我正在尝试与外部 Web 服务集成,它使用带有 TLS 1.0 协议(protocol)的证书。
我已尝试设置 -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2,SSLv3
,但出站网关仍然使用 TLSv1.2
。如果我只是将选项限制为 TLSv1
,它就可以正常工作,但我无法这样做,因为我正在集成到许多外部服务。
如何在出站网关本身上设置协议(protocol)?
我尝试使用此代码执行此操作,但遇到异常:
SimpleWebServiceOutboundGateway handler = new SimpleWebServiceOutboundGateway(url);
HttpComponentsMessageSender sender = new HttpComponentsMessageSender();
SSLContext sslContext = SSLContext.getDefault();
sslContext.getDefaultSSLParameters().setProtocols(new String[]{"TLSv1"});
CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(sslContext).build();
sender.setHttpClient(httpClient);
handler.setMessageSender(sender);
异常(exception):
Caused by: org.apache.http.client.ClientProtocolException: null
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:186)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
at org.springframework.ws.transport.http.HttpComponentsConnection.onSendAfterWrite(HttpComponentsConnection.java:121)
at org.springframework.ws.transport.AbstractWebServiceConnection.send(AbstractWebServiceConnection.java:48)
at org.springframework.ws.client.core.WebServiceTemplate.sendRequest(WebServiceTemplate.java:658)
at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:606)
at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:555)
... 91 common frames omitted
Caused by: org.apache.http.ProtocolException: Content-Length header already present
at org.apache.http.protocol.RequestContent.process(RequestContent.java:97)
at org.apache.http.protocol.ImmutableHttpProcessor.process(ImmutableHttpProcessor.java:133)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:182)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
... 99 common frames omitted
最佳答案
我查看了 HttpComponentsMessengerSender 的相关文档,发现 HttpComponentsMessageSender.RemoveSoapHeadersInterceptor
HttpClient HttpRequestInterceptor implementation that removes Content-Length and Transfer-Encoding headers from the request. Necessary, because some SAAJ and other SOAP implementations set these headers themselves, and HttpClient throws an exception if they have been set.
解决方案是将其添加到HttpComponentsMessengerSender
的拦截器中。
发送者的最终版本是:
SSLContext sslContext = SSLContexts.custom().useProtocol("TLSv1").build();
CloseableHttpClient httpClient = HttpClients.custom()
.setSSLContext(sslContext)
.addInterceptorFirst(new
HttpComponentsMessageSender.RemoveSoapHeadersInterceptor())
.build();
HttpComponentsMessageSender sender = new HttpComponentsMessageSender(httpClient);
关于java - Spring 集成: Force Webservice Outbound Gateway to Use TLSv1,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47409041/