JDK1.7请求带basic Auth认证的odata接口

最新推荐文章于 2022-08-01 18:02:30 发布
最新推荐文章于 2022-08-01 18:02:30 发布
阅读量348 收藏
点赞数
分类专栏: JavaWeb https请求 文章标签: java https
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/sinat_22394483/article/details/105835340
版权

JDK1.7请求带basic Auth认证的odata接口

1 接口

提供的接口如下:
https://xxxxxxx, 该链接是GET请求,并带有Basic Auth的Authorization认证头

2 开发

项目背景:Tomcat7+JDK1.7,一开始通过HttpClient和HttpGet请求接口,但是报异常:
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
经过百度,试了一下午,得到的解决方案基本如下:

  1. 如果代码还可以改动(代码未上线),直接在网络请求前加上 System.setProperty(“https.protocols”, “TLSv1.2,TLSv1.1,SSLv3”);

  2. 如果代码已上线,可以设置JVM参数如下,以提高客户端的TLS版本
    -Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1.0,SSLv3,SSLv2Hello

  3. 更换jdk中jce的jar包,网上资料说这个应该是旧版本jdkjce中安全机制的bug,要去oracle官网下载对应的jce包替换jdk中的jce包

    jce所在jdk的路径:
    %JAVA_HOME%\jre\lib\security里的local_policy.jar,US_export_policy.jar

    JDK7
    http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

    JDK8
    http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

  4. 升级 JDK到1.8版本。

第4种方案显然做不到,于是反复试验前三种方法,都没有成功,百度+试验了一天,头晕脑胀。。。。。。
第二天,问了下接口的开发人员,得知这是odata API的接口,于是又开始搜索odata的请求方式,但是在百度上几乎搜不到,只能搜到Olingo,也试了一下,但是这个Olingo主要是用于实现odata的,研究了一早上,无果。下午开始尝试在别的用JDK1.8的项目代码中尝试请求该接口,请求成功了!!于是认为代码没错,JDK的问题,于是又开始更换JDK啥的,但是还是不能成功。
第三天,开始搜索JDK1.7与该异常的内容,看到类似这样的文章:
解决jdk1.7 不支持TLS1.2的问题

得知jdk1.7默认支持的TLS是V1 ,jdk1.8默认支持的是v1.2,而接口的协议是v1.2,因此一直握手失败,按照上面链接里的方法,利用HttpURLConnection去请求接口,其中加Authorization的代码如下:
String username = “xxxx”;
String password = “xxxx”;
String auth = username + “:” + password;
String encoding = DatatypeConverter.printBase64Binary(auth.getBytes(“UTF-8”));
connection.setRequestProperty(“Authorization”, "Basic " +encoding);

这样就可以顺利请求该链接了,全部代码:

先新建一个java类,下面的代码放进去,其中getTaskCount方法请求的主要方法

public Map<String, String> getTaskCount() throws Exception {
        HashMap<String, String> map = new HashMap<>(3);
        String url= “xxx”;
        URL url1 = new URL(url);
        URI uri = new URI(url1.getProtocol(), url1.getHost(), url1.getPath(), url1.getQuery(), null);
        
        HttpURLConnection connection;
        try {
            connection = createConnection(uri);
            connection.setDoOutput(true);
            connection.setDoInput(true);
            connection.setRequestMethod("GET");
            connection.setUseCaches(false);
            connection.setInstanceFollowRedirects(true);
            connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            //加basic auth认证
            String username = "xxx";
            String password = "xxx";
            String auth = username + ":" + password;
            String encoding = DatatypeConverter.printBase64Binary(auth.getBytes("UTF-8"));
            connection.setRequestProperty("Authorization", "Basic " +encoding);

            connection.connect();
            OutputStreamWriter os = null;
            String json="";
            json=getResponse(connection);
            System.out.println(json);
            
            if (connection.getResponseCode() < 300) {
                map.put("status", "Y");
                map.put("count", json);
                map.put("errorMsg", "");
            } else {
                map.put("status", "Y");
                map.put("count", json);
                map.put("errorMsg", "");
            }
            if (connection != null) {
                connection.disconnect();
            }
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        return map;
    }

    public HttpURLConnection createConnection(URI uri) throws IOException {
        URL url = uri.toURL();
        URLConnection connection = url.openConnection();
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) connection;
        httpsURLConnection.setSSLSocketFactory(new TLSSocketConnectionFactory());
        return httpsURLConnection;
    }

    public String getResponse(HttpURLConnection Conn) throws IOException {


        InputStream is;
        if (Conn.getResponseCode() >= 400) {
            is = Conn.getErrorStream();
        } else {
            is = Conn.getInputStream();
        }

        String response = "";
        byte buff[] = new byte[512];
        int b = 0;
        while ((b = is.read(buff, 0, buff.length)) != -1) {
            response += new String(buff, 0, b);
        }
        is.close();

        System.out.println(response);
        return response;
    }

TLSSocketConnectionFactory.java :



import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.Principal;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.util.Hashtable;
import java.util.LinkedList;
import java.util.List;

import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.security.cert.X509Certificate;

import org.bouncycastle.crypto.tls.*;
import org.bouncycastle.crypto.tls.Certificate;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/**
 * Created by hzlizhou on 2016/9/9.
 */
public class TLSSocketConnectionFactory extends SSLSocketFactory {

    static {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    @Override
    public Socket createSocket(Socket socket, final String host, int port,
                               boolean arg3) throws IOException {
        if (socket == null) {
            socket = new Socket();
        }
        if (!socket.isConnected()) {
            socket.connect(new InetSocketAddress(host, port));
        }

        final TlsClientProtocol tlsClientProtocol = new TlsClientProtocol(socket.getInputStream(), socket.getOutputStream(), new SecureRandom());

        return _createSSLSocket(host, tlsClientProtocol);
    }

    @Override
    public String[] getDefaultCipherSuites() {
        return null;
    }

    @Override
    public String[] getSupportedCipherSuites() {
        return null;
    }

    @Override
    public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
        throw new UnsupportedOperationException();
    }

    @Override
    public Socket createSocket(InetAddress host, int port) throws IOException {
        throw new UnsupportedOperationException();
    }

    @Override
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {
        return null;
    }

    @Override
    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
        throw new UnsupportedOperationException();
    }

    private SSLSocket _createSSLSocket(final String host, final TlsClientProtocol tlsClientProtocol) {
        return new SSLSocket() {
            private java.security.cert.Certificate[] peertCerts;

            @Override
            public InputStream getInputStream() throws IOException {
                return tlsClientProtocol.getInputStream();
            }

            @Override
            public OutputStream getOutputStream() throws IOException {
                return tlsClientProtocol.getOutputStream();
            }

            @Override
            public synchronized void close() throws IOException {
                tlsClientProtocol.close();
            }

            @Override
            public void addHandshakeCompletedListener(HandshakeCompletedListener arg0) {
            }

            @Override
            public boolean getEnableSessionCreation() {
                return false;
            }

            @Override
            public String[] getEnabledCipherSuites() {
                return null;
            }

            @Override
            public String[] getEnabledProtocols() {
                return null;
            }

            @Override
            public boolean getNeedClientAuth() {
                return false;
            }

            @Override
            public SSLSession getSession() {
                return new SSLSession() {

                    @Override
                    public int getApplicationBufferSize() {
                        return 0;
                    }

                    @Override
                    public String getCipherSuite() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public long getCreationTime() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public byte[] getId() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public long getLastAccessedTime() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public java.security.cert.Certificate[] getLocalCertificates() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public Principal getLocalPrincipal() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public int getPacketBufferSize() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException {
                        return null;
                    }

                    @Override
                    public java.security.cert.Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException {
                        return peertCerts;
                    }

                    @Override
                    public String getPeerHost() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public int getPeerPort() {
                        return 0;
                    }

                    @Override
                    public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
                        return null;
                    }

                    @Override
                    public String getProtocol() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public SSLSessionContext getSessionContext() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public Object getValue(String arg0) {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public String[] getValueNames() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public void invalidate() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public boolean isValid() {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public void putValue(String arg0, Object arg1) {
                        throw new UnsupportedOperationException();
                    }

                    @Override
                    public void removeValue(String arg0) {
                        throw new UnsupportedOperationException();
                    }
                };
            }

            @Override
            public String[] getSupportedProtocols() {
                return null;
            }

            @Override
            public boolean getUseClientMode() {
                return false;
            }

            @Override
            public boolean getWantClientAuth() {
                return false;
            }

            @Override
            public void removeHandshakeCompletedListener(HandshakeCompletedListener arg0) {
            }

            @Override
            public void setEnableSessionCreation(boolean arg0) {
            }

            @Override
            public void setEnabledCipherSuites(String[] arg0) {
            }

            @Override
            public void setEnabledProtocols(String[] arg0) {
            }

            @Override
            public void setNeedClientAuth(boolean arg0) {
            }

            @Override
            public void setUseClientMode(boolean arg0) {
            }

            @Override
            public void setWantClientAuth(boolean arg0) {
            }

            @Override
            public String[] getSupportedCipherSuites() {
                return null;
            }

            @Override
            public void startHandshake() throws IOException {
                tlsClientProtocol.connect(new DefaultTlsClient() {

                    @SuppressWarnings("unchecked")
                    @Override
                    public Hashtable<Integer, byte[]> getClientExtensions() throws IOException {
                        Hashtable<Integer, byte[]> clientExtensions = super.getClientExtensions();
                        if (clientExtensions == null) {
                            clientExtensions = new Hashtable<Integer, byte[]>();
                        }

                        //Add host_name
                        byte[] host_name = host.getBytes();

                        final ByteArrayOutputStream baos = new ByteArrayOutputStream();
                        final DataOutputStream dos = new DataOutputStream(baos);
                        dos.writeShort(host_name.length + 3);
                        dos.writeByte(0);
                        dos.writeShort(host_name.length);
                        dos.write(host_name);
                        dos.close();
                        clientExtensions.put(ExtensionType.server_name, baos.toByteArray());
                        return clientExtensions;
                    }

                    @Override
                    public TlsAuthentication getAuthentication() throws IOException {
                        return new TlsAuthentication() {
                            @Override
                            public void notifyServerCertificate(Certificate serverCertificate) throws IOException {
                                try {
                                    KeyStore ks = _loadKeyStore();

                                    CertificateFactory cf = CertificateFactory.getInstance("X.509");
                                    List<java.security.cert.Certificate> certs = new LinkedList<java.security.cert.Certificate>();
                                    boolean trustedCertificate = false;
                                    for (org.bouncycastle.asn1.x509.Certificate c : ((org.bouncycastle.crypto.tls.Certificate) serverCertificate).getCertificateList()) {
                                        java.security.cert.Certificate cert = cf.generateCertificate(new ByteArrayInputStream(c.getEncoded()));
                                        certs.add(cert);

                                        String alias = ks.getCertificateAlias(cert);
                                        if (alias != null) {
                                            if (cert instanceof java.security.cert.X509Certificate) {
                                                try {
                                                    ((java.security.cert.X509Certificate) cert).checkValidity();
                                                    trustedCertificate = true;
                                                } catch (CertificateExpiredException cee) {
                                                    // Accept all the certs!
                                                }
                                            }
                                        } else {
                                            // Accept all the certs!
                                        }

                                    }
                                    if (!trustedCertificate) {
                                        // Accept all the certs!
                                    }
                                    peertCerts = certs.toArray(new java.security.cert.Certificate[0]);
                                } catch (Exception ex) {
                                    ex.printStackTrace();
                                    throw new IOException(ex);
                                }
                            }

                            @Override
                            public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) throws IOException {
                                return null;
                            }

                            private KeyStore _loadKeyStore() throws Exception {
                                FileInputStream trustStoreFis = null;
                                try {
                                    KeyStore localKeyStore = null;

                                    String trustStoreType = System.getProperty("javax.net.ssl.trustStoreType") != null ? System.getProperty("javax.net.ssl.trustStoreType") : KeyStore.getDefaultType();
                                    String trustStoreProvider = System.getProperty("javax.net.ssl.trustStoreProvider") != null ? System.getProperty("javax.net.ssl.trustStoreProvider") : "";

                                    if (trustStoreType.length() != 0) {
                                        if (trustStoreProvider.length() == 0) {
                                            localKeyStore = KeyStore.getInstance(trustStoreType);
                                        } else {
                                            localKeyStore = KeyStore.getInstance(trustStoreType, trustStoreProvider);
                                        }

                                        char[] keyStorePass = null;
                                        String str5 = System.getProperty("javax.net.ssl.trustStorePassword") != null ? System.getProperty("javax.net.ssl.trustStorePassword") : "";

                                        if (str5.length() != 0) {
                                            keyStorePass = str5.toCharArray();
                                        }

                                        localKeyStore.load(trustStoreFis, keyStorePass);

                                        if (keyStorePass != null) {
                                            for (int i = 0; i < keyStorePass.length; i++) {
                                                keyStorePass[i] = 0;
                                            }
                                        }
                                    }
                                    return localKeyStore;
                                } finally {
                                    if (trustStoreFis != null) {
                                        trustStoreFis.close();
                                    }
                                }
                            }

                        };
                    }

                });
            } // startHandshake
        };
    }
}
小颜二
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
odata-client:OData客户端
05-02
客户端 OData客户端库。 支持的OData版本版本 支持 未知 部分的 部分的 (英文) (нарусском)
ASP.NET Web API Basic Identity 中的基本身份验证
weixin_30721077的博客
03-16 94
缺点 用户凭证在请求中发送。 凭据作为明文发送。 每个请求都会发送凭据。 无法注销,除非结束浏览器会话。 易于跨站点请求伪造(CSRF);需要反CSRF措施。 优点 互联网标准。 受所有主要浏览器支持。 相对简单的协议。 基本认证的工作原理如下: 如果请求需要认证,则服务器返回401(未授权)。响应包括WWW-Authenticate头,指示服...
basic-auth:认证
03-13
实验室-Class 06 项目:认证 作者:科迪·卡彭特(Cody Carpenter) 链接与资源 (GitHub操作) 设置 .env要求(如果适用) PORT -3000 如何初始化/运行您的应用程序(如果适用) nodemon node index.js npm start 如何使用您的图书馆(如果适用) 测验 断言以下 POST到/ signup创建一个新用户 POST到/ signin以用户身份登录(使用基本身份验证) 需要测试身份验证中间件和路由 中间件是否起作用(向其发送基本标头) 路由是否声明要求(注册/登录) 统一语言 ;
在SAP HANA中使用OData(一)
wangbanmin的专栏
08-18 1174
1 OData介绍 OData全称是Open Data Protocol,即开放数据协议,由微软公司最初提出,它的主要用途便是通过Web来对数据库中的数据进行查询与更新。在SAP HANA的XS Engine中提供了OData的实现,所以在开发基于XS Engine的应用程序时,如果使用OData来访问数据,将会十分方便与快捷。另外,OData也可以作为其他应用的数据源,不一定需要ODBC或者JDBC去访问SAP HANA中的数据。 在当前的SAP HANA XS E...
近期调用企业接口 遇到问题,jdk1.7可以发送成功,jdk1.8发送不了请求
qq_38687311的博客
03-08 647
发送post方法: public static String doPost(String url, String params) throws Exception { CloseableHttpClient httpclient = HttpClients.createDefault(); HttpPost httpPost = new HttpP...
jdk1.7安装包下载
最新发布
03-28
7. **文件系统API增强**:` java.nio.file `包在JDK1.7中得到了加强,引入了` Files `类和` Path `接口,提供了更强大的文件操作功能,如更灵活的路径操作和权限管理。 8. **并发改进**:` java.util.concurrent `...
java jdk 1.7官网免安装版本
10-25
Java JDK 1.7,全称为Java Development Kit version 7,是Oracle公司推出的Java编程语言的开发工具包,主要用于编写、编译、测试和运行Java应用程序。这个版本JDK在2012年发布,引入了许多新特性,提升了性能,并...
jdk1.7版本免安装
07-26
JDK 1.7,也被称为Java SE 7(Java Standard Edition 7),是Oracle公司发布的一个重要版本,包含了对语言特性和API的诸多改进和增强。这个"免安装"版本意味着它不需要传统的安装过程,用户可以直接解压并配置环境...
jdk1.7_linux Linux版零积分免费下载
04-15
jdk1.7_linux Linux版零积分jdk1.7_linux Linux版零积分免费下载jdk1.7_linux Linux版零积分免费下载jdk1.7_linux Linux版零积分免费下载jdk1.7_linux Linux版零积分免费下载jdk1.7_linux Linux版零积分免费下载jdk...
JDK 1.7压缩包.zip
05-28
**JDK 1.7详解** Java Development Kit(JDK)是Oracle公司提供的用于开发和运行Java应用程序的软件工具包。JDK 1.7,也称为Java SE 7(Java Standard Edition 7),是Java语言的一个重要版本,它包含了编译器、...
jdk1.8 handshake_failure漏洞修复jar UnlimitedJCEPolicyJDK7.zip
08-05
UnlimitedJCEPolicyJDK7 修复jdk1.8的漏洞
jdk1.7访问httpsjavax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure问题解决
wangchaoqi1985的博客
02-13 589
jdk1.7访问httpsjavax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure问题解决
JDK1.7 解决访问Https域名报shakehand_failure的问题
代码雏猴的博客
06-21 488
Jdk1.7访问https报错
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
xiejunna的博客
08-01 2033
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure问题解决
11-19 9056
原文出处:https://wuyongshi.top/articles/2018/07/08/1531020199145.html jdk1.7访问httpsjavax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure问题解决 错误日志: 本地jdk版本java version "1.8.0_31"...
JAVA client https请求报错:Received fatal alert: protocol_version和handshake_failure问题处理过程记录
junch_wuhan的专栏
03-08 7247
问题背景 1、老的项目,正式环境为Linux环境,使用IBM-jdk,因使用的用户不多,因此客户方没有使用WAS(没有购买WAS) 2、后续扩展开发接口需要调用第三方系统的https接口,2020年3月上线时,该接口可以正常调用第三方的https接口服务;2020年6月第三方系统的证书过期了,后来更换了新的厂商的安全证书,导致原来的接口无法调用第三方的https接口服务。报错为:javax.net.ssl.SSLException:Receivedfatalalert:protocol_vers...
Java调用Https接口:fatal, handshake_failure问题记录
calmboy_的博客
11-29 2039
一. 问题描述 HttpClient调用接口,报错:handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 二. 解决过程 1.添加jvm调试参数:-Djavax.net.debug = all 2.再次调用,后台查找报错日志如下: [19-11-14...
获取jdk支持的密码套件
xiaowen11122的博客
08-21 1774
public static void getcipher(){ SSLServerSocketFactory ssf =(SSLServerSocketFactory)SSLServerSocketFactory.getDefault(); TreeMap<String,Boolean> ciphers = new TreeMap<String,Boolean>...
HTTPS握手失败javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure异常记录
qq_25695319的博客
10-25 4599
问题: 项目中请求第三方接口:使用HTTPS进行通信。本地开发测试没有问题封板待第三方测试一起联调,过了近半个月时间再次测试联调请求一直报:Received fatal alert: handshake_failure 异常: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 网上解决方案尝试:...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值