Last active
May 16, 2021 09:34
-
-
Save Goston/a831c4606c502636fb50dde2b4f2888a to your computer and use it in GitHub Desktop.
Apache Axis 1.4 WebService Client via TLS 1.2 @ JDK 1.6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Call this first | |
AxisProperties.setProperty("axis.socketSecureFactory", MySocketFactory.class.getCanonicalName()); | |
// Access your Web Services | |
WebServiceStub ws = (GSP2_NHICardSoap12Stub) new WebServiceLocator()...; | |
... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package ....; | |
import org.apache.axis.components.net.JSSESocketFactory; | |
import org.apache.axis.components.net.SecureSocketFactory; | |
import org.bouncycastle.jce.provider.BouncyCastleProvider; | |
import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider; | |
import tw.gov.bli.na.util.ExceptionUtility; | |
import javax.net.ssl.SSLContext; | |
import javax.net.ssl.TrustManager; | |
import javax.net.ssl.TrustManagerFactory; | |
import javax.net.ssl.X509TrustManager; | |
import java.io.IOException; | |
import java.security.KeyManagementException; | |
import java.security.KeyStore; | |
import java.security.NoSuchAlgorithmException; | |
import java.security.NoSuchProviderException; | |
import java.security.SecureRandom; | |
import java.security.Security; | |
import java.security.cert.CertificateException; | |
import java.security.cert.X509Certificate; | |
import java.util.Hashtable; | |
public class MySocketFactory extends JSSESocketFactory implements SecureSocketFactory { | |
static { | |
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME); | |
Security.insertProviderAt(new BouncyCastleProvider(), 1); | |
Security.removeProvider(BouncyCastleJsseProvider.PROVIDER_NAME); | |
Security.insertProviderAt(new BouncyCastleJsseProvider(), 2); | |
} | |
public MySocketFactory(Hashtable attributes) { | |
super(attributes); | |
} | |
protected void initFactory() throws IOException { | |
try { | |
SSLContext clientContext = SSLContext.getInstance("TLSv1.2", BouncyCastleJsseProvider.PROVIDER_NAME); | |
clientContext.init(null, new TrustManager[]{ getX509TrustManager() }, new SecureRandom()); | |
this.sslFactory = clientContext.getSocketFactory(); | |
} | |
catch (NoSuchAlgorithmException e) { | |
throw new IOException(e); | |
} | |
catch (NoSuchProviderException e) { | |
throw new IOException(e); | |
} | |
catch (KeyManagementException e) { | |
throw new IOException(e); | |
} | |
} | |
private static X509TrustManager getX509TrustManager() { | |
return new X509TrustManager() { | |
@Override | |
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { | |
if (chain == null || chain.length < 1 || authType == null || authType.length() < 1) { | |
throw new IllegalArgumentException(); | |
} | |
// String subject = chain[0].getSubjectX500Principal().getName(); | |
// log.debug("Auto-trusted server certificate chain for: " + subject); | |
} | |
@Override | |
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { | |
if (chain == null || chain.length < 1 || authType == null || authType.length() < 1) { | |
throw new IllegalArgumentException(); | |
} | |
// String subject = chain[0].getSubjectX500Principal().getName(); | |
// log.debug("Auto-trusted server certificate chain for: " + subject); | |
} | |
@Override | |
public X509Certificate[] getAcceptedIssuers() { | |
try { | |
TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); | |
factory.init(KeyStore.getInstance("JKS")); | |
TrustManager[] trustmanagers = factory.getTrustManagers(); | |
if (trustmanagers.length == 0) { | |
throw new NoSuchAlgorithmException("no trust manager found"); | |
} | |
return ((X509TrustManager) trustmanagers[0]).getAcceptedIssuers(); | |
} | |
catch (Exception e) { | |
log.error(ExceptionUtility.getStackTrace(e)); | |
} | |
return null; | |
} | |
}; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment