SOAP客户端SSL,身份验证失败

时间:2018-07-31 19:27:40

标签: java ssl-certificate soap-client

我正在汇总一个肥皂客户端,以致电第三方肥皂服务。我在与Java连接时遇到问题。它与SoapUI一起正常工作。这是我第一次在应用程序中设置密钥库。我发现的所有代码都是一样的,而且非常简单,但是我不知道为什么Java版本无法正常工作。我正在使用公司也试图提供服务的公司提供的TLS pfx文件。 我从服务器取回403。这是代码

        URL wsdlLocation = new URL(SECURE_INTEGRATION_WSDL);
        ObjectFactory ofactory = new ObjectFactory();
        HttpsURLConnection httpsConnection = (HttpsURLConnection)wsdlLocation.openConnection();
        char[] password = CLIENT_KEYSTORE_PASSWORD.toCharArray();

        //load keystore
        FileInputStream is = new FileInputStream(new File(CLIENT_KEYSTORE_PATH));
        final KeyStore keystore = KeyStore.getInstance("PKCS12");
        keystore.load(is, password);
        is.close();

        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

        kmf.init(keystore, password);

        //set the ssl context
        SSLContext sc = SSLContext.getInstance("TLS");
        sc.init(kmf.getKeyManagers(), null,
                new java.security.SecureRandom());


        httpsConnection.setSSLSocketFactory(sc.getSocketFactory());



        SecureIntegrationServicesImap client = new SecureIntegrationServicesImap(wsdlLocation);


        SesMessage message = ofactory.createSesMessage();

        ReceiveRequest r = ofactory.createReceiveRequest();

        r.setEmail(ofactory.createReceiveRequestEmail("<email ommitted>"));
    ArrayOfMessageSummary messages = client.getWSHttpBindingSecureIntegrationServiceImap().getMessageList(r);
    log.info(messages.getMessageSummary().size());

对于我所犯错误的任何帮助,我们深表感谢。

不确定是否重要,但是服务器是.NET平台

这是我得到的堆栈跟踪

javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://<host omitted>/TS?wsdl. It failed with: 
Server returned HTTP response code: 403 for URL: https://<host omitted>/TS?wsdl.
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:265)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:246)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:209)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:178)
at com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:363)
at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:321)
at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:230)
at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:211)
at com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:207)
at com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:114)
at javax.xml.ws.Service.<init>(Service.java:77)
at org.tempuri.SecureIntegrationServicesImap.<init>(SecureIntegrationServicesImap.java:50)
at com.wiredinformatics.utils.SecureExchange.main(SecureExchange.java:127) Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: https://host omitted/TS?wsdl
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1876)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at java.net.URL.openStream(URL.java:1045)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.createReader(RuntimeWSDLParser.java:999)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(RuntimeWSDLParser.java:400)
at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:231)
... 11 more

1 个答案:

答案 0 :(得分:1)

听起来您正在使用基于TLS的客户端身份验证。根据您发布的代码,我怀疑问题是初始化后在任何地方都没有使用httpsConnection。因此,它不会像预期的那样尝试使用客户端证书,而是使用默认的请求上下文设置。

假设您正在使用JAX-WS,则应该能够使用this answer中概述的解决方案将证书绑定到请求上下文(而不是初始化自己的HttpsURLConnection):

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());