基于https，HttpsURLConnection客户端代码调用

发布时间：2020-12-16 23:54:25 所属栏目：安全来源：网络整理

导读：有关tomcat 6.0如何配置https服务的文章可以参考：http://www.voidcn.com/article/p-mstxlhct-ex.html 以下主要讲解如何使用https发起post请求：参考文档：梁栋前辈的《Java加密与解密的艺术》 [java] ? view plain copy import ?java.io.BufferedReader;??

有关tomcat 6.0如何配置https服务的文章可以参考：http://www.voidcn.com/article/p-mstxlhct-ex.html

以下主要讲解如何使用https发起post请求：

参考文档：梁栋前辈的《Java加密与解密的艺术》

[java]? 
   view plain 
   copy 
    
   
 import?java.io.BufferedReader;??
 import?java.io.FileInputStream;??
import?java.io.IOException;??
import?java.io.InputStreamReader;??
import?java.net.MalformedURLException;??
import?java.net.URL;??
import?java.security.GeneralSecurityException;??
import?java.security.KeyStore;??
 ??
import?javax.net.ssl.HostnameVerifier;??
import?javax.net.ssl.HttpsURLConnection;??
import?javax.net.ssl.KeyManagerFactory;??
import?javax.net.ssl.SSLContext;??
import?javax.net.ssl.TrustManagerFactory;??
public?class?HttpsPost?{??
 ????/**?
 ?????*?获得KeyStore.?
 ?????*?@param?keyStorePath?
?????*????????????密钥库路径?
?????*?@param?password?
?????*????????????密码?
?????*?@return?密钥库?
?????*?@throws?Exception?
?????*/??
 ????static?KeyStore?getKeyStore(String?password,?String?keyStorePath)??
 ????????????throws?Exception?{??
 ????????//?实例化密钥库??
 ????????KeyStore?ks?=?KeyStore.getInstance("JKS");??
//?获得密钥库文件流??
 ????????FileInputStream?is?=?new?FileInputStream(keyStorePath);??
//?加载密钥库??
 ????????ks.load(is,?password.toCharArray());??
//?关闭密钥库文件流??
 ????????is.close();??
 ????????return?ks;??
 ????}??
 ??
?????*?获得SSLSocketFactory.?
?????*?@param?trustStorePath?
?????*????????????信任库路径?
?????*?@return?SSLSocketFactory?
static?SSLContext?getSSLContext(String?password,??
 ????????????String?keyStorePath,?String?trustStorePath)? ????????KeyManagerFactory?keyManagerFactory?=?KeyManagerFactory??
 ????????????????.getInstance(KeyManagerFactory.getDefaultAlgorithm());??
 ????????//?获得密钥库??
 ????????KeyStore?keyStore?=?getKeyStore(password,?keyStorePath);??
//?初始化密钥工厂??
 ????????keyManagerFactory.init(keyStore,?password.toCharArray());??
//?实例化信任库??
 ????????TrustManagerFactory?trustManagerFactory?=?TrustManagerFactory??
 ????????????????.getInstance(TrustManagerFactory.getDefaultAlgorithm());??
//?获得信任库??
 ????????KeyStore?trustStore?=?getKeyStore(password,?trustStorePath);??
//?初始化信任库??
 ????????trustManagerFactory.init(trustStore);??
//?实例化SSL上下文??
 ????????SSLContext?ctx?=?SSLContext.getInstance("TLS");??
//?初始化SSL上下文??
 ????????ctx.init(keyManagerFactory.getKeyManagers(),??
 ????????????????trustManagerFactory.getTrustManagers(),?null);??
//?获得SSLSocketFactory??
 ????????return?ctx;??
 ????}??
 ????/**?
?????*?初始化HttpsURLConnection.?
?????*?@param?password?
?????*????????????密码?
?????*?@param?keyStorePath?
?????*????????????密钥库路径?
?????*?@param?trustStorePath?
?????*????????????信任库路径?
static?void?initHttpsURLConnection(String?password,0); background-color:inherit">//?声明SSL上下文??
 ????????SSLContext?sslContext?=?null;??
//?实例化主机名验证接口??
 ????????HostnameVerifier?hnv?=?new?MyHostnameVerifier();??
try?{??
 ????????????sslContext?=?getSSLContext(password,?keyStorePath,?trustStorePath);??
 ????????}?catch?(GeneralSecurityException?e)?{??
 ????????????e.printStackTrace();??
 ????????}??
if?(sslContext?!=?null)?{??
 ????????????HttpsURLConnection.setDefaultSSLSocketFactory(sslContext??
 ????????????????????.getSocketFactory());??
 ????????HttpsURLConnection.setDefaultHostnameVerifier(hnv);??
?????*?发送请求.?
?????*?@param?httpsUrl?
?????*????????????请求的地址?
?????*?@param?xmlStr?
?????*????????????请求的数据?
?????*/??
 ????void?post(String?httpsUrl,?String?xmlStr)?{??
 ????????HttpsURLConnection?urlCon?=?null;??
try?{??
 ????????????urlCon?=?(HttpsURLConnection)?(new?URL(httpsUrl)).openConnection();??
 ????????????urlCon.setDoInput(true);??
 ????????????urlCon.setDoOutput(true);??
 ????????????urlCon.setRequestMethod("POST");??
 ????????????urlCon.setRequestProperty("Content-Length",108); list-style:decimal-leading-zero outside; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important"> ????????????????????String.valueOf(xmlStr.getBytes().length));??
 ????????????urlCon.setUseCaches(false);??
 ????????????//设置为gbk可以解决服务器接收时读取的数据中文乱码问题??
 ????????????urlCon.getOutputStream().write(xmlStr.getBytes("gbk"));??
 ????????????urlCon.getOutputStream().flush();??
 ????????????urlCon.getOutputStream().close();??
 ????????????BufferedReader?in?=?new?BufferedReader(new?InputStreamReader(??
 ????????????????????urlCon.getInputStream()));??
 ????????????String?line;??
 ????????????while?((line?=?in.readLine())?!=?null)?{??
 ????????????????System.out.println(line);??
 ????????????}??
 ????????}?catch?(MalformedURLException?e)?{??
 ????????????e.printStackTrace();??
catch?(IOException?e)?{??
catch?(Exception?e)?{??
 ????????}??
?????*?测试方法.?
?????*?@param?args?
?????*?@throws?Exception?
void?main(String[]?args)?//?密码??
 ????????String?password?=?"123456";??
//?密钥库??
 ????????String?keyStorePath?=?"tomcat.keystore";??
//?信任库??
 ????????String?trustStorePath?=?"tomcat.keystore";??
//?本地起的https服务??
 ????????String?httpsUrl?=?"https://localhost:8443/service/httpsPost";??
//?传输文本??
 ????????String?xmlStr?=?"<?xml?version="1.0"?encoding="UTF-8"?><fruitShop><fruits><fruit><kind>萝卜</kind></fruit><fruit><kind>菠萝</kind></fruit></fruits></fruitShop>";??
 ????????HttpsPost.initHttpsURLConnection(password,0); background-color:inherit">//?发起请求??
 ????????HttpsPost.post(httpsUrl,?xmlStr);??
 }??

copy 
    
   

?javax.net.ssl.HostnameVerifier;??

import?javax.net.ssl.SSLSession;??
?*?实现用于主机名验证的基接口。??
?*?在握手期间，如果?URL?的主机名和服务器的标识主机名不匹配，则验证机制可以回调此接口的实现程序来确定是否应该允许此连接。?
?*/??
class?MyHostnameVerifier?implements?HostnameVerifier?{??
????@Override??
boolean?verify(String?hostname,?SSLSession?session)?{??
if("localhost".equals(hostname)){??
return?true;??
else?{??
false;??
}??

接收请求的Web应用：

web.xml

[html]? 
   copy

<?xml?version="1.0"?encoding="UTF-8"?>??

<web-app?version="2.5"???
????xmlns="http://java.sun.com/xml/ns/javaee"???
????xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"???
????xsi:schemaLocation="http://java.sun.com/xml/ns/javaee???
????http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">??
??servlet>??
????servlet-name>rollBack</ ????servlet-class ??servlet-mappingurl-pattern>/httpsPostwelcome-file-listwelcome-file>index.jspweb-app>??

rollBack servlet

copy 
    
   

?java.io.IOException;??

import?java.io.InputStreamReader;??
import?javax.servlet.ServletException;??
import?javax.servlet.ServletInputStream;??
import?javax.servlet.http.HttpServlet;??
import?javax.servlet.http.HttpServletRequest;??
import?javax.servlet.http.HttpServletResponse;??
class?rollBack?extends?HttpServlet?{??
void?doGet(HttpServletRequest?request,?HttpServletResponse?response)??
throws?ServletException,?IOException?{??
//获取请求流??
????????ServletInputStream?sis?=?request.getInputStream();??
????????BufferedReader?in?=?new?InputStreamReader(sis));??
????????String?line;??
if((line?=?in.readLine())?!=?null){??
????????????System.out.println(line);??
????????in.close();??
void?doPost(HttpServletRequest?request,153); background-color:inherit; font-weight:bold">this.doGet(request,?response);??
}??

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!