Skip to content

Instantly share code, notes, and snippets.

@Goston

Goston/Client.java

Last active May 16, 2021 09:34
Show Gist options
  • Save Goston/a831c4606c502636fb50dde2b4f2888a to your computer and use it in GitHub Desktop.
Save Goston/a831c4606c502636fb50dde2b4f2888a to your computer and use it in GitHub Desktop.
Download ZIP
Apache Axis 1.4 WebService Client via TLS 1.2 @ JDK 1.6
Raw
Client.java
// Call this first
AxisProperties.setProperty("axis.socketSecureFactory", MySocketFactory.class.getCanonicalName());
// Access your Web Services
WebServiceStub ws = (GSP2_NHICardSoap12Stub) new WebServiceLocator()...;
...
Raw
MySocketFactory.java
package ....;
import org.apache.axis.components.net.JSSESocketFactory;
import org.apache.axis.components.net.SecureSocketFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider;
import tw.gov.bli.na.util.ExceptionUtility;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
public class MySocketFactory extends JSSESocketFactory implements SecureSocketFactory {
static {
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
Security.insertProviderAt(new BouncyCastleProvider(), 1);
Security.removeProvider(BouncyCastleJsseProvider.PROVIDER_NAME);
Security.insertProviderAt(new BouncyCastleJsseProvider(), 2);
}
public MySocketFactory(Hashtable attributes) {
super(attributes);
}
protected void initFactory() throws IOException {
try {
SSLContext clientContext = SSLContext.getInstance("TLSv1.2", BouncyCastleJsseProvider.PROVIDER_NAME);
clientContext.init(null, new TrustManager[]{ getX509TrustManager() }, new SecureRandom());
this.sslFactory = clientContext.getSocketFactory();
}
catch (NoSuchAlgorithmException e) {
throw new IOException(e);
}
catch (NoSuchProviderException e) {
throw new IOException(e);
}
catch (KeyManagementException e) {
throw new IOException(e);
}
}
private static X509TrustManager getX509TrustManager() {
return new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
if (chain == null || chain.length < 1 || authType == null || authType.length() < 1) {
throw new IllegalArgumentException();
}
// String subject = chain[0].getSubjectX500Principal().getName();
// log.debug("Auto-trusted server certificate chain for: " + subject);
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
if (chain == null || chain.length < 1 || authType == null || authType.length() < 1) {
throw new IllegalArgumentException();
}
// String subject = chain[0].getSubjectX500Principal().getName();
// log.debug("Auto-trusted server certificate chain for: " + subject);
}
@Override
public X509Certificate[] getAcceptedIssuers() {
try {
TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
factory.init(KeyStore.getInstance("JKS"));
TrustManager[] trustmanagers = factory.getTrustManagers();
if (trustmanagers.length == 0) {
throw new NoSuchAlgorithmException("no trust manager found");
}
return ((X509TrustManager) trustmanagers[0]).getAcceptedIssuers();
}
catch (Exception e) {
log.error(ExceptionUtility.getStackTrace(e));
}
return null;
}
};
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment