强制AXIS客户端使用TLS

时间:2015-03-19 10:53:24

标签: java web-services java-ee axis

如何强制SOAP Axis客户端使用TLS而不是SSL?我有这段代码:

        SOAPMessage soapMessage = MessageFactory.newInstance()
                .createMessage();
        SOAPPart soapPart = soapMessage.getSOAPPart();
        javax.xml.soap.SOAPEnvelope soapEnvelope = soapPart.getEnvelope();

        Service service = new Service();
        Call call = (Call) service.createCall();
        call.setTargetEndpointAddress(new java.net.URL(endpoint));
        call.setOperationStyle(org.apache.axis.constants.Style.DOCUMENT);
        call.setSOAPActionURI("urn:processDocument");
        call.setUsername(user);
        call.setPassword(password);
        call.setTimeout(10000);
        call.invoke(new Message(soapEnvelope.toString()));

执行错误是:

javax.net.ssl.SSLException: Received fatal alert: unexpected_message
    at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
    at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
    at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
    at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
    at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
    at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
    at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
    at org.apache.axis.client.Call.invoke(Call.java:2767)
    at org.apache.axis.client.Call.invoke(Call.java:1870)
    at TestTLSConnect.main(TestTLSConnect.java:100)

我也激活了SSL日志记录,我可以看到:

main, WRITE: SSLv3 Handshake, length = 79
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, unexpected_message

我尝试使用System.setProperty(“https.protocols”,“TLSv1”);设置协议,但我得到相同的错误和相同的日志消息。

1 个答案:

答案 0 :(得分:0)

try {
        SSLContext ctx = SSLContext.getInstance("TLSv1.2");
        ctx.init(null, null, null);
        SSLContext.setDefault(ctx);
    } catch (Exception e) {
            System.out.println(e.getMessage());
    }

您可以使用此代码将SSL的默认协议设置为TLS 1.2,然后编写其他语句。