我正在构建一个使用SOAP over https与多个设备通信的服务。这些设备公开相同的Web服务API(相同的wsdl)。可以在运行时随时将新设备添加到此方案中。
我需要动态查询这些设备以及将来可能添加的任何设备。这些设备中的每一个都具有ssl的自签名证书。我正在构建的服务需要使用Spring Integration实现。
鉴于上述情况,我有两个主要问题:
非常感谢任何帮助。
答案 0 :(得分:1)
感谢你对Gary和Artem的帮助。
我能够用线程局部变量和SPEL来解决动态uri的问题。
为了信任自签名证书,我使用httpclient实现了新的邮件发件人。 HttpClient提供了TrustSelfSignedStrategy。我用它来信任所有自签名的证书。解决方案似乎正在发挥作用。如果有人在将来有类似的需求,以下是代码。
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream instream = getClass().getResourceAsStream(trustStoreFile);
try {
trustStore.load(instream, trustStorePassword.toCharArray());
} finally {
instream.close();
}
SSLContextBuilder builder = new SSLContextBuilder();
builder.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());
SSLContext sslcontext = builder.build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpClientBuilder httpClientBuilder = HttpClients.custom();
httpClientBuilder.setSSLSocketFactory(sslsf);
httpClientBuilder.addInterceptorFirst(new RemoveSoapHeadersInterceptor());
if (credentials!=null){
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY,credentials);
httpClientBuilder.setDefaultCredentialsProvider(credsProvider);
}
CloseableHttpClient closeableHttpclient = httpClientBuilder.build();
setHttpClient(closeableHttpclient);
答案 1 :(得分:0)
第一个问题很简单;请参阅XSD文档:
The Destination URI for this Web Service Gateway. If the URI should be determined at runtime
(e.g. registry lookup), then configure a 'destination-provider' reference instead. Aternatively,
this URI may include {placeholders} whose values are determined by evaluating SpEL expressions
provided via 'uri-variable' sub-elements. The root object for those evaluations is the actual
request Message at runtime, i.e. you can access its payload or headers in the expression.
和documentation about URI placeholders。
我不知道您是否可以在运行时动态地将密钥/证书添加到密钥库/信任库;我从未尝试过。