ceruleaner
2009-07-13 12:51 阅读 731
已采纳

client调用多个不同的基于HTTPS的webservices时,System.setProperty(javax.net.ssl.XXX)不起作用?

在同一个web应用里,
作为client访问基于HTTPS的webservices,client这边通过设置以下系统参数,是可以成功的,
System.setProperty("javax.net.ssl.keyStore", keystoreFile);
System.setProperty("javax.net.ssl.keyStorePassword",keystorePassword);
System.setProperty("javax.net.ssl.trustStore", truststoreFile);
System.setProperty("javax.net.ssl.trustStorePassword",truststorePassword);

但是,现在clinet还要访问另外一个也是基于HTTPS的web services,当然证书是不一样的,
这时client能再次设置这些系统参数为另外的值么?访问能成功么?

找到之前的一个相关的帖子,好像没有结论?http://www.iteye.com/problems/9652

多谢! :)
[b]问题补充:[/b]
注释掉第一次的调用,第二次的调用是成功的,所以相关参数肯定是设置对了。
但是只要运行两次调用(调不同的webservice),即使中间clearProperty,还是不行。
还尝试过颠倒两次调用的顺序,结果也总是第二次的调用不成功。 :(
[b]问题补充:[/b]
to pJun,System.getProperty的结果是第二次设置的值。thx
[b]问题补充:[/b]
是不是不应该采取这种设置系统参数的方式啊?
有其他方法么? 8)
[b]问题补充:[/b]
HTTPClient能不能动态的设置keystore/keystorepasswd/truststore/truststorepasswd呢? :wink:
[b]问题补充:[/b]
换了一种方式,使用了http://hc.apache.org/httpclient-3.x/sslguide.html里提供的AuthSSLProtocolSocketFactory

调用的代码也是按照其注释写的,但是感觉只是调用了一下构造函数,并没有实质的动作,调用结果也是失败的:PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

下面是代码:
[code="java"]
HttpClient client = new HttpClient(new MultiThreadedHttpConnectionManager());
client.getHttpConnectionManager().getParams().setSoTimeout(3000);
client.getHttpConnectionManager().getParams().setMaxTotalConnections(5);
Protocol authhttps = null;
try {
authhttps = new Protocol(
"https",
new AuthSSLProtocolSocketFactory(
new URL(
"file:/C:/Documents and Settings/test/Desktop/tmp/keystore"),
"mypasswd",
new URL(
"file:/C:/Documents and Settings/test/Desktop/tmp/truststore"),
"mypasswd"), 7743);
} catch (MalformedURLException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
client.getHostConfiguration().setHost(wsHost,wsPort, authhttps);
DefaultHttpMethodRetryHandler retryhandler = new DefaultHttpMethodRetryHandler(
recoverTimes, true);
client.getParams().setParameter(HttpMethodParams.RETRY_HANDLER,
retryhandler);
PostMethod post = new PostMethod(wsURL);
RequestEntity entity = new StringRequestEntity(requestXML, "text/xml",
"UTF-8");
post.setRequestEntity(entity);
HttpClientResponse httpClientResponse = null;
try {
int result = client.executeMethod(post);
logger.log(Level.INFO, "result ="+ result);
String responseXML = post.getResponseBodyAsString();
} catch (Exception ex) {
logger.warning(ex.toString());
return;
} finally {
post.releaseConnection();
}[/code]

JDK1.5
[b]问题补充:[/b]
To lovewhzlq ,
//和///都试了一下,错误还是一样。 :x
[b]问题补充:[/b]
最初重复设置两次系统参数时,也是抛这种类型的异常…… :?
[b]问题补充:[/b]
To pJun, 3个斜杠试过了,也不行。

是必须调用注册么? Protocol.registerProtocol("https", authhttps);
注不注册有区别么?
我再试试不用URL表示本地文件路径吧。。。。也许就能找到文件了。
[b]问题补充:[/b]
需要调用registerProtocol,否则AuthSSLProtocolSocketFactory不起作用。谢谢大家。

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

9条回答 默认 最新

  • 已采纳
    wanghaolovezlq wanghaolovezlq 2009-07-13 14:56
    点赞 评论 复制链接分享
  • wanghaolovezlq wanghaolovezlq 2009-07-13 12:54

    你应该是可以新建一个Properties对象,然后设置这些参数,再传给环境变量

    点赞 评论 复制链接分享
  • pjuneye pjuneye 2009-07-13 13:20

    问题貌似就是第二次System.setProperty()时没有设置成功,与客户端访问https的webservices没有什么关系.
    我觉得先要确认下如下结果.
    第二次设置后: System.getProperty()的结果是否是第二次设置的值.
    可以做一个尝试:
    如果没有设置上,在System.setProperty前先调用下System.clearProperty()在试试看是否有效.
    不知LZ是否确认过,请尝试之.再更新结果,再来看看问题是否还在. 希望能有用.

    点赞 评论 复制链接分享
  • pjuneye pjuneye 2009-07-13 14:19

    [quote]
    我觉得先要确认下如下结果.
    第二次设置后: System.getProperty()的结果是否是第二次设置的值.
    [/quote]
    我的意思可能LZ没有能理解,我是想LZ确认下,第二次设置后System里面的值是否是第二次设置的结果,还是第二次设置结束后还是第一次设置的结果.
    像这样:
    [code="java"]
    public class ProTest {
    public static void main(String[] args) {
    String old= System.setProperty("path.separator", "--");
    String first = System.getProperty("path.separator");
    String first2 = System.setProperty("path.separator", "+++");
    String second = System.getProperty("path.separator");

        System.out.println("old:"+old);
        System.out.println("first:"+first);
        System.out.println("first2:"+first2);
        System.out.println("second:"+second);
    }
    

    }
    [/code]
    在LZ的环境下确认这个结果.

    点赞 评论 复制链接分享
  • wanghaolovezlq wanghaolovezlq 2009-07-13 14:47

    本来就不应该采用这种方式,系统参数是全局性的,会影响所有的调用

    你应该是每次新建一个Properties对象,然后设置这些参数,再传给环境变量

    一定有相应的设置方法

    点赞 评论 复制链接分享
  • pjuneye pjuneye 2009-07-13 15:13

    没看到你写的调用代码,只能在这里胡猜了哦. :(

    [quote]http://www.iteye.com/problems/9652 [/quote]
    看这里的点点代码,估计还是Service创建的时候有问题.
    [quote]

    Service service = new Service();

    Call call = (Call)service.createCall();

    [/quote]
    或许就只能获得某个默认的Service,比如你们配置的A.
    换个确定的实例化方法试试看,我看API里面有不少构造器来的.

    [code="java"]
    Constructor Summary
    Service()
    Constructs a new Service object - this assumes the caller will set the appropriate fields by hand rather than getting them from the WSDL.
    Service(EngineConfiguration config)
    Constructs a new Service object as above, but also passing in the EngineConfiguration which should be used to set up the AxisClient.
    Service(EngineConfiguration engineConfiguration, AxisClient axisClient)
    Constructs a Service using the supplied configuration and engine directly.
    Service(java.io.InputStream wsdlInputStream, QName serviceName)
    Constructs a new Service object for the service in the WSDL document in the wsdlInputStream and serviceName parameters.
    Service(Parser parser, QName serviceName)
    Constructs a new Service object for the service in the WSDL document
    Service(QName serviceName)
    Constructs a new Service object - this assumes the caller will set the appropriate fields by hand rather than getting them from the WSDL.
    Service(java.lang.String wsdlLocation, QName serviceName)
    Constructs a new Service object for the service in the WSDL document pointed to by the wsdlLocation and serviceName parameters.
    Service(java.net.URL wsdlDoc, QName serviceName)
    Constructs a new Service object for the service in the WSDL document pointed to by the wsdlDoc URL and serviceName parameters.
    [/code]
    试试看看喽. :(

    点赞 评论 复制链接分享
  • wanghaolovezlq wanghaolovezlq 2009-07-13 16:51

    new AuthSSLProtocolSocketFactory(

    new URL(

    "[color=red]file://C:/[/color]Documents and Settings/test/Desktop/tmp/keystore"),

    "mypasswd",

    new URL(

    "file://C:/Documents and Settings/test/Desktop/tmp/truststore"),

    "mypasswd"), 7743);

    这个写错了吧,好像是"//"还是"///",有点忘了,自己试一下吧

    点赞 评论 复制链接分享
  • wanghaolovezlq wanghaolovezlq 2009-07-13 16:56

    unable to find valid certification path to requested target

    这个异常信息应该很明显说,不能找到有效的证书路径

    点赞 评论 复制链接分享
  • pjuneye pjuneye 2009-07-13 17:04

    file:///C:/***

    三个反斜杠的哦!

    点赞 评论 复制链接分享

相关推荐