[英]camel:sslContextParameters is not being used in an http4 connection
我在嘗試創建一個指向安全URL的端點時遇到問題(它要求輸入個人證書),我的目標是創建一個具有相同輸入參數的內部服務,並使用有效證書調用外部服務,以獲取響應並將其重定向到呼叫者,從而避免了呼叫者擁有有效的證書。
這是我的路線:
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:camel="http://camel.apache.org/schema/blueprint"
xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="
http://www.osgi.org/xmlns/blueprint/v1.0.0
http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://camel.apache.org/schema/blueprint/cxf
http://camel.apache.org/schema/blueprint/cxf/camel-cxf.xsd
http://camel.apache.org/schema/blueprint
http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
<cxf:cxfEndpoint address="/validate_nif/" id="validateNifEndpoint" serviceClass="validationservice.nif.ValidateNifEndpoint"/>
<camel:sslContextParameters id="mySslContextParameters">
<camel:keyManagers keyPassword="">
<camel:keyStore password="XXXXX" resource="etc/certs/truststore.jks"/>
</camel:keyManagers>
<camel:clientParameters>
<camel:secureSocketProtocols>
<camel:secureSocketProtocol>SSLv3</camel:secureSocketProtocol>
</camel:secureSocketProtocols>
</camel:clientParameters>
</camel:sslContextParameters>
<bean class="org.apache.camel.component.http4.HttpComponent" id="my-http4">
<property name="sslContextParameters" ref="mySslContextParameters"/>
</bean>
<camelContext id="camelContext-83032cb1-6f93-4d6f-b22f-2cef908fcc8b" xmlns="http://camel.apache.org/schema/blueprint">
<contextScan/>
<route id="_route1" trace="true">
<!-- route starts from the cxf webservice -->
<from id="_from1" uri="cxf:bean:validateNifEndpoint"/>
<!-- log input received -->
<log id="_log1" message="Input: ${body}"/>
<removeHeaders id="_removeHeaders1" pattern="CamelHttp*"/>
<!-- call external service -->
<to id="_to2" uri="my-http4://www1.agenciatributaria.gob.es/wlpl/BURT-JDIT/ws/VNifV1SOAP?sslContextParametersRef=mySslContextParameters&proxyAuthHost=myproxy&proxyAuthPort=8080&proxyAuthScheme=http4"/>
<!-- log answer from real web service -->
<log id="_log2" message="Output: ${body}"/>
<transform id="_transform1">
<constant>OK</constant>
</transform>
</route>
</camelContext>
</blueprint>
http4組件可以正確解析代理設置,但似乎無法解析ssl設置:
2017-06-14 13:48:40,237 | DEBUG | cxf/validate_nif | SendProcessor | 323 - org.apache.camel.camel-core - 2.17.0.redhat-630187 | >>>> Endpoint[my-http4://www1.agenciatributaria.gob.es/wlpl/BURT-JDIT/ws/VNifV1SOAP?proxyAuthScheme=http4&proxyAuthPort=8080&sslContextParametersRef=mySslContextParameters&proxyAuthHost=myproxy] Exchange[ID-010668-57070-1497438180654-4-6]
2017-06-14 13:48:40,242 | DEBUG | cxf/validate_nif | HttpProducer | 391 - org.apache.camel.camel-http4 - 2.17.0.redhat-630187 | Executing http GET method: http://www1.agenciatributaria.gob.es/wlpl/BURT-JDIT/ws/VNifV1SOAP?sslContextParametersRef=mySslContextParameters
2017-06-14 13:48:40,242 | DEBUG | cxf/validate_nif | RequestAddCookies | 392 - org.apache.httpcomponents.httpclient - 4.5.2 | CookieSpec selected: default
2017-06-14 13:48:40,242 | DEBUG | cxf/validate_nif | RequestAuthCache | 392 - org.apache.httpcomponents.httpclient - 4.5.2 | Auth cache not set in the context
2017-06-14 13:48:40,242 | DEBUG | cxf/validate_nif | olingHttpClientConnectionManager | 392 - org.apache.httpcomponents.httpclient - 4.5.2 | Connection request: [route: {}->http4://myproxy:8080->http://www1.agenciatributaria.gob.es:80][total kept alive: 3; route allocated: 1 of 20; total allocated: 3 of 200]
2017-06-14 13:48:40,247 | DEBUG | cxf/validate_nif | olingHttpClientConnectionManager | 392 - org.apache.httpcomponents.httpclient - 4.5.2 | Connection leased: [id: 10][route: {}->http4://myproxy:8080->http://www1.agenciatributaria.gob.es:80][total kept alive: 2; route allocated: 1 of 20; total allocated: 3 of 200]
2017-06-14 13:48:40,247 | DEBUG | cxf/validate_nif | MainClientExec | 392 - org.apache.httpcomponents.httpclient - 4.5.2 | Executing request GET http://www1.agenciatributaria.gob.es/wlpl/BURT-JDIT/ws/VNifV1SOAP?sslContextParametersRef=mySslContextParameters HTTP/1.1
2017-06-14 13:48:40,247 | DEBUG | cxf/validate_nif | MainClientExec | 392 - org.apache.httpcomponents.httpclient - 4.5.2 | Target auth state: UNCHALLENGED
2017-06-14 13:48:40,247 | DEBUG | cxf/validate_nif | MainClientExec | 392 - org.apache.httpcomponents.httpclient - 4.5.2 | Proxy auth state: UNCHALLENGED
2017-06-14 13:48:40,247 | DEBUG | cxf/validate_nif | headers | 392 - org.apache.httpcomponents.httpclient - 4.5.2 | http-outgoing-10 >> GET http://www1.agenciatributaria.gob.es/wlpl/BURT-JDIT/ws/VNifV1SOAP?sslContextParametersRef=mySslContextParameters HTTP/1.1
關於如何使其運作的任何想法?
請參閱https://camel.apache.org/manual/latest/camel-configuration-utilities.html注意:“ secureSocketProtocol( attribute )”因此,也許這可以工作:
<camel:sslContextParameters id="mySslContextParameters" secureSocketProtocol="SSLv3">
<camel:keyManagers keyPassword="">
<camel:keyStore password="XXXXX" resource="etc/certs/truststore.jks"/>
</camel:keyManagers>
</camel:sslContextParameters>
很長時間以來,我試圖克服通過https4發送的錯誤。 建議在任何地方使用:
<camel:clientParameters>
<camel:secureSocketProtocols>
<camel:secureSocketProtocol>TLSv1.2</camel:secureSocketProtocol>
</camel:secureSocketProtocols>
</camel:clientParameters>
一位同事建議使用屬性secureSocketProtocol =“ TLSv1.2”,它可以正常工作。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.