使用ClientAuth进行WebService调用:在Tomcat上使用recv失败,处理独立应用程序

时间:2012-07-13 13:32:47

标签: java tomcat ssl authentication

我为ServiceMix服务器上部署的Web服务启用了SSL客户端身份验证。我已导入客户端和服务器证书。我已经使用独立应用程序对其进行了测试,一切正常。但是当我尝试从部署在Tomcat上的应用程序调用此Web服务时,我得到了异常:

Caused by: java.net.SocketException: Software caused connection abort: recv failed
    at java.net.SocketInputStream.socketRead0(Native Method)
    at java.net.SocketInputStream.read(SocketInputStream.java:150)
    at java.net.SocketInputStream.read(SocketInputStream.java:121)
    at sun.security.ssl.InputRecord.readFully(InputRecord.java:312)
    at sun.security.ssl.InputRecord.read(InputRecord.java:350)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
    at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1689)
    at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:122)
    at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:972)
    at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1083)
    at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1002)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:282)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:998)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1294)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1321)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1305)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:523)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1087)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1916)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1871)
    at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:42)
    at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1934)
    at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:47)
    at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:188)
    at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
    at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
    ... 107 more

当我没有使用客户端私钥指定keyStore时,我从独立的Java应用程序收到了recv failed消息。然而,堆栈跟踪是另一个:

Exception in thread "main" com.sun.xml.ws.wsdl.parser.InaccessibleWSDLException: 2 counts of InaccessibleWSDLException.

java.net.SocketException: Software caused connection abort: recv failed
java.net.SocketException: Software caused connection abort: recv failed

    at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:172)
    at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:144)
    at com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:263)
    at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:226)
    at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:174)
    at com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:104)
    at javax.xml.ws.Service.<init>(Service.java:56)

在这种情况下,我没有阅读过WSDL。但是在Tomcat上,会读取WSDL,但是当CXF尝试发送消息时会抛出错误。

什么可能导致Tomcat上的错误?这是证书问题吗?在两种情况下,指向trustStore和keyStore的Java变量都是相同的:

javax.net.ssl.keyStoreType=jks
javax.net.ssl.trustStoreType=jks
javax.net.ssl.keyStore=c:/cert/gen.keystore
javax.net.ssl.trustStore=c:/cert/client.keystore
javax.net.ssl.keyStorePassword=changeit
javax.net.ssl.trustStorePassword=changeit

爪哇:     java版“1.6.0_30”     Java(TM)SE运行时环境(版本1.6.0_30-b12)     Java HotSpot(TM)客户端VM(构建20.5-b03,混合模式,共享)

Tomcat:6.0.26

1 个答案:

答案 0 :(得分:1)

即使我曾经得到同样的错误。但是,当我执行以下操作之一时,它不会发生

  1. 重新启动服务器。
  2. 重新生成证书。

  3. 尝试从服务器端设置所有这些变量,这意味着在Tomcat的server.xml文件中:

    javax.net.ssl.keyStoreType=jks
javax.net.ssl.trustStoreType=jks
javax.net.ssl.keyStore=c:/cert/gen.keystore
javax.net.ssl.trustStore=c:/cert/client.keystore
javax.net.ssl.keyStorePassword=changeit
javax.net.ssl.trustStorePassword=changeit
相关问题
最新问题