Java Mutual authentication- Client Server
Question
I'm writing a simple java client/server program in which just establishes a connection with the server sends it a sentence and the server sends the response for that. This is actually an example straight forward.
In above scenario, am looking for SSL based mutual authentication. I need to implement it in java.
Please suggest me if you have any example or how to implement same in Java.
2 answers
solution1
-1 2014-05-02 14:17:02
When you say "client/server", does it means use Socket ? But SSL is usually used in HTTP connectons. I have not seen it used in socket connections. Here is sample for HTTP: You have to load you PKCS12 certificate into a keystore and provide that store to the SSLContext.
private SSLSocketFactory getFactory( File pKeyFile, String pKeyPassword ) throws ... {
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509);
KeyStore keyStore = KeyStore.getInstance("PKCS12");
InputStream keyInput = new FileInputStream(pKeyFile);
keyStore.load(keyInput, pKeyPassword.toCharArray());
keyInput.close();
keyManagerFactory.init(keyStore, pKeyPassword.toCharArray());
SSLContext context = SSLContext.getInstance("TLS");
context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
return context.getSocketFactory();
}
URL url = new URL("someurl");
HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
con.setSSLSocketFactory(getFactory(new File("file.p12"), "secret"));
solution2
-1 2015-04-22 11:24:55
Server code:
import java.io.*;
import java.net.*;
import java.util.*;
public class OTPServer {
public static void main(String []args) throws IOException {
ServerSocket ServerSocket= new ServerSocket(7777);
System.out.println("Sever running and waiting for client");
Socket ClientSocket=ServerSocket.accept();
PrintWriter out=new PrintWriter(ClientSocket.getOutputStream(),true);
Scanner sc=new Scanner(ClientSocket.getInputStream());
String id=sc.nextLine();
Random r=new Random();
String otp=new String();
for(int i=0;i<5;i++){
otp+=r.nextInt(10);
}
System.out.print(otp);
String newId=sc.nextLine();
String newOtp=sc.nextLine();
if(newId.equals(id)){
if(!newOtp.equals(otp)){
out.println("Incoreeect OTP!");
}
else{
out.println("Logged In!");
}
}
System.exit(0);
}
}
Client code:
import java.io.*;
import java.net.*;
import java.util.*;
public class OTPServer {
public static void main(String []args) throws IOException {
ServerSocket ServerSocket= new ServerSocket(7777);
System.out.println("Sever running and waiting for client");
Socket ClientSocket=ServerSocket.accept();
PrintWriter out=new PrintWriter(ClientSocket.getOutputStream(),true);
Scanner sc=new Scanner(ClientSocket.getInputStream());
String id=sc.nextLine();
Random r=new Random();
String otp=new String();
for(int i=0;i<5;i++){
otp+=r.nextInt(10);
}
System.out.print(otp);
String newId=sc.nextLine();
String newOtp=sc.nextLine();
if(newId.equals(id)){
if(!newOtp.equals(otp)){
out.println("Incoreeect OTP!");
}
else{
out.println("Logged In!");
}
}
System.exit(0);
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.