有关tomcat 6.0如何配置https服务的文章可以参考:http://www.voidcn.com/article/p-mstxlhct-ex.html
以下主要讲解如何使用https发起post请求:
参考文档:梁栋前辈的《Java加密与解密的艺术》
- import?java.io.BufferedReader;??
- import?java.io.FileInputStream;??
- import?java.io.IOException;??
- import?java.io.InputStreamReader;??
- import?java.net.MalformedURLException;??
- import?java.net.URL;??
- import?java.security.GeneralSecurityException;??
- import?java.security.KeyStore;??
- ??
- import?javax.net.ssl.HostnameVerifier;??
- import?javax.net.ssl.HttpsURLConnection;??
- import?javax.net.ssl.KeyManagerFactory;??
- import?javax.net.ssl.SSLContext;??
- import?javax.net.ssl.TrustManagerFactory;??
- public?class?HttpsPost?{??
- ?????
- ?
- ?
- ?????*????????????密钥库路径?
- ?????*?@param?password?
- ?????*????????????密码?
- ?????*?@return?密钥库?
- ?????*?@throws?Exception?
- ?????*/??
- ????static?KeyStore?getKeyStore(String?password,?String?keyStorePath)??
- ????????????throws?Exception?{??
- ??????????
- ????????KeyStore?ks?=?KeyStore.getInstance("JKS");??
- //?获得密钥库文件流??
- ????????FileInputStream?is?=?new?FileInputStream(keyStorePath);??
- //?加载密钥库??
- ????????ks.load(is,?password.toCharArray());??
- //?关闭密钥库文件流??
- ????????is.close();??
- ????????return?ks;??
- ????}??
- ??
- ?????*?获得SSLSocketFactory.?
- ?????*?@param?trustStorePath?
- ?????*????????????信任库路径?
- ?????*?@return?SSLSocketFactory?
- static?SSLContext?getSSLContext(String?password,??
- ????????????String?keyStorePath,?String?trustStorePath)? ????????KeyManagerFactory?keyManagerFactory?=?KeyManagerFactory??
- ????????????????.getInstance(KeyManagerFactory.getDefaultAlgorithm());??
- ??????????
- ????????KeyStore?keyStore?=?getKeyStore(password,?keyStorePath);??
- //?初始化密钥工厂??
- ????????keyManagerFactory.init(keyStore,?password.toCharArray());??
- //?实例化信任库??
- ????????TrustManagerFactory?trustManagerFactory?=?TrustManagerFactory??
- ????????????????.getInstance(TrustManagerFactory.getDefaultAlgorithm());??
- //?获得信任库??
- ????????KeyStore?trustStore?=?getKeyStore(password,?trustStorePath);??
- //?初始化信任库??
- ????????trustManagerFactory.init(trustStore);??
- //?实例化SSL上下文??
- ????????SSLContext?ctx?=?SSLContext.getInstance("TLS");??
- //?初始化SSL上下文??
- ????????ctx.init(keyManagerFactory.getKeyManagers(),??
- ????????????????trustManagerFactory.getTrustManagers(),?null);??
- //?获得SSLSocketFactory??
- ????????return?ctx;??
- ????}??
- ?????
- ?????*?初始化HttpsURLConnection.?
- ?????*?@param?password?
- ?????*????????????密码?
- ?????*?@param?keyStorePath?
- ?????*????????????密钥库路径?
- ?????*?@param?trustStorePath?
- ?????*????????????信任库路径?
- static?void?initHttpsURLConnection(String?password,0); background-color:inherit">//?声明SSL上下文??
- ????????SSLContext?sslContext?=?null;??
- //?实例化主机名验证接口??
- ????????HostnameVerifier?hnv?=?new?MyHostnameVerifier();??
- try?{??
- ????????????sslContext?=?getSSLContext(password,?keyStorePath,?trustStorePath);??
- ????????}?catch?(GeneralSecurityException?e)?{??
- ????????????e.printStackTrace();??
- ????????}??
- if?(sslContext?!=?null)?{??
- ????????????HttpsURLConnection.setDefaultSSLSocketFactory(sslContext??
- ????????????????????.getSocketFactory());??
- ????????HttpsURLConnection.setDefaultHostnameVerifier(hnv);??
- ?????*?发送请求.?
- ?????*?@param?httpsUrl?
- ?????*????????????请求的地址?
- ?????*?@param?xmlStr?
- ?????*????????????请求的数据?
- ?????*/??
- ????void?post(String?httpsUrl,?String?xmlStr)?{??
- ????????HttpsURLConnection?urlCon?=?null;??
- try?{??
- ????????????urlCon?=?(HttpsURLConnection)?(new?URL(httpsUrl)).openConnection();??
- ????????????urlCon.setDoInput(true);??
- ????????????urlCon.setDoOutput(true);??
- ????????????urlCon.setRequestMethod("POST");??
- ????????????urlCon.setRequestProperty("Content-Length",108); list-style:decimal-leading-zero outside; color:inherit; line-height:18px; margin:0px!important; padding:0px 3px 0px 10px!important"> ????????????????????String.valueOf(xmlStr.getBytes().length));??
- ????????????urlCon.setUseCaches(false);??
- ??????????????
- ????????????urlCon.getOutputStream().write(xmlStr.getBytes("gbk"));??
- ????????????urlCon.getOutputStream().flush();??
- ????????????urlCon.getOutputStream().close();??
- ????????????BufferedReader?in?=?new?BufferedReader(new?InputStreamReader(??
- ????????????????????urlCon.getInputStream()));??
- ????????????String?line;??
- ????????????while?((line?=?in.readLine())?!=?null)?{??
- ????????????????System.out.println(line);??
- ????????????}??
- ????????}?catch?(MalformedURLException?e)?{??
- ????????????e.printStackTrace();??
- catch?(IOException?e)?{??
- catch?(Exception?e)?{??
- ????????}??
- ?????*?测试方法.?
- ?????*?@param?args?
- ?????*?@throws?Exception?
- void?main(String[]?args)?//?密码??
- ????????String?password?=?"123456";??
- //?密钥库??
- ????????String?keyStorePath?=?"tomcat.keystore";??
- //?信任库??
- ????????String?trustStorePath?=?"tomcat.keystore";??
- //?本地起的https服务??
- ????????String?httpsUrl?=?"https://localhost:8443/service/httpsPost";??
- //?传输文本??
- ????????String?xmlStr?=?"<?xml?version="1.0"?encoding="UTF-8"?><fruitShop><fruits><fruit><kind>萝卜</kind></fruit><fruit><kind>菠萝</kind></fruit></fruits></fruitShop>";??
- ????????HttpsPost.initHttpsURLConnection(password,0); background-color:inherit">//?发起请求??
- ????????HttpsPost.post(httpsUrl,?xmlStr);??
- }??
import?javax.net.ssl.HostnameVerifier;??
- import?javax.net.ssl.SSLSession;??
- ?*?实现用于主机名验证的基接口。??
- ?*?在握手期间,如果?URL?的主机名和服务器的标识主机名不匹配,则验证机制可以回调此接口的实现程序来确定是否应该允许此连接。?
- ?*/??
- class?MyHostnameVerifier?implements?HostnameVerifier?{??
- ????@Override??
- boolean?verify(String?hostname,?SSLSession?session)?{??
- if("localhost".equals(hostname)){??
- return?true;??
- else?{??
- false;??
- }??
接收请求的Web应用:
web.xml
<?xml?version="1.0"?encoding="UTF-8"?>??
- <web-app?version="2.5"???
- ????xmlns="http://java.sun.com/xml/ns/javaee"???
- ????xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"???
- ????xsi:schemaLocation="http://java.sun.com/xml/ns/javaee???
- ????http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">??
- ??servlet>??
- ????servlet-name>rollBack</ ????servlet-class ??servlet-mappingurl-pattern>/httpsPostwelcome-file-listwelcome-file>index.jspweb-app>??
rollBack servlet
import?java.io.IOException;??
- import?java.io.InputStreamReader;??
- import?javax.servlet.ServletException;??
- import?javax.servlet.ServletInputStream;??
- import?javax.servlet.http.HttpServlet;??
- import?javax.servlet.http.HttpServletRequest;??
- import?javax.servlet.http.HttpServletResponse;??
- class?rollBack?extends?HttpServlet?{??
- void?doGet(HttpServletRequest?request,?HttpServletResponse?response)??
- throws?ServletException,?IOException?{??
- //获取请求流??
- ????????ServletInputStream?sis?=?request.getInputStream();??
- ????????BufferedReader?in?=?new?InputStreamReader(sis));??
- ????????String?line;??
- if((line?=?in.readLine())?!=?null){??
- ????????????System.out.println(line);??
- ????????in.close();??
- void?doPost(HttpServletRequest?request,153); background-color:inherit; font-weight:bold">this.doGet(request,?response);??
- }??
(编辑:李大同)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|