我正在尝试使用 org.apache.ws.security.components.crypto.CryptoFactory< 获取
特别是 org.apache.ws.security.components.crypto.Merlin
的实例CryptoFactory.getInstance(properties)
方法。
这会一直抛出
java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin 无法创建实例
最终是由于
java.security.UnrecoverableKeyException: 密码验证失败
keystore 文件中的密码已通过命令行中的 keytool 检查正确。
keystore 是通过以下过程生成的:
在eclipse项目的根目录下。
测试应用如下:
public class App {
public static void main(String[] args) throws CredentialException,
IOException {
System.out.println("Starting");
Properties p = new Properties();
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
"password");
p.setProperty("org.apache.ws.security.crypto.provider",
"org.apache.ws.security.components.crypto.Merlin");
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.type",
"jks");
p.setProperty("org.apache.ws.security.crypto.merlin.file", "./testkeystore.jks");
Crypto crypto = CryptoFactory.getInstance(p);
System.out.println(" Complete ");
}
}
并生成以下异常:
Exception in thread "main" java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin cannot create instance
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:225)
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:180)
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:73)
at com.restart.test.cryptotest2.App.main(App.java:22)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:211)
... 3 more
Caused by: org.apache.ws.security.components.crypto.CredentialException: Failed to load credentials.
at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:174)
at org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractCrypto.java:135)
at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:71)
... 8 more
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
at java.security.KeyStore.load(KeyStore.java:1214)
at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:168)
... 10 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
... 13 more
cmd 窗口中显示的密码设置为“password”,但应用程序拒绝了所有帐户,我可以使用 keytool -storepasswd
更改密码,没有任何问题,所以我知道我提供的密码是正确的;谁能建议这里可能出了什么问题?我已经尝试调试了整整一天,但没有成功。
如果我可以提供任何其他信息,请告诉我。
编辑--
构建此测试需要以下 Maven 依赖项:
<dependency>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
<version>1.5.8</version>
<scope>provided</scope>
</dependency>
最佳答案
在阅读了用户的评论后,我针对不同版本的 JDK/JRE 构建了它并且它工作了,在下载了 rt.java 的源代码并逐步完成之后,我发现 CryptoBase 类正在实例化两个 JavaKeyStores,第一个(作为我的 .jks 文件)实例化很好,但第二个是 jre\lib\security>
中的 cacerts
keystore ,它没有 changeit 的默认密码
导致失败;
我现在已经更改了 jre keystore 的密码,并且我在原来的 jre/jdk 中工作正常。
关于java - 从文件实例化 JavaKeyStore 时遇到问题,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16240679/