Spring使用ssl HTTP代理和数字证书

Question

我有一些问题。 当我从肥皂ui发送消息时，一切都很好，但是当我使用spring ws得到这个问题时，这是我的配置。

org.springframework.ws.soap.client.SoapFaultClientException: Internal Error
at org.springframework.ws.soap.client.core.SoapFaultMessageResolver.resolveFault(SoapFaultMessageResolver.java:38) ~[spring-ws-core-3.0.6.RELEASE.jar:na]
at org.springframework.ws.client.core.WebServiceTemplate.handleFault(WebServiceTemplate.java:830) ~[spring-ws-core-3.0.6.RELEASE.jar:na]
at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:624) ~[spring-ws-core-3.0.6.RELEASE.jar:na]
at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:555) ~[spring-ws-core-3.0.6.RELEASE.jar:na]
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:390) ~[spring-ws-core-3.0.6.RELEASE.jar:na]
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:383) ~[spring-ws-core-3.0.6.RELEASE.jar:na]
at org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive(WebServiceTemplate.java:373) ~[spring-ws-core-3.0.6.RELEASE.jar:na]
at au.com.checkworkrights.client.ClientSample.sendMessage(ClientSample.java:84) ~[classes/:na]
at au.com.checkworkrights.controller.PoliceCheckController.check(PoliceCheckController.java:21) ~[classes/:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_171]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_171]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_171]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_171]
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:189) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102) ~[spring-webmvc-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895) ~[spring-webmvc-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800) ~[spring-webmvc-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) ~[spring-webmvc-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038) ~[spring-webmvc-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942) ~[spring-webmvc-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005) ~[spring-webmvc-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:897) ~[spring-webmvc-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882) ~[spring-webmvc-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-embed-websocket-9.0.16.jar:9.0.16]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.1.5.RELEASE.jar:5.1.5.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200) ~[tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415) [tomcat-embed-core-9.0.16.jar:9.0.16]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.16.jar:9.0.16]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [na:1.8.0_171]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [na:1.8.0_171]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.16.jar:9.0.16]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_171]

我将分配我的配置。

package au.com.checkworkrights.client;

import au.gov.crimtrac.www.Namespace.NationalPoliceCheck.Service.V1_1.ObjectFactory; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.webservices.client.WebServiceTemplateBuilder; import org.springframework.context.annotation.Primary; import org.springframework.core.io.ClassPathResource; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.oxm.jaxb.Jaxb2Marshaller;

import org.springframework.ws.client.core.WebServiceTemplate; import org.springframework.ws.soap.security.wss4j2.support.CryptoFactoryBean; import org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor;

import java.io.IOException;

@Configuration公共类SoapClientConfiguration {

@Value("${au.com.checkworkrights.aciccli.soapconfig.certusername}")
private String certJKSAlias;

@Value("${au.com.checkworkrights.aciccli.wsconfig.certpass}")
private String certJKSPassword;

@Value("${au.com.checkworkrights.aciccli.wsconfig.jkspath}")
private String certJKS;


@Value("${acic.ws.trust-store}")
private String NSS_CHECKWORKRIGHTSjks;

@Value("${acic.ws.trust-store-password}")
private String NSS_CHECKWORKRIGHTSjksPassword;


@Value("${au.com.checkworkrights.aciccli.service.url}")
private String url;


private static final Logger LOGGER = LoggerFactory.getLogger(SoapClientConfiguration.class);


@Bean
@Primary
public Wss4jSecurityInterceptor securityInterceptor() throws Exception {
    Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor();
    securityInterceptor.setSecurementActions("Signature");
    securityInterceptor.setSecurementUsername(certJKSAlias);
    securityInterceptor.setSecurementPassword(certJKSPassword);
    securityInterceptor.setSecurementSignatureCrypto(clientKeyStoreCryptoFactoryBean().getObject());
    securityInterceptor.setSecurementSignatureKeyIdentifier("DirectReference");

    return securityInterceptor;
}


@Bean
public Jaxb2Marshaller marshaller() {
    Jaxb2Marshaller marshaller = new Jaxb2Marshaller();
    marshaller.setContextPath(ObjectFactory.class.getPackage().getName());
    return marshaller;
}


@Bean
public CryptoFactoryBean clientKeyStoreCryptoFactoryBean() throws IOException {
    CryptoFactoryBean cryptoFactoryBean = new CryptoFactoryBean();
    cryptoFactoryBean.setKeyStoreLocation(new ClassPathResource(certJKS));
    cryptoFactoryBean.setKeyStorePassword(certJKSPassword);
    cryptoFactoryBean.setDefaultX509Alias(certJKSAlias);
    return cryptoFactoryBean;
}


@Bean
@Primary
public WebServiceTemplate webServiceTemplate() throws Exception {
    return new WebServiceTemplateBuilder()
            .setDefaultUri(url)
            .setMarshaller(marshaller())
            .setUnmarshaller(marshaller())
            .additionalInterceptors(securityInterceptor())
            .build();

}

}

客户代码

@Service public class ClientSample {

@Autowired
private WebServiceTemplate webServiceTemplate;


public void sendMessage() {

    CheckSubmitRequestType checkSubmitRequestType = new CheckSubmitRequestType();
    checkSubmitRequestType.setOrganisation("CHECKWORKRIGHTS");
    checkSubmitRequestType.setCategory("pre-employment");
    checkSubmitRequestType.setPurpose("General Nurse");
    checkSubmitRequestType.setPriority("Normal");
    checkSubmitRequestType.setOfficecode("");
    checkSubmitRequestType.setOrganisationReferenceNumber("10100001");
    checkSubmitRequestType.setInformedConsent(1);
    checkSubmitRequestType.setType("pre-employment");
    CheckSubmitRequestSubjectType subjectType = new CheckSubmitRequestSubjectType();
    subjectType.setBirthDate("05/11/62");
    subjectType.setBirthDateYearOnly(false);
    subjectType.setGender("Female");
    subjectType.setIdentityConfirmed(true);

    CheckSubmitRequestNamesType requestNamesType = new CheckSubmitRequestNamesType();

    NameType nameType = new NameType();
    nameType.setFamilyName("Rabbit");
    nameType.setFirstGivenName("Jessica");
    nameType.setType("Primary");
    nameType.setSingleNameOnly(false);

    requestNamesType.getName().add(nameType);
    subjectType.setNames(requestNamesType);


    BirthPlaceType birthPlaceType = new BirthPlaceType();
    birthPlaceType.setCountry("AUS");
    birthPlaceType.setState("Queensland");
    birthPlaceType.setTown("Brisbane");

    subjectType.setBirthPlace(birthPlaceType);


    AddressesType addressesType = new AddressesType();
    AddressType addressType = new AddressType();
    addressType.setType("Residential");
    addressType.setLine("79A Shipton Crescent");
    addressType.setSuburb("Tamworth");
    addressType.setState("New South Wales");
    addressType.setPostcode("2340");
    addressType.setCountry("AUS");

    addressesType.getAddress().add(addressType);
    subjectType.setAddresses(addressesType);


    PassportsType passportsType = new PassportsType();
    PassportType passportType = new PassportType();
    passportType.setCountry("AUS");
    passportType.setNumber("N0995852");
    passportType.setType("Government");

    passportsType.getPassport().add(passportType);
    subjectType.setAddresses(addressesType);

    checkSubmitRequestType.setSubject(subjectType);

    ObjectFactory objectFactory = new ObjectFactory();


    webServiceTemplate.marshalSendAndReceive(objectFactory.createCheckSubmitRequest(checkSubmitRequestType));


}

}

这是soap UI中的工作配置

SOAP UI SSL Config ws secuirty konfig ws Keystore 工作消息

Answer 1

vm选项是

-Djavax.net.debug=all 
-Djava.net.useSystemProxies=true 
-Dhttps.proxyPort=3128 
-Dhttps.proxyHost=127.0.0.1 
-Dhttp.proxyPort=3128 
-Dhttp.proxyHost=127.0.0.1 
-Djavax.net.ssl.keyStore=C:/NSS_CHECKWORKRIGHTS_2019.jks 
-Djavax.net.ssl.keyStorePassword=****
-Djavax.net.ssl.trustStorePassword=****

Spring使用ssl HTTP代理和数字证书

问题描述

1 个解决方案

解决方案1
0

Spring使用ssl HTTP代理和数字证书

问题描述

1 个解决方案

解决方案1 0

解决方案1
0