使用Apache CXF的JAX-RS实现对消息进行签名

时间:2014-12-03 05:28:16

标签: java cxf jax-rs jks

我有一个.jks文件,我需要使用 JAX-RS签名? 我正在使用apache-cxf的其余实现。我已经浏览了 apache cxf 网站,使用 jax-rs 对邮件进行签名,但我对此并不清楚。
提供的信息非常少。那么任何人都可以提供我如何做到这一点或任何明确解释的链接?

编码:

    String keystr = "src/main/resources/keystore.jks";                  
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());            
        FileInputStream fis = new FileInputStream(keystr );
        keyStore.load(fis, KEYSTORE_PWD.toCharArray());
        PrivateKey key = (PrivateKey) keyStore.getKey("", KEYSTORE_PWD.toCharArray());

        SSLContext  sslCtxt= SSLContexts.custom().loadTrustMaterial(keyStore).build();
        SSLConnectionSocketFactory sslConn = new SSLConnectionSocketFactory(sslCtxt, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

        CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslConn ).build();

        HttpGet getReq = new HttpGet("http://localhost:8080/xyz?sss=abc");
        CloseableHttpResponse response = httpclient.execute(getReq );

         HttpEntity entity = response.getEntity();
          if (entity != null) {
        BufferedReader br = new BufferedReader(new InputStreamReader(entity.getContent()));           
        StringBuffer result = new StringBuffer();
        String line = "";
        while ((line = br.readLine()) != null) {
            result.append(line);
            }
        }

由于

1 个答案:

答案 0 :(得分:0)

使用命名空间xmlns:http="http://cxf.apache.org/transports/http/configuration"将http管道添加到cxf配置文件并加载jks文件的最简单方法。请注意name="*.http-conduit"这适用于所有传出的cxf请求。您可以根据需要调整您的特定网址。有关详细信息,请参阅here 

<http:conduit name="*.http-conduit">
            <http:tlsClientParameters>
                <sec:keyManagers keyPassword="${'ssl.keystorepassword'}">
                    <sec:keyStore type="JKS" password="${'ssl.keystorepassword'}"
                        file="${'ssl.keystorefile')}" />
                </sec:keyManagers>
                <sec:trustManagers>
                    <sec:keyStore type="JKS" password="${'ssl.truststorepassword'}"
                        file="${'ssl.truststorefile'}" />
                </sec:trustManagers>
                <sec:cipherSuitesFilter>
                    <sec:include>.*_EXPORT_.*</sec:include>
                    <sec:include>.*_EXPORT1024_.*</sec:include>
                    <sec:include>.*_WITH_DES_.*</sec:include>
                    <sec:include>.*_WITH_AES_.*</sec:include>
                    <sec:include>.*_WITH_NULL_.*</sec:include>
                    <sec:exclude>.*_DH_anon_.*</sec:exclude>
                </sec:cipherSuitesFilter>
            </http:tlsClientParameters>
            <http:authorization>
            </http:authorization>
            <http:client AutoRedirect="true" Connection="Keep-Alive" />
    </http:conduit>
相关问题
最新问题