springboot RestTemplate,訪問https實現SSL請求
1、RestTemplate 簡介
Spring RestTemplate是Spring提供的用於訪問Rest服務的客戶端,RestTemplate 提供了多種便捷訪問遠程Http服務的方法,可以大大提升客戶端的編寫效率.html
RestTemplate包含如下幾個部分:java
- HttpMessageConverter 對象轉換器:將請求對象轉換爲具體的數據格式輸出,例
入:Jaxb2RootElementHttpMessageConverterket提供對xml格式的輸入輸出支持 - ClientHttpRequestFactory HTTP請求工廠,默認是JDK的HttpURLConnection,
能夠經過使用ClientHttpRequestFactory指定不一樣的HTTP請求方式 - ResponseErrorHandler 異常錯誤處理
- ClientHttpRequestInterceptor 請求攔截器
RestTemplate經過HttpEntity添加消息headers web
2、springboot 經過RestTemplate實現https訪問spring
import java.io.InputStream;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpHost;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.MediaType;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.http.converter.json.GsonHttpMessageConverter;
import org.springframework.http.converter.xml.Jaxb2RootElementHttpMessageConverter;
import org.springframework.web.client.RestTemplate;
/**
* service相關配置
*
* @date 2017年3月1日
* @since 1.0.0
*/
@Configuration
public class ServiceConfigConfiguration {
@Autowired
sslProperties sslProperties ;
/**
* 訪問SSL的Template
*
* @throws Exception
*/
@Bean("sslRestTemplate")
@Conditional(sslCondition.class)
public RestTemplate tmsRestTemplate() throws Exception {
//新建RestTemplate對象
RestTemplate restTemplate = new RestTemplate();
//判斷證書文件地址是否存在
if (StringUtils.isNotEmpty(sslProperties.getKeyfile())) {
//在握手期間,若是URL的主機名和服務器的標識主機名不匹配,則驗證機制能夠回調此接口的實現
程序來肯定是否應該容許此鏈接
HostnameVerifier hv = new HostnameVerifier() {
@Override
public boolean verify(String urlHostName, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
//構建SSL-Socket連接工廠
SSLConnectionSocketFactory ssLSocketFactory = buildSSLSocketFactory("PKCS12",
sslProperties.getKeyfile(),sslProperties.getPassword(),
Lists.newArrayList("TLSv1"), true);
//Spring提供HttpComponentsClientHttpRequestFactory指定使用HttpClient做爲底層實現建立 HTTP請求
HttpComponentsClientHttpRequestFactory httpRequestFactory = new HttpComponentsClientHttpRequestFactory(
HttpClients.custom().setSSLSocketFactory(ssLSocketFactory).build()
);
//設置傳遞數據超時時長
httpRequestFactory.setReadTimeout(sslProperties.getTimeout());
//設置創建鏈接超時時長
httpRequestFactory.setConnectTimeout(sslProperties.getTimeout());
//設置獲取鏈接超時時長
httpRequestFactory.setConnectionRequestTimeout(tmsProperties.getTimeout());
restTemplate.setRequestFactory(httpRequestFactory);
// 返回消息頭也是text_html,消息格式是XML,添加新的message converter
Jaxb2RootElementHttpMessageConverter messageConverter = new Jaxb2RootElementHttpMessageConverter();
//設置message Converter支持的媒體類型
List<MediaType> finalMediaTypes = new ArrayList<>();
finalMediaTypes.addAll(messageConverter.getSupportedMediaTypes());
finalMediaTypes.add(MediaType.TEXT_HTML);
messageConverter.setSupportedMediaTypes(finalMediaTypes);
restTemplate.setMessageConverters(Lists.newArrayList(messageConverter));
}
return restTemplate;
}
/**
* 構建SSLSocketFactory
*
* @param keyStoreType
* @param keyFilePath
* @param keyPassword
* @param sslProtocols
* @param auth 是否須要client默認相信不安全證書
* @return
* @throws Exception
*/
private SSLConnectionSocketFactory buildSSLSocketFactory(String keyStoreType, String keyFilePath,
String keyPassword, List<String> sslProtocols, boolean auth) throws Exception {
//證書管理器,指定證書及證書類型
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
//KeyStore用於存放證書,建立對象時 指定交換數字證書的加密標準
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
InputStream inputStream = resourcePatternResolver.getResource(keyFilePath).getInputStream();
try {
//添加證書
keyStore.load(inputStream, keyPassword.toCharArray());
} finally {
inputStream.close();
}
keyManagerFactory.init(keyStore, keyPassword.toCharArray());
SSLContext sslContext = SSLContext.getInstance("SSL");
if (auth) {
// 設置信任證書(繞過TrustStore驗證)
TrustManager[] trustAllCerts = new TrustManager[1];
TrustManager trustManager = new AuthX509TrustManager();
trustAllCerts[0] = trustManager;
sslContext.init(keyManagerFactory.getKeyManagers(), trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
} else {
//加載證書材料,構建sslContext
sslContext = SSLContexts.custom().loadKeyMaterial(keyStore, keyPassword.toCharArray()).build();
}
SSLConnectionSocketFactory sslConnectionSocketFactory =
new SSLConnectionSocketFactory(sslContext, sslProtocols.toArray(new String[sslProtocols.size()]),
null,
new HostnameVerifier() {
// 這裏不校驗hostname
@Override
public boolean verify(String urlHostName, SSLSession session) {
return true;
}
});
return sslConnectionSocketFactory;
}
}
AuthX509TrustManager 證書信任管理器類就是實現了接口X509TrustManager的類。能夠本身實現該接口,信任咱們指定的證書apache
public class AuthX509TrustManager implements javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
}
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
}
}
相關文章
- 1. springboot 配置ssl 實現https訪問
- 2. Springboot 配置 ssl 實現HTTPS 請求 & Tomcat配置SSL支持https請求
- 3. Spring RestTemplate SSL請求
- 4. restTemplate訪問https
- 5. RestTemplate發送HTTP、HTTPS請求
- 6. SpringBoot SSL實現Https
- 7. springboot實現https訪問
- 8. Spring Boot配置SSL實現https請求
- 9. Nginx配置SSL實現HTTPS訪問
- 10. Tableau Server 配置SSL實現HTTPS訪問
- 更多相關文章...
- • HTTP 請求方法 - HTTP 教程
- • Swift 訪問控制 - Swift 教程
- • ☆基於Java Instrument的Agent實現
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. python的安裝和Hello,World編寫
- 2. 重磅解讀:K8s Cluster Autoscaler模塊及對應華爲雲插件Deep Dive
- 3. 鴻蒙學習筆記2(永不斷更)
- 4. static關鍵字 和構造代碼塊
- 5. JVM筆記
- 6. 無法啓動 C/C++ 語言服務器。IntelliSense 功能將被禁用。錯誤: Missing binary at c:\Users\MSI-NB\.vscode\extensions\ms-vsc
- 7. 【Hive】Hive返回碼狀態含義
- 8. Java樹形結構遞歸(以時間換空間)和非遞歸(以空間換時間)
- 9. 數據預處理---缺失值
- 10. 都要2021年了,現代C++有什麼值得我們學習的?
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. springboot 配置ssl 實現https訪問
- 2. Springboot 配置 ssl 實現HTTPS 請求 & Tomcat配置SSL支持https請求
- 3. Spring RestTemplate SSL請求
- 4. restTemplate訪問https
- 5. RestTemplate發送HTTP、HTTPS請求
- 6. SpringBoot SSL實現Https
- 7. springboot實現https訪問
- 8. Spring Boot配置SSL實現https請求
- 9. Nginx配置SSL實現HTTPS訪問
- 10. Tableau Server 配置SSL實現HTTPS訪問