" 配置去掉即可。

    1.3 服务端java代码编写

    1.3.1 编写servlet服务端代码

    编写servlet代码,用于获取用户https+xml/http+xml请求,解析请求后进行相应业务为逻辑处理返回相应信息给请求方。
    [java] copy
      packagecom.hsinghsu.test.web.servlet;
    2. importjava.io.ByteArrayOutputStream;
    3. importjava.io.IOException;
    4. importjava.io.InputStream;
    5. importjava.util.HashMap;
    6. importjava.util.Iterator;
    7. importjava.util.Map;
    8. importjava.util.zip.GZIPOutputStream;
    9. importjavax.servlet.ServletException;
    10. importjavax.servlet.ServletRequest;
    11. importjavax.servlet.ServletResponse;
    12. importjavax.servlet.http.HttpServlet;
    13. importjavax.servlet.http.HttpServletRequest;
    14. importjavax.servlet.http.HttpServletResponse;
    16. importorg.dom4j.Attribute;
    17. importorg.dom4j.Document;
    18. importorg.dom4j.Element;
    19. importorg.dom4j.io.SAXReader;
    20. publicclassTestInterfaceServletextendsHttpServlet
    21. {
    22. /**
    23. *对外接口主入口
    24. *用于获取用户请求,返回用户请求使用。
    25. */
    26. publicvoidservice(ServletRequestrequest,ServletResponseresponse)
    27. throwsServletException,IOException
    28. HttpServletResponsehttpResponse=(HttpServletResponse)response;
    29. HttpServletRequesthttprequest=(HttpServletRequest)request;
    30. httpResponse.setContentType("text/html;charset=UTF-8");
    31. Map<String,String>mapHeader=getHeaderMap(httprequest);//获取http头信息
    32. StringrequestXml="";//请求过来的xml报文
    33. StringresponseXml="";//返回的xml报文
    34. Documentdoc=null;
    35. InputStreamis=request.getInputStream();
    36. System.out.println("======httpheadertimestampis:"+mapHeader.get("timestamp"));
    37. SAXReadersaxReader=newSAXReader();
    38. newHashMap<String,String>();
    39. try
    40. doc=saxReader.read(is);
    41. requestXml=doc.asXML();
    42. System.out.println("======requestxml:"+requestXml);
    43. ElementrootElm=doc.getRootElement();//从root根节点获取请求报文
    44. map=parseXML(rootElm,newHashMap<String,String>());
    45. Stringmsgname=map.get("msgname");//从httpbody中获取到的msgname值
    46. //是否https访问
    47. if(request.isSecure())
    48. {
    49. //https访问
    50. if("loginReq".equals(msgname))
    51. System.out.println("thehttps+xmlrequestisloginReq");
    52. responseXml=
    53. "<?xmlversion="1.0"encoding="UTF-8"?><ecity><msgname>loginRep</msgname><msgversion>1.0.0</msgversion><result><rspcode>0</rspcode><rspdesc>成功</rspdesc></result><svccont><uid>111</uid></svccont></ecity>";
    54. }
    55. else
    56. System.out.println("请求接口名称不在本系统内");
    57. "<?xmlversion="1.0"encoding="UTF-8"?><ecity><msgversion>1.0.0</msgversion><result><rspcode>1</rspcode><rspdesc>请求接口名称不在本系统内</rspdesc></result></ecity>";
    58. }
    59. else
    60. //http访问
    61. if("logOutReq".equals(msgname))
    62. System.out.println("thehttp+xmlrequestislogOut");
    63. "<?xmlversion="1.0"encoding="UTF-8"?><ecity><msgname>logOutRep</msgname><msgversion>1.0.0</msgversion><result><rspcode>0</rspcode><rspdesc>成功</rspdesc></result><svccont><uid>111</uid></svccont></ecity>";
    64. catch(Exceptione1)
    65. System.out.println("请求数据不正确");
    66. responseXml=
    67. "<?xmlversion="1.0"encoding="UTF-8"?><ecity><msgversion>1.0.0</msgversion><result><rspcode>2</rspcode><rspdesc>请求数据不正确</rspdesc></result></ecity>";
    68. //对报文进行压缩处理
    69. StringAcceptEncoding="gzip";
    70. if(mapHeader!=null)
    71. AcceptEncoding=mapHeader.get("Accept-Encoding");
    72. if(null!=AcceptEncoding&&"gzip".equals(AcceptEncoding))
    73. //使用gzip压缩报文
    74. System.out.println("======outputresponsexmlwithgzipis:"+responseXml);
    75. response.getOutputStream().write(gZip(responseXml.getBytes()));
    76. response.getOutputStream().flush();
    77. response.getOutputStream().close();
    78. //不压缩报文,直接传输
    79. System.out.println("======outputresponsexmlwithoutgzipis:"+responseXml);
    80. response.getOutputStream().write(responseXml.getBytes());
    81. /**
    82. *获取http头信息
    83. *<功能详细描述>
    84. *@paramrequest
    85. *@return
    86. *@see[类、类#方法、类#成员]
    87. publicMap<String,String>getHeaderMap(HttpServletRequestrequest)
    88. Map<String,String>();
    89. if(null!=request.getHeader("msgname")&&!"".equals(request.getHeader("msgname")))
    90. map.put("msgname",request.getHeader("msgname"));
    91. if(null!=request.getHeader("Accept-Encoding")&&!"".equals(request.getHeader("Accept-Encoding")))
    92. map.put("Accept-Encoding",request.getHeader("Accept-Encoding"));
    93. if(null!=request.getHeader("timestamp")&&!"".equals("timestamp"))
    94. map.put("timestamp",request.getHeader("timestamp"));
    95. returnmap;
    96. *将xml解析成map键值对
    97. *<功能详细描述>
    98. *@paramele需要解析的xml对象
    99. *@parammap入参为空,用于内部迭代循环使用
    100. privateMap<String,String>parseXML(Elementele,Map<String,String>map)
    101. for(Iterator<?>i=ele.elementIterator();i.hasNext();)
    102. Elementnode=(Element)i.next();
    103. System.out.println("======parseXMLnodename:"+node.getName());
    104. if(node.attributes()!=null&&node.attributes().size()>0)
    105. for(Iterator<?>j=node.attributeIterator();j.hasNext();)
    106. Attributeitem=(Attribute)j.next();
    107. System.out.println("======parseXMLpropertyname:"+item.getName()+"propertyvalue:"
    108. +item.getValue()+"n");
    109. map.put(item.getName(),item.getValue());
    110. if(node.getText().length()>0)
    111. System.out.println("======parseXMLnodevalue:"+node.getText());
    112. map.put(node.getName(),node.getText());
    113. if(node.elementIterator().hasNext())
    114. parseXML(node,map);
    115. returnmap;
    116. *gZip压缩方法
    117. *将原报文通过gzip压缩
    118. *@paramdata
    119. publicstaticbyte[]gZip(byte[]data)
    120. byte[]b=null;
    121. ByteArrayOutputStreambos=newByteArrayOutputStream();
    122. GZIPOutputStreamgzip=newGZIPOutputStream(bos);
    123. gzip.write(data);
    124. gzip.finish();
    125. gzip.close();
    126. b=bos.toByteArray();
    127. bos.close();
    128. catch(Exceptionex)
    129. ex.printStackTrace();
    130. returnb;
    131. }

    1.3.2 web.xml配置

    在web.xml中配置访问该接口的servlet,详见配置如下:
    copy
    <servlet>
  • <servlet-name>interfaceServlet</servlet-name>
  • <servlet-class>com.hsinghsu.test.web.servlet.TestInterfaceServlet</servlet-class>
  • </servlet>
  • <servlet-mapping>
  • <url-pattern>/interface</url-pattern>
  • </servlet-mapping>
    • 注:如果在servlet中需要注入service/dao的bean,请参见:http://www.it165.net/pro/html/201307/6589.html 【如何用Spring将Service注入到Servlet中(注解模式)】

    1.3.3 启动服务端

    启动服务端tomcat。服务端的访问地址为:https://127.0.0.1:8843/testhttps/interface

    二、https+xml客户端编写

    2.1 编写客户端java代码,示例如下:

    copy
    importjava.io.BufferedReader;
  • importjava.io.InputStreamReader;
  • importorg.apache.commons.httpclient.DefaultHttpMethodRetryHandler;
  • importorg.apache.commons.httpclient.HttpClient;
  • importorg.apache.commons.httpclient.HttpStatus;
  • importorg.apache.commons.httpclient.methods.PostMethod;
  • importorg.apache.commons.httpclient.methods.StringRequestEntity;
  • importorg.apache.commons.httpclient.params.HttpMethodParams;
  • importorg.dom4j.Document;
  • publicclassTestReqServletextendsHttpServlet
  • publicvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)
  • //StringsURL="http://127.0.0.1:8080/testhttps/interface";
  • StringsURL="https://127.0.0.1:8443/testhttps/interface";
  • Stringxml=
  • "<?xmlversion='1.0'encoding='UTF-8'?><ecity><msgname>loginReq</msgname><timestamp>20140422094111</timestamp><svccont><token>112255</token></svccont></ecity>";
  • toHTTPS(sURL,xml);
  • *https调用
  • *@paramsURL请求URL
  • *@paramxml请求报文
  • *@return
  • *@throwsIOException
  • publicStringtoHTTPS(StringsURL,Stringxml)
  • throwsIOException
  • sURL="https://127.0.0.1:8443/testhttps/interface";
  • System.setProperty("javax.net.ssl.trustStore","C:UsershsinghsuDesktophttpsclient.jks");
  • System.setProperty("javax.net.ssl.trustStorePassword","123456");
  • System.setProperty("javax.net.ssl.keyStoreType","PKCS12");
  • System.setProperty("javax.net.ssl.keyStore","C:UsershsinghsuDesktophttpsclient.p12");
  • System.setProperty("javax.net.ssl.keyStorePassword","123456");
  • //注:去掉以上5行则表示使用http协议访问
  • StringresultXML="";
  • HttpClienthttpClient=null;
  • PostMethodpostMethod=null;
  • httpClient=newHttpClient();
  • //设置超时时间
  • httpClient.getHttpConnectionManager().getParams().setConnectionTimeout(30000);
  • httpClient.getHttpConnectionManager().getParams().setSoTimeout(30000);
  • postMethod=newPostMethod(sURL);
  • postMethod.setRequestEntity(newStringRequestEntity(xml,"text/html","UTF-8"));
  • postMethod.setRequestHeader("Content-Type","text/xml;charset=UTF-8");
  • postMethod.getParams().setParameter(HttpMethodParams.RETRY_HANDLER,newDefaultHttpMethodRetryHandler());
  • intstatusCode=httpClient.executeMethod(postMethod);
  • if(statusCode!=HttpStatus.SC_OK)
  • System.out.println("Callmethodfailed:"+postMethod.getStatusLine());
  • BufferedReaderin=null;
  • try
  • in=newBufferedReader(newInputStreamReader(postMethod.getResponseBodyAsStream(),"utf-8"));
  • SAXReadersaxReader=newSAXReader();
  • Documentdoc=saxReader.read(newInputStreamReader(postMethod.getResponseBodyAsStream(),255)"> resultXML=doc.asXML();
  • catch(IOExceptione)
  • e.printStackTrace();
  • finally
  • if(in!=null)
  • in.close();
  • catch(Exceptione)
  • if(postMethod!=null)
  • postMethod.releaseConnection();
  • returnresultXML;
  • }
    • 配置完成后使用servlet访问即可测试

    三、soapUI测试https+xml接口

    打开soapUI,File-->Preferences-->SSL Settings,导入client.p12,输入密码即可
    注:以上配置为https双向验证,若只要https服务端的单向验证,则去掉client.p12 SOAPUI配置证书即可。

    (编辑:李大同)

    【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
      相关内容
        推荐文章
          站长推荐
          热点阅读

            【免责声明】本站内容转载自互联网,其发布内容言论不代表本站观点,如果其链接、内容的侵犯您的权益,烦请提交相关链接至邮箱bqsm@foxmail.com我们将及时予以处理。

            建议您使用1920×1080分辨率、谷歌浏览器Google Chrome、Microsoft Edge以获得本站的最佳浏览效果

            Copygight © 2008-2022 https://www.lidatong.com.cn/ All Rights Reserved. 李大同