在 wso2 身份服务器中使用示例代码创建用户
Creating User using sample code in wso2 Identity server
列出用户代码:
package Charon;
import org.apache.wink.client.ClientConfig;
import org.apache.wink.client.ClientWebException;
import org.apache.wink.client.Resource;
import org.apache.wink.client.RestClient;
import org.apache.wink.client.handlers.ClientHandler;
import org.wso2.charon.core.client.SCIMClient;
import org.wso2.charon.core.schema.SCIMConstants;
import org.wso2.charon.samples.utils.CharonResponseHandler;
import org.wso2.charon.utils.authentication.BasicAuthHandler;
import org.wso2.charon.utils.authentication.BasicAuthInfo;
public class GetUser {
public static final String Username = "admin";
public static final String Password = "admin";
public static final String URL = "https://localhost:9443/wso2/scim/Users";
public static void main(String[] args) {
try {
//create SCIM client
SCIMClient scimClient = new SCIMClient();
//create a apache wink ClientHandler to intercept and identify response messages
CharonResponseHandler responseHandler = new CharonResponseHandler();
responseHandler.setSCIMClient(scimClient);
//set the handler in wink client config
ClientConfig clientConfig = new ClientConfig();
clientConfig.handlers(new ClientHandler[]{responseHandler});
//create a wink rest client with the above config
RestClient restClient = new RestClient(clientConfig);
BasicAuthInfo basicAuthInfo = new BasicAuthInfo();
basicAuthInfo.setUserName(Username);
basicAuthInfo.setPassword(Password);
BasicAuthHandler basicAuthHandler = new BasicAuthHandler();
BasicAuthInfo encodedBasicAuthInfo = (BasicAuthInfo) basicAuthHandler.getAuthenticationToken(basicAuthInfo);
//create resource endpoint to access a known user resource.
Resource userResource = restClient.resource(URL);
String response = userResource.
header(SCIMConstants.AUTHORIZATION_HEADER, encodedBasicAuthInfo.getAuthorizationHeader()).
contentType(SCIMConstants.APPLICATION_JSON).accept(SCIMConstants.APPLICATION_JSON)
.get(String.class);
//decode the response
System.out.println(response);
} catch (ClientWebException e) {
System.out.println(e.getRequest().getEntity());
System.out.println(e.getResponse().getMessage());
e.printStackTrace();
}
}
}
以下是我得到的回复:
Exception in thread "main" org.apache.wink.client.ClientRuntimeException: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.wink.client.internal.ResourceImpl.invoke(ResourceImpl.java:240)
at org.apache.wink.client.internal.ResourceImpl.invoke(ResourceImpl.java:189)
at org.apache.wink.client.internal.ResourceImpl.get(ResourceImpl.java:302)
at Charon.GetUser.main(GetUser.java:49)
Caused by: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.wink.client.internal.handlers.HttpURLConnectionHandler.handle(HttpURLConnectionHandler.java:57)
at org.apache.wink.client.internal.handlers.HandlerContextImpl.doChain(HandlerContextImpl.java:52)
at org.apache.wink.client.internal.handlers.AcceptHeaderHandler.handle(AcceptHeaderHandler.java:79)
at org.apache.wink.client.internal.handlers.HandlerContextImpl.doChain(HandlerContextImpl.java:52)
at org.wso2.charon.samples.utils.CharonResponseHandler.handle(CharonResponseHandler.java:44)
at org.apache.wink.client.internal.handlers.HandlerContextImpl.doChain(HandlerContextImpl.java:52)
at org.apache.wink.client.internal.ResourceImpl.invoke(ResourceImpl.java:227)
... 3 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
at org.apache.wink.client.internal.handlers.HttpURLConnectionHandler.processRequest(HttpURLConnectionHandler.java:97)
at org.apache.wink.client.internal.handlers.HttpURLConnectionHandler.handle(HttpURLConnectionHandler.java:54)
... 9 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 22 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 28 more
由于您是通过 https 访问的,因此您必须拥有自己的密钥库,并且 WSO2 身份服务器的 public 证书应添加到您的 keystore/truststore。
您可以使用 WSO2 密钥库作为您自己的密钥库,这样您就不需要拥有自己的密钥库了。
// set these properties, this is used for authentication over https to the registry
System.setProperty("javax.net.ssl.trustStore", "wso2is-5.1.0/repository/resources/securitywso2carbon.jks"); //provide full path here
System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
System.setProperty("javax.net.ssl.trustStoreType","JKS");
列出用户代码:
package Charon;
import org.apache.wink.client.ClientConfig;
import org.apache.wink.client.ClientWebException;
import org.apache.wink.client.Resource;
import org.apache.wink.client.RestClient;
import org.apache.wink.client.handlers.ClientHandler;
import org.wso2.charon.core.client.SCIMClient;
import org.wso2.charon.core.schema.SCIMConstants;
import org.wso2.charon.samples.utils.CharonResponseHandler;
import org.wso2.charon.utils.authentication.BasicAuthHandler;
import org.wso2.charon.utils.authentication.BasicAuthInfo;
public class GetUser {
public static final String Username = "admin";
public static final String Password = "admin";
public static final String URL = "https://localhost:9443/wso2/scim/Users";
public static void main(String[] args) {
try {
//create SCIM client
SCIMClient scimClient = new SCIMClient();
//create a apache wink ClientHandler to intercept and identify response messages
CharonResponseHandler responseHandler = new CharonResponseHandler();
responseHandler.setSCIMClient(scimClient);
//set the handler in wink client config
ClientConfig clientConfig = new ClientConfig();
clientConfig.handlers(new ClientHandler[]{responseHandler});
//create a wink rest client with the above config
RestClient restClient = new RestClient(clientConfig);
BasicAuthInfo basicAuthInfo = new BasicAuthInfo();
basicAuthInfo.setUserName(Username);
basicAuthInfo.setPassword(Password);
BasicAuthHandler basicAuthHandler = new BasicAuthHandler();
BasicAuthInfo encodedBasicAuthInfo = (BasicAuthInfo) basicAuthHandler.getAuthenticationToken(basicAuthInfo);
//create resource endpoint to access a known user resource.
Resource userResource = restClient.resource(URL);
String response = userResource.
header(SCIMConstants.AUTHORIZATION_HEADER, encodedBasicAuthInfo.getAuthorizationHeader()).
contentType(SCIMConstants.APPLICATION_JSON).accept(SCIMConstants.APPLICATION_JSON)
.get(String.class);
//decode the response
System.out.println(response);
} catch (ClientWebException e) {
System.out.println(e.getRequest().getEntity());
System.out.println(e.getResponse().getMessage());
e.printStackTrace();
}
}
}
以下是我得到的回复:
Exception in thread "main" org.apache.wink.client.ClientRuntimeException: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.wink.client.internal.ResourceImpl.invoke(ResourceImpl.java:240)
at org.apache.wink.client.internal.ResourceImpl.invoke(ResourceImpl.java:189)
at org.apache.wink.client.internal.ResourceImpl.get(ResourceImpl.java:302)
at Charon.GetUser.main(GetUser.java:49)
Caused by: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.wink.client.internal.handlers.HttpURLConnectionHandler.handle(HttpURLConnectionHandler.java:57)
at org.apache.wink.client.internal.handlers.HandlerContextImpl.doChain(HandlerContextImpl.java:52)
at org.apache.wink.client.internal.handlers.AcceptHeaderHandler.handle(AcceptHeaderHandler.java:79)
at org.apache.wink.client.internal.handlers.HandlerContextImpl.doChain(HandlerContextImpl.java:52)
at org.wso2.charon.samples.utils.CharonResponseHandler.handle(CharonResponseHandler.java:44)
at org.apache.wink.client.internal.handlers.HandlerContextImpl.doChain(HandlerContextImpl.java:52)
at org.apache.wink.client.internal.ResourceImpl.invoke(ResourceImpl.java:227)
... 3 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
at org.apache.wink.client.internal.handlers.HttpURLConnectionHandler.processRequest(HttpURLConnectionHandler.java:97)
at org.apache.wink.client.internal.handlers.HttpURLConnectionHandler.handle(HttpURLConnectionHandler.java:54)
... 9 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 22 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 28 more
由于您是通过 https 访问的,因此您必须拥有自己的密钥库,并且 WSO2 身份服务器的 public 证书应添加到您的 keystore/truststore。
您可以使用 WSO2 密钥库作为您自己的密钥库,这样您就不需要拥有自己的密钥库了。
// set these properties, this is used for authentication over https to the registry
System.setProperty("javax.net.ssl.trustStore", "wso2is-5.1.0/repository/resources/securitywso2carbon.jks"); //provide full path here
System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
System.setProperty("javax.net.ssl.trustStoreType","JKS");