少年阿宾

那些青春的岁月
  BlogJava :: 首页 :: 联系 :: 聚合  :: 管理
  500 Posts :: 0 Stories :: 135 Comments :: 0 Trackbacks
HttpClient https双向验证
已经发布的准备要测试的https服务:
package com.abin.lee.https;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@SuppressWarnings("serial")
public class ReceiveHttpClientRequest extends HttpServlet {
public void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
System.out.println("receive https request");
Map map=request.getParameterMap();
String user=(((Object[])map.get("user"))[0]).toString();
System.out.println("user="+user);
String pwd=(((Object[])map.get("pwd"))[0]).toString();
System.out.println("pwd="+pwd);
//给调用者返回值
PrintWriter write=response.getWriter();
write.write("receive HttpClient success");
write.flush();
write.close();
}
}





//web.xml
<servlet>
<servlet-name>httpsClientRequest</servlet-name>
<servlet-class>com.abin.lee.https.ReceiveHttpClientRequest</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>httpsClientRequest</servlet-name>
<url-pattern>/httpsClientRequest</url-pattern>
</servlet-mapping>




//HttpClient测试类
package com.abin.lee.test;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import junit.framework.TestCase;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.protocol.HTTP;
import org.junit.Before;
import org.junit.Test;
public class HttpsClient extends TestCase {
private String httpUrl = "https://localhost:8443/global/httpsClientRequest";
// 客户端密钥库
private String sslKeyStorePath;
private String sslKeyStorePassword;
private String sslKeyStoreType;
// 客户端信任的证书
private String sslTrustStore;
private String sslTrustStorePassword;
@Before
public void setUp() {
sslKeyStorePath = "D:\\home\\tomcat.keystore";
sslKeyStorePassword = "stevenjohn";
sslKeyStoreType = "JKS"; // 密钥库类型,有JKS PKCS12等
sslTrustStore = "D:\\home\\tomcat.keystore";
sslTrustStorePassword = "stevenjohn";
System.setProperty("javax.net.ssl.keyStore", sslKeyStorePath);
System.setProperty("javax.net.ssl.keyStorePassword",
sslKeyStorePassword);
System.setProperty("javax.net.ssl.keyStoreType", sslKeyStoreType);
// 设置系统参数
System.setProperty("javax.net.ssl.trustStore", sslTrustStore);
System.setProperty("javax.net.ssl.trustStorePassword",
sslTrustStorePassword);
}
@Test
public void testHttpsClient() {
SSLContext sslContext = null;
try {
KeyStore kstore = KeyStore.getInstance("jks");
kstore.load(new FileInputStream(sslKeyStorePath),
sslKeyStorePassword.toCharArray());
KeyManagerFactory keyFactory = KeyManagerFactory
.getInstance("sunx509");
keyFactory.init(kstore, sslKeyStorePassword.toCharArray());
KeyStore tstore = KeyStore.getInstance("jks");
tstore.load(new FileInputStream(sslTrustStore),
sslTrustStorePassword.toCharArray());
TrustManager[] tm;
TrustManagerFactory tmf = TrustManagerFactory
.getInstance("sunx509");
tmf.init(tstore);
tm = tmf.getTrustManagers();
sslContext = SSLContext.getInstance("SSL");
sslContext.init(keyFactory.getKeyManagers(), tm, null);
} catch (Exception e) {
e.printStackTrace();
}
try {
HttpClient httpClient = new DefaultHttpClient();
SSLSocketFactory socketFactory = new SSLSocketFactory(sslContext);
Scheme sch = new Scheme("https", 8443, socketFactory);
httpClient.getConnectionManager().getSchemeRegistry().register(sch);
HttpPost httpPost = new HttpPost(httpUrl);
List<NameValuePair> nvps = new ArrayList<NameValuePair>();
nvps.add(new BasicNameValuePair("user", "abin"));
nvps.add(new BasicNameValuePair("pwd", "abing"));
httpPost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
HttpResponse httpResponse = httpClient.execute(httpPost);
String spt = System.getProperty("line.separator"); 
BufferedReader buffer = new BufferedReader(new InputStreamReader(
httpResponse.getEntity().getContent()));
StringBuffer stb=new StringBuffer();
String line=null;
while((line=buffer.readLine())!=null){
stb.append(line);
}
buffer.close();
String result=stb.toString();
System.out.println("result="+result);
} catch (Exception e) {
e.printStackTrace();
}
}
}







//tomcat配置文件:(前提是https双向验证证书生成的没有一点问题)

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
  SSLEnabled="true" maxThreads="150" scheme="https"
  secure="true" clientAuth="true" sslProtocol="TLS"
  keystoreFile="D:\\home\\tomcat.keystore" keystorePass="stevenjohn"
  truststoreFile="D:\\home\\tomcat.keystore" truststorePass="stevenjohn" />



posted on 2012-09-27 00:11 abin 阅读(3175) 评论(0)  编辑  收藏 所属分类: HTTPS

只有注册用户登录后才能发表评论。
网站导航: