使用两个pem文件使用WSS连接到SOAP

时间:2017-12-05 09:02:43

标签: java soap authorization ws-security

使用OASIS Web Services Security (WSS)进行SOAP授权的第三方应用程序为我提供了以下两个pem文件:

WS-client.pem 

-----BEGIN CERTIFICATE-----
VQQKDAxCZWFyaW5nUG9pbnQxFDASBgNVBAcMC0TDvHNzZWxkb3JmMQkwBwYDVQQI
[..]
CCsGAQUFBwMCBggrBgEFBQcDCDANBgkqhkiG9w0BAQsFAAOCAQEAY8MiqxLIE+dQ
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
XKJyj28HAgMBAAECggEATF3hM/l2mIDFkJ69kskJUep/+ejl33AXVc9akY7gocLV
[..]
P+htLANmvC29Z5eFgkotZsAQoRi+L4gNsH1kbWHxcYA6YWRCHtpTYsa6/agUnywq
-----END RSA PRIVATE KEY-----

WS-server.pem 

-----BEGIN CERTIFICATE-----
cmcxCzAJBgNVBAYTAkRFMB4XDTE3MTExNDExMjA1NloXDTI3MTExNDExMjA1Nlow
[..]
z6RWmsrSfLXGAM5QL4CCDzMth2AP8WzksMzW6dD6qK5/X9yD3g2GRXbHbtnvl6fk
-----END CERTIFICATE-----

过去两天我尝试了很多不同的方法,接下来是几个例子..使用curl,nodejs,java等......没有成功。

这是我的最新代码: 

import org.bouncycastle.jce.provider.BouncyCastleProvider
import org.bouncycastle.openssl.PEMReader

import java.security.*
import java.security.cert.Certificate
import java.security.cert.CertificateException
import java.security.cert.X509Certificate

class WsSecurityHandler {

    private static final char[] KSPASSWORD = null

    WsSecurityHandler() {
        Security.addProvider(new BouncyCastleProvider())
    }

    private PrivateKey getPrivateKey() throws IOException {
        InputStream pemClientInput = getClass().getClassLoader().getResourceAsStream("pem/ws-client.pem")
        Reader reader = new InputStreamReader(pemClientInput, "UTF8")
        PEMReader pemReader = new PEMReader(reader)
        PrivateKey privateKey = (PrivateKey) pemReader.readObject()
        pemReader.close()
        return privateKey
    }

    private X509Certificate getPublicCertificate() throws IOException {
        InputStream pemServerInput = getClass().getClassLoader().getResourceAsStream("pem/ws-server.pem")
        Reader reader = new InputStreamReader(pemServerInput, "UTF8")
        PEMReader pemReader = new PEMReader(reader)
        X509Certificate certificate = (X509Certificate) pemReader.readObject()
        pemReader.close()
        return certificate
    }


    void initKeyStore() throws IOException {
        PrivateKey privateKey = getPrivateKey()
        X509Certificate certificate = getPublicCertificate() 
        Certificate[] chain = new Certificate[1]
        chain[0] = certificate

        try {
            KeyStore ks = KeyStore.getInstance("JKS")
            ks.load(null, KSPASSWORD)
            ks.setKeyEntry("FooBar", privateKey, KSPASSWORD, chain)
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace()
        } catch (KeyStoreException e) {
            e.printStackTrace()
        } catch (CertificateException e) {
            e.printStackTrace()
        }
    }
}

在行

失败 
PrivateKey privateKey = (PrivateKey) pemReader.readObject()

使用:

  

线程“main”中的异常   org.codehaus.groovy.runtime.typehandling.GroovyCastException:不能   用类转换对象   'org.bouncycastle.jce.provider.X509CertificateObject'到班级   '为java.security.PrivateKey'

我在某种程度上得到的印象是我误解了这个话题中的一个重要部分。所以它涉及到这种令人尴尬的问题: 我如何准备我的应用程序以便能够连接到此WSS-SOAP-API?

0 个答案:

没有答案
相关问题
最新问题