SSL连接从jUnit测试成功但在Tomcat 8上没有成功

时间:2017-02-13 15:49:34

标签: java tomcat ssl intellij-idea junit

我遇到SSL连接问题,当一个方法在Tomcat 8实例中运行时,立即抛出一个 java.net.SocketException:Connection reset 但是当一个方法在同一个方法中运行时没有在IntelliJ IDEA中启动了jUnit测试。

我的猜测是这些执行的SSL上下文之间存在差异,但我无法弄清楚在哪里。

stacktrace:

Caused by: java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:209)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1513)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at com.microsoft.aad.adal4j.HttpHelper.readResponseFromConnection(HttpHelper.java:71)
at com.microsoft.aad.adal4j.HttpHelper.getResponse(HttpHelper.java:175)
at com.microsoft.aad.adal4j.HttpHelper.executeGetRequest(HttpHelper.java:149)
at com.microsoft.aad.adal4j.HttpHelper.executeHttpGet(HttpHelper.java:50)
at com.microsoft.aad.adal4j.HttpHelper.executeHttpGet(HttpHelper.java:42)
at com.microsoft.aad.adal4j.MexParser.getWsTrustEndpointFromMexEndpoint(MexParser.java:105)
at com.microsoft.aad.adal4j.WSTrustRequest.execute(WSTrustRequest.java:53)
at com.microsoft.aad.adal4j.AuthenticationContext.processPasswordGrant(AuthenticationContext.java:841)
at com.microsoft.aad.adal4j.AuthenticationContext.access$000(AuthenticationContext.java:66)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:173)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:163)

如您所见,我们正在使用Microsoft adal4j身份验证库,它依赖于sun SSLSocket库。所以我没有完全控制代码,也没有完全控制这个库试图访问的URL,但是当我向那些带有随机HTTP客户端的URL发出GET请求时,我得到了一个成功的结果,所以我认为这不是由于远程服务器

另外,在两种情况下调试方法时,比较SSL相关类实例时,我找不到任何明显的差异。

所以我的问题是:

  • 您是否知道为什么在Tomcat 8中运行代码时会发生此异常,而在IntelliJ IDEA运行的jUnit测试中却没有?
  • 我应该知道哪些特定的Tomcat SSL相关配置? (编辑:关于 发布 请求的SSL配置,而不是接收

非常感谢!

编辑:以下是使用-Djavax.net.debug = all VM选项在Tomcat 8上运行代码时显示的SSL日志: 

    Keep-Alive-Timer, called close()
Keep-Alive-Timer, called closeInternal(true)
Keep-Alive-Timer, SEND TLSv1.2 ALERT:  warning, description = close_notify
Padded plaintext before ENCRYPTION:  len = 64
0000: C5 9E 29 2A 8B 63 20 6C   E0 A6 49 4E 22 84 C7 3B  ..)*.c l..IN"..;
0010: 01 00 F3 38 92 FE 6A 86   C5 8E 24 33 A2 06 CD 8C  ...8..j...$3....
0020: E5 41 AB C1 90 02 68 2E   DA 16 98 16 A0 D2 10 F9  .A....h.........
0030: E8 F8 0D 0D 0D 0D 0D 0D   0D 0D 0D 0D 0D 0D 0D 0D  ................
Keep-Alive-Timer, WRITE: TLSv1.2 Alert, length = 64
[Raw write]: length = 69
0000: 15 03 03 00 40 3F FC 91   B2 8E 40 60 E9 53 92 F1  ....@?....@`.S..
0010: DC 30 3E 6B 17 24 24 73   28 27 A2 0D 5A 21 10 49  .0>k.$$s('..Z!.I
0020: 10 3F 2A 0C 66 43 B2 7C   9C AF 7D DD 8D 56 9A 54  .?*.fC.......V.T
0030: 5C 50 7D 02 A7 2E CD 08   09 8B 7C 01 23 73 39 A2  \P..........#s9.
0040: BE EE 25 69 C6                                     ..%i.
Keep-Alive-Timer, called closeSocket(true)
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
pool-3-thread-1, setSoTimeout(0) called
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1470314350 bytes = { 213, 98, 148, 139, 96, 52, 131, 136, 198, 166, 65, 128, 70, 254, 68, 33, 73, 132, 111, 109, 16, 154, 180, 207, 22, 254, 151, 143 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
***
[write] MD5 and SHA1 hashes:  len = 193
0000: 01 00 00 BD 03 03 58 A3   37 6E D5 62 94 8B 60 34  ......X.7n.b..`4
0010: 83 88 C6 A6 41 80 46 FE   44 21 49 84 6F 6D 10 9A  ....A.F.D!I.om..
0020: B4 CF 16 FE 97 8F 00 00   3A C0 23 C0 27 00 3C C0  ........:.#.'.<.
0030: 25 C0 29 00 67 00 40 C0   09 C0 13 00 2F C0 04 C0  %.).g.@...../...
0040: 0E 00 33 00 32 C0 2B C0   2F 00 9C C0 2D C0 31 00  ..3.2.+./...-.1.
0050: 9E 00 A2 C0 08 C0 12 00   0A C0 03 C0 0D 00 16 00  ................
0060: 13 00 FF 01 00 00 5A 00   0A 00 34 00 32 00 17 00  ......Z...4.2...
0070: 01 00 03 00 13 00 15 00   06 00 07 00 09 00 0A 00  ................
0080: 18 00 0B 00 0C 00 19 00   0D 00 0E 00 0F 00 10 00  ................
0090: 11 00 02 00 12 00 04 00   05 00 14 00 08 00 16 00  ................
00A0: 0B 00 02 01 00 00 0D 00   18 00 16 06 03 06 01 05  ................
00B0: 03 05 01 04 03 04 01 03   03 03 01 02 03 02 01 02  ................
00C0: 02                                                 .
pool-3-thread-1, WRITE: TLSv1.2 Handshake, length = 193
[Raw write]: length = 198
0000: 16 03 03 00 C1 01 00 00   BD 03 03 58 A3 37 6E D5  ...........X.7n.
0010: 62 94 8B 60 34 83 88 C6   A6 41 80 46 FE 44 21 49  b..`4....A.F.D!I
0020: 84 6F 6D 10 9A B4 CF 16   FE 97 8F 00 00 3A C0 23  .om..........:.#
0030: C0 27 00 3C C0 25 C0 29   00 67 00 40 C0 09 C0 13  .'.<.%.).g.@....
0040: 00 2F C0 04 C0 0E 00 33   00 32 C0 2B C0 2F 00 9C  ./.....3.2.+./..
0050: C0 2D C0 31 00 9E 00 A2   C0 08 C0 12 00 0A C0 03  .-.1............
0060: C0 0D 00 16 00 13 00 FF   01 00 00 5A 00 0A 00 34  ...........Z...4
0070: 00 32 00 17 00 01 00 03   00 13 00 15 00 06 00 07  .2..............
0080: 00 09 00 0A 00 18 00 0B   00 0C 00 19 00 0D 00 0E  ................
0090: 00 0F 00 10 00 11 00 02   00 12 00 04 00 05 00 14  ................
00A0: 00 08 00 16 00 0B 00 02   01 00 00 0D 00 18 00 16  ................
00B0: 06 03 06 01 05 03 05 01   04 03 04 01 03 03 03 01  ................
00C0: 02 03 02 01 02 02                                  ......
pool-3-thread-1, handling exception: java.net.SocketException: Connection reset
pool-3-thread-1, SEND TLSv1.2 ALERT:  fatal, description = unexpected_message
pool-3-thread-1, WRITE: TLSv1.2 Alert, length = 2
pool-3-thread-1, Exception sending alert: java.net.SocketException: Broken pipe
pool-3-thread-1, called closeSocket()
17-02-14 17:59:26.731   ERROR c.m.aad.adal4j.AuthenticationContext - [Correlation ID: f603f1ee-2e0c-4ed7-a345-f963e6b7d253] Request to acquire token failed.
java.net.SocketException: Connection reset
    at java.net.SocketInputStream.read(SocketInputStream.java:209)
    at java.net.SocketInputStream.read(SocketInputStream.java:141)
    at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
    at sun.security.ssl.InputRecord.read(InputRecord.java:503)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1513)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
    at com.microsoft.aad.adal4j.HttpHelper.readResponseFromConnection(HttpHelper.java:71)
    at com.microsoft.aad.adal4j.HttpHelper.getResponse(HttpHelper.java:175)
    at com.microsoft.aad.adal4j.HttpHelper.executeGetRequest(HttpHelper.java:149)
    at com.microsoft.aad.adal4j.HttpHelper.executeHttpGet(HttpHelper.java:50)
    at com.microsoft.aad.adal4j.HttpHelper.executeHttpGet(HttpHelper.java:42)
    at com.microsoft.aad.adal4j.MexParser.getWsTrustEndpointFromMexEndpoint(MexParser.java:105)
    at com.microsoft.aad.adal4j.WSTrustRequest.execute(WSTrustRequest.java:53)
    at com.microsoft.aad.adal4j.AuthenticationContext.processPasswordGrant(AuthenticationContext.java:841)
    at com.microsoft.aad.adal4j.AuthenticationContext.access$000(AuthenticationContext.java:66)
    at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:173)
    at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:163)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)

它与我作为jUnit测试运行所得到的相同,直到发生错误。它对我帮助不大,但也许有人会猜到发生了什么。

0 个答案:

没有答案
相关问题
最新问题