如何使用ApacheConnector在Jersey 2中选择密码套件?

时间:2014-01-10 01:34:39

标签: java apache ssl jersey

我使用Jersey 2作为客户端使用TLS访问Web服务。我想选择TLS使用的密码,我不知道如何。我的代码:

ClientConfig clientConfig = new ClientConfig(); 
clientConfig.connectorProvider(new ApacheConnectorProvider()); 
SslConfigurator sslConfig = SslConfigurator.newInstance()
    .trustStoreFile("truststore.jks")
    .trustStorePassword("asdfgh")
    .keyStoreFile("keystore.jks")
    .keyPassword("asdfgh")
    .securityProtocol("TLS"); // there is no method to select cipher suites for SslConfigurator
clientConfig.property(ApacheClientProperties.SSL_CONFIG, sslContext);

Client client = ClientBuilder.newBuilder()
    .withConfig(clientConfig)
    .build();

1 个答案:

答案 0 :(得分:1)

我找到了解决方案:

HttpClientConnectionManager connectionManager = createConnectionManager(clientConfig, sslContext, getHostnameVerifier(), true);
clientConfig.property(ApacheClientProperties.CONNECTION_MANAGER, connectionManager);

我粗略地从ApacheConnector复制了以下方法来创建ConnectionManager:

private HttpClientConnectionManager createConnectionManager(
        final Configuration config,
        SSLContext sslContext,
        X509HostnameVerifier hostnameVerifier,
        boolean useSystemProperties) {

    final String[] supportedProtocols = useSystemProperties ? StringUtils.split(
            System.getProperty("https.protocols")) : null;
    final String[] supportedCipherSuites = useSystemProperties ? StringUtils.split(
            System.getProperty("https.cipherSuites")) : null;

    if (hostnameVerifier == null) {
        hostnameVerifier = SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
    }

    LayeredConnectionSocketFactory sslSocketFactory;
    if (sslContext != null) {
        sslSocketFactory = new SSLConnectionSocketFactory(
                sslContext, supportedProtocols, supportedCipherSuites, hostnameVerifier);
    } else {
        if (useSystemProperties) {
            sslSocketFactory = new SSLConnectionSocketFactory(
                    (SSLSocketFactory) SSLSocketFactory.getDefault(),
                    supportedProtocols, supportedCipherSuites, hostnameVerifier);
        } else {
            sslSocketFactory = new SSLConnectionSocketFactory(
                    SSLContexts.createDefault(),
                    hostnameVerifier);
        }
    }

    final Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
         .register("http", PlainConnectionSocketFactory.getSocketFactory())
         .register("https", sslSocketFactory)
         .build();

    final PoolingHttpClientConnectionManager connectionManager =
            new PoolingHttpClientConnectionManager(registry);

    if (useSystemProperties) {
        String s = System.getProperty("http.keepAlive", "true");
        if ("true".equalsIgnoreCase(s)) {
            s = System.getProperty("http.maxConnections", "5");
            final int max = Integer.parseInt(s);
            connectionManager.setDefaultMaxPerRoute(max);
            connectionManager.setMaxTotal(2 * max);
        }
    }

    return connectionManager;
}
相关问题
最新问题