通过HttpClient实现访问HTTPS网站

文章的HttpClient版本为3.

实现SSL访问有2种方法.

第一种方式是通过浏览器导出需要的证书,然后将证书运用到代码中使用.

第二种方式,实现SSL管理,直接接收服务器发送到证书.

本文只讨论第二种方式.

该方法具体是实现一个SecureProtocolSocketFactory处理SSL.

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;

/**
 * @author yansheng723@gmail.com
 */
public class MySecureProtocolSocketFactory implements SecureProtocolSocketFactory {  
    private SSLContext sslcontext = null;  
     
    private SSLContext createSSLContext() {  
        SSLContext sslcontext=null;  
        try {  
            sslcontext = SSLContext.getInstance("SSL");  
            sslcontext.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());  
        } catch (NoSuchAlgorithmException e) {  
            e.printStackTrace();  
        } catch (KeyManagementException e) {  
            e.printStackTrace();  
        }  
        return sslcontext;  
    }  
     
    private SSLContext getSSLContext() {  
        if (this.sslcontext == null) {  
            this.sslcontext = createSSLContext();  
        }  
        return this.sslcontext;  
    }  
     
    public Socket createSocket(Socket socket, String host, int port, boolean autoClose)  
            throws IOException, UnknownHostException {  
        return getSSLContext().getSocketFactory().createSocket(  
                socket,  
                host,  
                port,  
                autoClose  
            );  
    }  
  
    public Socket createSocket(String host, int port) throws IOException,  
            UnknownHostException {  
        return getSSLContext().getSocketFactory().createSocket(  
                host,  
                port  
            );  
    }  
     
     
    public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort)  
            throws IOException, UnknownHostException {  
        return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort);  
    }  
  
    public Socket createSocket(String host, int port, InetAddress localAddress,  
            int localPort, HttpConnectionParams params) throws IOException,  
            UnknownHostException, ConnectTimeoutException {  
        if (params == null) {  
            throw new IllegalArgumentException("Parameters may not be null");  
        }  
        int timeout = params.getConnectionTimeout();  
        SocketFactory socketfactory = getSSLContext().getSocketFactory();  
        if (timeout == 0) {  
            return socketfactory.createSocket(host, port, localAddress, localPort);  
        } else {  
            Socket socket = socketfactory.createSocket();  
            SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);  
            SocketAddress remoteaddr = new InetSocketAddress(host, port);  
            socket.bind(localaddr);  
            socket.connect(remoteaddr, timeout);  
            return socket;  
        }  
    }  
     
    //自定义私有类  
    private static class TrustAnyTrustManager implements X509TrustManager {  
        
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {  
        }  
    
        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {  
        }  
    
        public X509Certificate[] getAcceptedIssuers() {  
            return new X509Certificate[]{};  
        }  
    }     
  
}  

调用实现的Factory,注册到Protocol中

@SuppressWarnings("deprecation")
Protocol protocol = new Protocol("https", new
		MySecureProtocolSocketFactory (), 443) {
};
Protocol.registerProtocol("https", protocol);


阅读更多
个人分类: Security Java
想对作者说点什么? 我来说一句

没有更多推荐了,返回首页

关闭
关闭
关闭