在独立JRE和Tomcat中设置axis.SecureSocketFactory

时间:2014-09-21 17:00:51

标签: java ssl axis tomcat5.5

我需要用我自己的实现替换Axis' s(1.4)默认的SecureSocketFactory。我已经从一个独立的JRE(1.6)成功运行,并且所有测试都很好。但是当我部署到Tomcat 5.5--这个应用程序最终将驻留在那里 - 据我所知,Axis仍在使用JSSESecureSocketFactory。我试过了两个:

System.setProperty("org.apache.axis.components.net.SecureSocketFactory", "my.CustomSecureSocketFactory");


AxisProperties.setProperty("axis.socketSecureFactory", "my.CustomSecureSocketFactory");

以及为Tomcat设置JVM属性:

-Dorg.apache.axis.components.net.SecureSocketFactory=my.CustomSecureSocketFactory

JRE,图书馆,密钥/信任商店以及我能想到的其他一切都是相同的。我甚至使用Tomcat的JRE和选项在服务器上运行我的独立测试,但它仍能正常工作。

我没有想法如何解决这个问题。有没有人知道在哪里看,或者告诉Axis使用特定的SecureSocketFactory的替代方法?

相关代码段:

public class CustomKeyManager extends X509ExtendedKeyManager {

    private final X509ExtendedKeyManager base;

    public CustomKeyManager(X509ExtendedKeyManager base) {
        this.base = base;
    }

    /* Lots of methods omitted */

    static SSLContext SSL_CONTEXT;

    static void updateSSL(String keyStoreFile, String keyStorePassword){
        System.setProperty("org.apache.axis.components.net.SecureSocketFactory", "com.spanlink.cfg.crypto.HostNameSecureSocketFactory");
        AxisProperties.setProperty("axis.socketSecureFactory", "com.spanlink.cfg.crypto.HostNameSecureSocketFactory");
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(new FileInputStream(keyStoreFile), keyStorePassword.toCharArray());
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(keyStore, keyStorePassword.toCharArray());

        KeyManager[] oldManagers = kmf.getKeyManagers();
        KeyManager[] newManagers = new KeyManager[oldManagers.length];
        for (int i = 0; i < oldManagers.length; i++) {
            if (oldManagers[i] instanceof X509ExtendedKeyManager) {
                newManagers[i] = new CustomKeyManager((X509ExtendedKeyManager) oldManagers[i]);
            }else{
                newManagers[i] = oldManagers[i];
            }
        }

        SSL_CONTEXT = SSLContext.getInstance("SSL");
        SSL_CONTEXT.init(newManagers, null, null);
    }


}

public class CustomSecureSocketFactory extends JSSESocketFactory {

    public CustomSecureSocketFactory(Hashtable table) {
        super(table);
        super.sslFactory = CustomKeyManager.SSL_CONTEXT.getSocketFactory();
    }

}

1 个答案:

答案 0 :(得分:1)

结束搞清楚。在类加载时,Axis的SocketFactoryFactory将Axis属性axis.socketSecureFactory重置为默认值。从JRE开始,类加载器在我的代码运行之前加载了SocketFactoryFactory;来自Tomcat,直到我的代码运行后才会加载它,覆盖我的自定义设置。

我在设置axis.socketSecureFactory之前刚刚添加了一个Class.forName()调用,一切正常。

相关问题
最新问题