在使用Web Service的时候,在很多情况下会要求我们发布ssl的web service,此时如果web service是作为一个war包部署在tomcat之类的web容器中的时候,我们可以通过修改tomcat的配置来比较容易的部署发布成ssl的 web service的,当对于独立运行的程序来书,此时发布web service是需要一些操作的,下面看看在CXF中怎样发布并调用SSL的Web Service。
1. 首先是一个pojo的实体类
- package com.googlecode.garbagecan.cxfstudy.ssl;
- public class User {
- private String id;
- private String name;
- private String password;
- public String getId() {
- return id;
- }
- public void setId(String id) {
- this.id = id;
- }
- public String getName() {
- return name;
- }
- public void setName(String name) {
- this.name = name;
- }
- public String getPassword() {
- return password;
- }
- public void setPassword(String password) {
- this.password = password;
- }
- }
2. 下面是Web Service的接口和实现类,这两个类和前面文章中介绍的没什么区别
- package com.googlecode.garbagecan.cxfstudy.ssl;
- import java.util.List;
- import javax.jws.WebMethod;
- import javax.jws.WebResult;
- import javax.jws.WebService;
- @WebService
- public interface UserService {
- @WebMethod
- @WebResult List<User> list();
- }
- package com.googlecode.garbagecan.cxfstudy.ssl;
- import java.util.ArrayList;
- import java.util.List;
- public class UserServiceImpl implements UserService {
- public List<User> list() {
- List<User> users = new ArrayList<User>();
- for (int i = 0; i < 10; i++) {
- User user = new User();
- user.setId("" + i);
- user.setName("user_" + i);
- user.setPassword("password_" + i);
- users.add(user);
- }
- return users;
- }
- }
3. 下面看看Server端代码
- package com.googlecode.garbagecan.cxfstudy.ssl;
- import java.io.File;
- import java.io.FileInputStream;
- import java.security.KeyStore;
- import javax.net.ssl.KeyManager;
- import javax.net.ssl.KeyManagerFactory;
- import javax.net.ssl.TrustManager;
- import javax.net.ssl.TrustManagerFactory;
- import org.apache.cxf.configuration.jsse.TLSServerParameters;
- import org.apache.cxf.configuration.security.ClientAuthentication;
- import org.apache.cxf.configuration.security.FiltersType;
- import org.apache.cxf.endpoint.Server;
- import org.apache.cxf.jaxws.JaxWsServerFactoryBean;
- import org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory;
- public class MyServer {
- private static final int port = 12345;
- private static final String address = "https://0.0.0.0:"+port+"/ws/ssl/userService";
- public static void main(String[] args) throws Exception {
- System.out.println("Starting Server");
- configureSSLOnTheServer();
- JaxWsServerFactoryBean factoryBean = new JaxWsServerFactoryBean();
- factoryBean.setServiceClass(UserServiceImpl.class);
- factoryBean.setAddress(address);
- Server server = factoryBean.create();
- String endpoint = server.getEndpoint().getEndpointInfo().getAddress();
- System.out.println("Server started at " + endpoint);
- }
- public static void configureSSLOnTheServer() {
- File file = new File(MyServer.class.getResource("/com/googlecode/garbagecan/cxfstudy/ssl/test.jks").getFile());
- try {
- TLSServerParameters tlsParams = new TLSServerParameters();
- KeyStore keyStore = KeyStore.getInstance("JKS");
- String password = "mypassword";
- String storePassword = "mypassword";
- keyStore.load(new FileInputStream(file), storePassword.toCharArray());
- KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
- keyFactory.init(keyStore, password.toCharArray());
- KeyManager[] keyManagers = keyFactory.getKeyManagers();
- tlsParams.setKeyManagers(keyManagers);
- keyStore.load(new FileInputStream(file), storePassword.toCharArray());
- TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- trustFactory.init(keyStore);
- TrustManager[] trustManagers = trustFactory.getTrustManagers();
- tlsParams.setTrustManagers(trustManagers);
- FiltersType filtersTypes = new FiltersType();
- filtersTypes.getInclude().add(".*_EXPORT_.*");
- filtersTypes.getInclude().add(".*_EXPORT1024_.*");
- filtersTypes.getInclude().add(".*_WITH_DES_.*");
- filtersTypes.getInclude().add(".*_WITH_NULL_.*");
- filtersTypes.getExclude().add(".*_DH_anon_.*");
- tlsParams.setCipherSuitesFilter(filtersTypes);
- ClientAuthentication ca = new ClientAuthentication();
- ca.setRequired(true);
- ca.setWant(true);
- tlsParams.setClientAuthentication(ca);
- JettyHTTPServerEngineFactory factory = new JettyHTTPServerEngineFactory();
- factory.setTLSServerParametersForPort(port, tlsParams);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- }
4. 下面看看Client端代码
- package com.googlecode.garbagecan.cxfstudy.ssl;
- import java.io.File;
- import java.io.FileInputStream;
- import java.security.KeyStore;
- import javax.net.ssl.KeyManager;
- import javax.net.ssl.KeyManagerFactory;
- import javax.net.ssl.TrustManager;
- import javax.net.ssl.TrustManagerFactory;
- import org.apache.cxf.configuration.jsse.TLSClientParameters;
- import org.apache.cxf.configuration.security.FiltersType;
- import org.apache.cxf.endpoint.Client;
- import org.apache.cxf.frontend.ClientProxy;
- import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
- import org.apache.cxf.transport.http.HTTPConduit;
- public class MyClient {
- private static final String address = "https://localhost:12345/ws/ssl/userService";
- public static void main(String[] args) throws Exception {
- JaxWsProxyFactoryBean factoryBean = new JaxWsProxyFactoryBean();
- factoryBean.setAddress(address);
- factoryBean.setServiceClass(UserService.class);
- Object obj = factoryBean.create();
- UserService userService = (UserService) obj;
- configureSSLOnTheClient(userService);
- System.out.println(userService.list());
- }
- private static void configureSSLOnTheClient(Object obj) {
- File file = new File(MyServer.class.getResource("/com/googlecode/garbagecan/cxfstudy/ssl/test.jks").getFile());
- Client client = ClientProxy.getClient(obj);
- HTTPConduit httpConduit = (HTTPConduit) client.getConduit();
- try {
- TLSClientParameters tlsParams = new TLSClientParameters();
- tlsParams.setDisableCNCheck(true);
- KeyStore keyStore = KeyStore.getInstance("JKS");
- String password = "mypassword";
- String storePassword = "mypassword";
- keyStore.load(new FileInputStream(file), storePassword.toCharArray());
- TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- trustFactory.init(keyStore);
- TrustManager[] trustManagers = trustFactory.getTrustManagers();
- tlsParams.setTrustManagers(trustManagers);
- keyStore.load(new FileInputStream(file), storePassword.toCharArray());
- KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
- keyFactory.init(keyStore, password.toCharArray());
- KeyManager[] keyManagers = keyFactory.getKeyManagers();
- tlsParams.setKeyManagers(keyManagers);
- FiltersType filtersTypes = new FiltersType();
- filtersTypes.getInclude().add(".*_EXPORT_.*");
- filtersTypes.getInclude().add(".*_EXPORT1024_.*");
- filtersTypes.getInclude().add(".*_WITH_DES_.*");
- filtersTypes.getInclude().add(".*_WITH_NULL_.*");
- filtersTypes.getExclude().add(".*_DH_anon_.*");
- tlsParams.setCipherSuitesFilter(filtersTypes);
- httpConduit.setTlsClientParameters(tlsParams);
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- }
5. 我们需要手动生成jks文件,并将其放在maven工程resources的/com/googlecode/garbagecan/cxfstudy/ssl/目录下,下面是手动生成时使用的命令
- keytool -genkey -alias test -keyalg RSA -keypass mypassword -storepass mypassword -dname "CN=, OU=, O=, L=, ST=, C=" -validity 3650 -keystore test.jks
6. 最后我们可以通过启动MyServer和MyClient来验证我们的测试。
相关推荐
【标题】中的"Apache CXF Web Service Development"指的是使用Apache CXF框架进行Web服务开发的过程。这通常包括了创建服务接口、实现服务逻辑、配置服务端点、以及发布和调用服务等步骤。源码部分可能包含了示例...
**实战Web Service与Apache CXF开发** Web服务是一种在互联网上进行通信的标准协议,它允许应用程序之间进行数据交换。Apache CXF是一个开源框架,用于构建和部署Web服务,支持多种Web服务标准,如SOAP、RESTful ...
"Apache CXF开发Web Service - 开发Web Service之Kick Start"的主题意味着我们将深入探讨如何快速入门使用CXF进行Web服务开发。 首先,我们来看一下CXF的主要功能。CXF支持多种Web服务规范,如SOAP、RESTful(基于...
9. **cxf-rt-transports-jms-2.7.12.jar**: JMS(Java Message Service)传输模块,提供了使用JMS作为Web服务传输机制的能力,这对于分布式系统和异步通信很有价值。 10. **cxf-rt-databinding-jaxb-2.7.12.jar**: ...
实战Web Service 之 CXF 实战Web Service 之 CXF
在本话题中,我们将关注Apache CXF与Spring框架的集成,以及如何使用Aegis数据绑定来发布Web Services。 Spring是一个流行的Java企业级应用框架,它提供了丰富的功能,包括依赖注入、事务管理、数据访问等。Apache ...
### Apache CXF Web Service 开发相关知识点 #### 一、Apache CXF简介 Apache CXF 是一个开源项目,提供了一套强大的框架用于构建和开发基于Java的Web服务。它支持多种协议,包括SOAP和REST,并且能够很好地与其他...
Apache CXF = Celtix + XFire,Apache CXF 的前身叫 Apache ...WSDL 优先(WSDL First)来轻松地实现 Web Services 的发布和使用。Apache CXF已经是一个正式的Apache顶级项目。 Apache CXF 是一个开源的 Services 框架
详细的从入门到精通, 手把手的教你做WEB SERVICE 该资源借花献佛,是一个高手写的,我在这里借花献佛,推广推广,让大家多一个学习的机会,吃水不忘挖井人,轻大家也谢谢写该文档的高手
Apache CXF 是一款广泛使用的开源框架,主要用于构建和部署高质量的Web服务。它以其灵活性、易用性和强大的功能集而闻名。"apache-cxf-3.5.0.zip" 文件包含了CXF框架的3.5.0版本,该版本可能包含了一些新特性、改进...
Apache CXF 框架是一个比较有前途的开源 Web Services 框架,也是构建 SOA 架构应用的利器。本书采用案例源码和解说形式全面...最后,本书还描述了 Apache CXF 的工具、配置、调试、日志、部署和发布等使用的相关内容。
本文将深入探讨Apache CXF的Code-First开发模式,以及如何使用此框架来创建和理解Web服务。 首先,我们需要了解CXF的Code-First工作流程。在Code-First中,我们从编写Java类开始,这些类定义了服务的业务逻辑。CXF...