java - 如何使用 ApacheConnector 在 Jersey 2 中选择密码套件?

标签 java apache ssl jersey

我使用 Jersey 2 作为客户端来访问使用 TLS 的 Web 服务。我想选择 TLS 使用的密码,但我不知道如何选择。我的代码:

ClientConfig clientConfig = new ClientConfig(); 
clientConfig.connectorProvider(new ApacheConnectorProvider()); 
SslConfigurator sslConfig = SslConfigurator.newInstance()
    .trustStoreFile("truststore.jks")
    .trustStorePassword("asdfgh")
    .keyStoreFile("keystore.jks")
    .keyPassword("asdfgh")
    .securityProtocol("TLS"); // there is no method to select cipher suites for SslConfigurator
clientConfig.property(ApacheClientProperties.SSL_CONFIG, sslContext);

Client client = ClientBuilder.newBuilder()
    .withConfig(clientConfig)
    .build();

最佳答案

我找到了解决方案:

HttpClientConnectionManager connectionManager = createConnectionManager(clientConfig, sslContext, getHostnameVerifier(), true);
clientConfig.property(ApacheClientProperties.CONNECTION_MANAGER, connectionManager);

我粗略地从 ApacheConnector 复制了以下方法来创建 ConnectionManager:

private HttpClientConnectionManager createConnectionManager(
        final Configuration config,
        SSLContext sslContext,
        X509HostnameVerifier hostnameVerifier,
        boolean useSystemProperties) {

    final String[] supportedProtocols = useSystemProperties ? StringUtils.split(
            System.getProperty("https.protocols")) : null;
    final String[] supportedCipherSuites = useSystemProperties ? StringUtils.split(
            System.getProperty("https.cipherSuites")) : null;

    if (hostnameVerifier == null) {
        hostnameVerifier = SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
    }

    LayeredConnectionSocketFactory sslSocketFactory;
    if (sslContext != null) {
        sslSocketFactory = new SSLConnectionSocketFactory(
                sslContext, supportedProtocols, supportedCipherSuites, hostnameVerifier);
    } else {
        if (useSystemProperties) {
            sslSocketFactory = new SSLConnectionSocketFactory(
                    (SSLSocketFactory) SSLSocketFactory.getDefault(),
                    supportedProtocols, supportedCipherSuites, hostnameVerifier);
        } else {
            sslSocketFactory = new SSLConnectionSocketFactory(
                    SSLContexts.createDefault(),
                    hostnameVerifier);
        }
    }

    final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
         .register("http", PlainConnectionSocketFactory.getSocketFactory())
         .register("https", sslSocketFactory)
         .build();

    final PoolingHttpClientConnectionManager connectionManager =
            new PoolingHttpClientConnectionManager(registry);

    if (useSystemProperties) {
        String s = System.getProperty("http.keepAlive", "true");
        if ("true".equalsIgnoreCase(s)) {
            s = System.getProperty("http.maxConnections", "5");
            final int max = Integer.parseInt(s);
            connectionManager.setDefaultMaxPerRoute(max);
            connectionManager.setMaxTotal(2 * max);
        }
    }

    return connectionManager;
}

关于java - 如何使用 ApacheConnector 在 Jersey 2 中选择密码套件?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/21034677/

上一篇:java - 带有 SHA-2 签名证书的 SunCertPathBuilderException

下一篇:asp.net - Firefox 和 IE 上的网站 SSL 内容问题

相关文章:

regex - .htaccess 如果在最后一个尾部斜线之前没有扩展名,则添加尾部斜线

apache - 将 Apache .htaccess 转换为 Nginx

sockets - Erlang套接字发送超时永远不会发生

java - 可以以编程方式格式化通过 stringBuffer.append() 附加的文本吗?

java - 单元测试未使用 Maven 运行

java - 从 Java Iterator 中随机跳过 'X' 百分比的单词

ssl - 使用 Kestrel 在 ASP.NET Core 中实现 SSL

java - 如何避免泛型警告

java - Apache POI 中的公式评估器

.NET - 是否可以使用 HttpListener 和 HttpWebRequest 代理 HTTPS 请求? (或者由于加密而不可能?)

©2024 IT工具网  联系我们