我有一个关于我用 java 创建的桌面应用程序的问题,它位于登录部分。事实证明,我不知道如何进行安全登录,我通过套接字进行,但问题是它是一个公开的应用程序,所以我不知道如何在不使用SSL的情况下使用SSL套接字每个人的密码,这将是可破解的,你能帮我吗?我目前有此代码,可以在消息中的简单示例中查看它。
对于服务器
//static ServerSocket variable
private static ServerSocket server;
//socket server port on which it will listen
private static int port = 9876;
public static void main(String args[]) throws IOException, ClassNotFoundException{
//create the socket server object
server = new ServerSocket(port);
//keep listens indefinitely until receives 'exit' call or program terminates
while(true){
System.out.println("Waiting for the client request");
//creating socket and waiting for client connection
Socket socket = server.accept();
//read from socket to ObjectInputStream object
ObjectInputStream ois = new ObjectInputStream(socket.getInputStream());
//convert ObjectInputStream object to String
String message = (String) ois.readObject();
System.out.println("Message Received: " + message);
//create ObjectOutputStream object
ObjectOutputStream oos = new ObjectOutputStream(socket.getOutputStream());
//write object to Socket
oos.writeObject("Hi Client "+message);
//close resources
ois.close();
oos.close();
socket.close();
//terminate the server if client sends exit request
if(message.equalsIgnoreCase("exit")) break;
}
System.out.println("Shutting down Socket server!!");
//close the ServerSocket object
server.close();
}
}
对于客户
public static void main(String[] args) throws UnknownHostException, IOException, ClassNotFoundException, InterruptedException{
//get the localhost IP address, if server is running on some other IP, you need to use that
InetAddress host = InetAddress.getLocalHost();
Socket socket = null;
ObjectOutputStream oos = null;
ObjectInputStream ois = null;
for(int i=0; i<5;i++){
//establish socket connection to server
socket = new Socket(host.getHostName(), 9876);
//write to socket using ObjectOutputStream
oos = new ObjectOutputStream(socket.getOutputStream());
System.out.println("Sending request to Socket Server");
if(i==4)oos.writeObject("exit");
else oos.writeObject(""+i);
//read the server response message
ois = new ObjectInputStream(socket.getInputStream());
String message = (String) ois.readObject();
System.out.println("Message: " + message);
//close resources
ois.close();
oos.close();
Thread.sleep(100);
}
}
}
最佳答案
如果您想以这种方式处理 500 个客户端 - 忘记套接字并手动实现 TLS 处理。选择 Spring Boot 或类似的东西。 Make the server expose a REST endpoint to the world 。 Secure it with Spring Security to get the authentication you want 。 Then deploy your own certificates to protect the communication channel 。到底use the Springs RestTemplate so the client connects in a secure manner .
像上面那样编写临时代码可以让您快速进入网络通信,但会让下一步变得更加困难。
关于java - 安全连接Java Socket,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59236382/