Question

我正在尝试使用此工具包来测试Rally的webservice api。我们有一个内部设置的拉力赛。我的代码如下所示：

    RallyRestApi restApi = new RallyRestApi (new URI("https://rally"), "userName", "password");
    restApi.setApplicationName("Test");
    restApi.setWsapiVersion(wsapiVersion);

    String workspaceRef = new String("/workspace/11457676");
    String projectRef = new String("/project/11457760");

    String storyFormattedID = "US576";

    QueryRequest storyRequest = new QueryRequest("HierarchicalRequirement");
    storyRequest.setFetch(new Fetch("FormattedID","Name","Owner"));
    storyRequest.setQueryFilter(new QueryFilter("FormattedID", "=", storyFormattedID));
    storyRequest.setWorkspace(workspaceRef);
    storyRequest.setProject(projectRef);
    QueryResponse storyQueryResponse = restApi.query(storyRequest);
    ....

“....”之前的激活线生成异常：javax.net.ssl.SSLPeerUnverifiedException：peer未经过身份验证。当我在浏览器上手动访问这样的Web服务工作正常，但我注意到有证书错误： “HTTPS：//rally/slm/webservice/1.29/defect/10509982”

有没有人有这方面的经验？感谢。

Answer 1

这绝对是我们在内部针对具有自签名证书的服务器测试工具包时发现的问题。看看这个相关的问题：

SSLPeerUnverifiedException with httpClient

特别是这个答案：

https://stackoverflow.com/a/9114024/728184

您可以通过扩展RallyRestApi并配置必要的SSL安全覆盖来实现此目的：

import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;

import java.net.URI;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

public class OnPremRestApi extends RallyRestApi {

    public OnPremRestApi(URI server, String userName, String password) {
        super(server, userName, password);

        try {
            SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy() {
                public boolean isTrusted(X509Certificate[] certificate, String authType)
                    throws CertificateException {
                    //trust all certs
                    return true;
                }
            }, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
            httpClient.getConnectionManager().getSchemeRegistry()
                .register(new Scheme("https", 443, sf));
        } catch (Exception e) {
            //hmm...
        }
    }
}

然后在代码中使用OnPremRestApi实例而不是RallyRestApi。

Answer 2

从2.1 version of the jar开始，工具包允许访问其下的HTTPClient，我们可以告诉HTTPClient忽略无效的证书链并容忍自签的证书以便解决SSLPeerUnverifiedException: peer not authenticated String host = "https://rally1.rallydev.com"; String apiKey = "_abc123"; RallyRestApi restApi = new RallyRestApi(new URI(host),apiKey); restApi.setProxy(new URI("http://myproxy.mycompany.com"), "MyProxyUsername", "MyProxyPassword"); 1}}例外

当我们实例化RallyRestApi时：

HttpClient

我们可以getClient()

访问

import com.rallydev.rest.RallyRestApi;
import com.rallydev.rest.client.HttpClient;
import com.rallydev.rest.request.GetRequest;
import com.rallydev.rest.response.GetResponse;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.conn.scheme.Scheme;


public class ConnnectionTestWithHTTPClient {

    public static void main(String[] args) throws URISyntaxException, IOException {


        String host = "https://rally1.rallydev.com";
        String apiKey = "_abc123";
        String applicationName = "Connnection Test With HTTPClient";
        RallyRestApi restApi = new RallyRestApi(new URI(host),apiKey);
        restApi.setApplicationName(applicationName); 
        //restApi.setProxy(new URI("http://myproxy.mycompany.com"), "MyProxyUsername", "MyProxyPassword");  //SET PROXY SETTINS HERE
        HttpClient client = restApi.getClient();
        try {
            SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy() {
                public boolean isTrusted(X509Certificate[] certificate, String authType)
                    throws CertificateException {
                    //trust all certs
                    return true;
                }
            }, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
            client.getConnectionManager().getSchemeRegistry().register(new Scheme("https", 443, sf));

            String workspaceRef = "/workspace/12345"; //USE VALID WORKSPACE OID 
            GetRequest getRequest = new GetRequest(workspaceRef);
            GetResponse getResponse = restApi.get(getRequest);
            System.out.println(getResponse.getObject());
        } catch (Exception e) {
            System.out.println(e);
        } finally {
            restApi.close();
        }   
    } 
}

以下是完整的代码示例：

{{1}}

Answer 3

我已经长时间使用RallyRestAPi实例进行连接，突然它抛出SSLPeerUnverified Exception，如果我使用你给出的类没有发生错误。到目前为止RallyRestAPI是如何工作的？我使用1.0.6也试过1.0.7

Answer 4

如果过去曾经工作过，可能会在您的环境中发生变化，尤其是与代理相关的内容。

记录了here的setProxy方法。如果这确实与代理相关，我希望这会有所帮助。

setProxy

public void setProxy（URI proxy，                        字符串userName，                        字符串密码）
[Set the authenticated proxy server to use. By default no proxy is configured.][2]

Parameters:
    proxy - The proxy server, e.g. new URI("http://my.proxy.com:8000")
    userName - The username to be used for authentication.
    password - The password to be used for authentication.

集会休息api java工具包sslpeerunverifiedexception：peer未经过身份验证

4 个答案: