java-使用HTTPS进行基本身份验证
内容导读
互联网集市收集整理的这篇技术教程文章主要介绍了java-使用HTTPS进行基本身份验证,小编现在分享给大家,供广大互联网技能从业者学习和参考。文章包含4993字,纯文字阅读大概需要8分钟。
内容图文
我目前正在尝试使用HTTP和HTTPS访问URL.我尝试访问的URL需要基本身份验证.使用HTTP可以正常工作,但是使用HTTPS则不能.我不确定是否需要使用HTTPS添加其他内容.该URL应该返回给我的是键值格式的文本,可以将其加载到Properties Object中.
这是到目前为止我尝试过的代码.
if (cpUrl.getProtocol().equals("https")) {
out.println("https", 0);
HttpsURLConnection connection = (HttpsURLConnection) cpUrl.openConnection();
TrustManager[] trustAllCerts = new TrustManager[] { new BusinessIntelligenceX509TrustManager() };
SSLContext sc;
try {
sc = SSLContext.getInstance("SSL");
}
catch (NoSuchAlgorithmException noSuchAlgorithmException) {
return;
}
HostnameVerifier hv = new BusinessIntelligenceHostnameVerifier();
try {
sc.init(null, trustAllCerts, new java.security.SecureRandom());
}
catch (KeyManagementException keyManagementException) {
return;
}
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(hv);
connection.setDoInput(true);
connection.setRequestProperty("Authorization", "Basic " + encode);
connection.setRequestMethod("POST");
connection.connect();
stream = connection.getInputStream();
Properties properties = new Properties();
properties.load(stream);
}
这是证书类别
//HTTPS CERTIFICATE CLASSES
class BusinessIntelligenceHostnameVerifier implements HostnameVerifier {
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
}
class BusinessIntelligenceX509TrustManager implements X509TrustManager {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
// no-op
}
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
// no-op
}
}
当我删除所有证书代码(以及证书代码)时的错误消息:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1518)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1057)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1041)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
at com.tecsys.bi.install.BiInstall2ControlPanelPromptsProcessor.run(BiInstall2ControlPanelPromptsProcessor.java:117)
at java.lang.Thread.run(Thread.java:595)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
at sun.security.validator.Validator.validate(Validator.java:203)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
... 12 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
... 17 more
解决方法:
问题似乎是由于在更改连接的SSLContext和HostNameVerifier实例之前打开了连接.这是不可能的,因为SSL / TLS握手甚至在从InputStream中读取连接内容之前就发生了.
换句话说,以下一行
HttpsURLConnection connection = (HttpsURLConnection) cpUrl.openConnection();
仅在向HttpsURLConnection类注册了SSLContext和HostNameVerifiers实例后才应该执行.
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(hv);
修正此顺序,应该解决问题,因为现在将使用新参数进行握手.
内容总结
以上是互联网集市为您收集整理的java-使用HTTPS进行基本身份验证全部内容,希望文章能够帮你解决java-使用HTTPS进行基本身份验证所遇到的程序开发问题。 如果觉得互联网集市技术教程内容还不错,欢迎将互联网集市网站推荐给程序员好友。
内容备注
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 gblab@vip.qq.com 举报,一经查实,本站将立刻删除。
内容手机端
扫描二维码推送至手机访问。
来源:【匿名】