[英]Java Mutual authentication- Client Server
I'm writing a simple java client/server program in which just establishes a connection with the server sends it a sentence and the server sends the response for that. 我正在编写一个简单的Java客户端/服务器程序,其中仅与服务器建立连接就向其发送一个语句,服务器为此发送响应。 This is actually an example straight forward.
这实际上是一个简单的例子。
In above scenario, am looking for SSL based mutual authentication. 在上述情况下,我正在寻找基于SSL的相互身份验证。 I need to implement it in java.
我需要在Java中实现它。
Please suggest me if you have any example or how to implement same in Java. 如果您有任何示例或如何在Java中实现示例,请提出建议。
When you say "client/server", does it means use Socket ? 当您说“客户端/服务器”时,是否意味着使用Socket? But SSL is usually used in HTTP connectons.
但是SSL通常用于HTTP连接器中。 I have not seen it used in socket connections.
我还没有看到它用于套接字连接。 Here is sample for HTTP: You have to load you PKCS12 certificate into a keystore and provide that store to the SSLContext.
这是HTTP的示例:您必须将PKCS12证书加载到密钥库中,并将该存储提供给SSLContext。
private SSLSocketFactory getFactory( File pKeyFile, String pKeyPassword ) throws ... {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509);
KeyStore keyStore = KeyStore.getInstance("PKCS12");
InputStream keyInput = new FileInputStream(pKeyFile);
keyStore.load(keyInput, pKeyPassword.toCharArray());
keyInput.close();
keyManagerFactory.init(keyStore, pKeyPassword.toCharArray());
SSLContext context = SSLContext.getInstance("TLS");
context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
return context.getSocketFactory();
}
URL url = new URL("someurl");
HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
con.setSSLSocketFactory(getFactory(new File("file.p12"), "secret"));
Server code: 服务器代码:
import java.io.*;
import java.net.*;
import java.util.*;
public class OTPServer {
public static void main(String []args) throws IOException {
ServerSocket ServerSocket= new ServerSocket(7777);
System.out.println("Sever running and waiting for client");
Socket ClientSocket=ServerSocket.accept();
PrintWriter out=new PrintWriter(ClientSocket.getOutputStream(),true);
Scanner sc=new Scanner(ClientSocket.getInputStream());
String id=sc.nextLine();
Random r=new Random();
String otp=new String();
for(int i=0;i<5;i++){
otp+=r.nextInt(10);
}
System.out.print(otp);
String newId=sc.nextLine();
String newOtp=sc.nextLine();
if(newId.equals(id)){
if(!newOtp.equals(otp)){
out.println("Incoreeect OTP!");
}
else{
out.println("Logged In!");
}
}
System.exit(0);
}
}
Client code: 客户代码:
import java.io.*;
import java.net.*;
import java.util.*;
public class OTPServer {
public static void main(String []args) throws IOException {
ServerSocket ServerSocket= new ServerSocket(7777);
System.out.println("Sever running and waiting for client");
Socket ClientSocket=ServerSocket.accept();
PrintWriter out=new PrintWriter(ClientSocket.getOutputStream(),true);
Scanner sc=new Scanner(ClientSocket.getInputStream());
String id=sc.nextLine();
Random r=new Random();
String otp=new String();
for(int i=0;i<5;i++){
otp+=r.nextInt(10);
}
System.out.print(otp);
String newId=sc.nextLine();
String newOtp=sc.nextLine();
if(newId.equals(id)){
if(!newOtp.equals(otp)){
out.println("Incoreeect OTP!");
}
else{
out.println("Logged In!");
}
}
System.exit(0);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.