更新时间:2022-05-26 22:11:56
一切正常.最终,使用HTTP 401 (Unauthorized)
的原因是因为该服务需要Basic auth
,而我没有发送它.
This was all OK. Eventually, the reason for the HTTP 401 (Unauthorized)
was because the service required Basic auth
and I wasn't sending it.
所有密钥库和信任库的生成都是完美的.这是最终"解决方案(使用Spring Web Services):
All the keystore and truststore generation is perfect. This is the "final" solution (using Spring Web Services):
//
// Spring Config
// Inject messageSender() into a WebServiceTemplate or,
// Have a class that extends from WebServiceGatewaySupport
@Bean
public HttpsUrlConnectionMessageSender messageSender() throws Exception {
HttpsUrlConnectionMessageSender messageSender = new BasicAuthHttpsConnectionMessageSender(username, password);
messageSender.setTrustManagers(trustManagersFactoryBean().getObject());
messageSender.setKeyManagers(keyManagersFactoryBean().getObject());
return messageSender;
}
@Bean
public TrustManagersFactoryBean trustManagersFactoryBean() {
TrustManagersFactoryBean trustManagersFactoryBean = new TrustManagersFactoryBean();
trustManagersFactoryBean.setKeyStore(trustStore().getObject());
return trustManagersFactoryBean;
}
@Bean
public KeyManagersFactoryBean keyManagersFactoryBean() {
KeyManagersFactoryBean keyManagersFactoryBean = new KeyManagersFactoryBean();
keyManagersFactoryBean.setKeyStore(keyStore().getObject());
keyManagersFactoryBean.setPassword(keyStorePassword);
return keyManagersFactoryBean;
}
@Bean
public KeyStoreFactoryBean trustStore() {
KeyStoreFactoryBean keyStoreFactoryBean = new KeyStoreFactoryBean();
keyStoreFactoryBean.setLocation(new ClassPathResource("truststore.jks")); // Located in src/main/resources
keyStoreFactoryBean.setPassword(trustStorePassword);
return keyStoreFactoryBean;
}
@Bean
public KeyStoreFactoryBean keyStore() {
KeyStoreFactoryBean keyStoreFactoryBean = new KeyStoreFactoryBean();
keyStoreFactoryBean.setLocation(new ClassPathResource("keystore.jks"));
keyStoreFactoryBean.setPassword(keyStorePassword);
return keyStoreFactoryBean;
}
// You might need org.springframework.ws:spring-ws-support in order to
// have HttpsUrlConnectionMessageSender
public final class BasicAuthHttpsConnectionMessageSender extends HttpsUrlConnectionMessageSender {
private String b64Creds;
public BasicAuthHttpsConnectionMessageSender(String username, String password) {
b64Creds = Base64.getUrlEncoder().encodeToString((username + ":" + password).getBytes(StandardCharsets.UTF_8));
}
@Override
protected void prepareConnection(HttpURLConnection connection) throws IOException {
connection.setRequestProperty(HttpHeaders.AUTHORIZATION, String.format("Basic %s", b64Creds));
super.prepareConnection(connection);
}
}
另请参阅此一个-也是我自己问的O:)
Refer also to this one — also asked by myself O:)
希望这可以在将来对某人有所帮助.我花了一些时间整理所有东西.
Hope this can help someone in the future. It took me a while to put up together everything.