如何在 Jersey 2.x 和 Apache 连接管理器中使用 SSL
How to use SSL with Jersey 2.x and Apache Connection manager
我想对我的 Jersey 2.x rest 客户端使用连接池。我有以下代码:
ClientConfig clientConfig = new ClientConfig();
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager();
connectionManager.setMaxTotal(100);
connectionManager.setDefaultMaxPerRoute(20);
clientConfig.property(ApacheClientProperties.CONNECTION_MANAGER, connectionManager);
clientConfig.connectorProvider(new ApacheConnectorProvider());
Client client = ClientBuilder.newBuilder()
.withConfig(clientConfig)
.sslContext(SslConfigurator.getDefaultContext())
.build();
但这不适用于需要客户端证书的站点。如果我不使用 PoolingHttpClientConnectionManager
(即像这样注释掉它:)
//clientConfig.property(ApacheClientProperties.CONNECTION_MANAGER, connectionManager);
然后发送客户端证书。
如何设置 PoolingHttpClientConnectionManager
以使用 javax.net.ssl...
属性?
使用系统属性配置的 SSL 套接字工厂
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", SSLConnectionSocketFactory.getSystemSocketFactory())
.build();
PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
如果您使用默认的 SSL 上下文,则上面的示例有效。
如果您有自定义 SSL 上下文,例如:
SslConfigurator sslConfig = SslConfigurator.newInstance()
.trustStoreFile(...).trustStorePassword(...)
.keyStoreFile(...).keyStorePassword(...).keyPassword(...);
SSLContext sslContext = sslConfig.createSSLContext();
然后将其交给 PoolingHttpClientConnectionManager :
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", new SSLConnectionSocketFactory(sslContext))
.build();
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
不再需要调用 ClientBuilder.sslContext()。
我想对我的 Jersey 2.x rest 客户端使用连接池。我有以下代码:
ClientConfig clientConfig = new ClientConfig();
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager();
connectionManager.setMaxTotal(100);
connectionManager.setDefaultMaxPerRoute(20);
clientConfig.property(ApacheClientProperties.CONNECTION_MANAGER, connectionManager);
clientConfig.connectorProvider(new ApacheConnectorProvider());
Client client = ClientBuilder.newBuilder()
.withConfig(clientConfig)
.sslContext(SslConfigurator.getDefaultContext())
.build();
但这不适用于需要客户端证书的站点。如果我不使用 PoolingHttpClientConnectionManager
(即像这样注释掉它:)
//clientConfig.property(ApacheClientProperties.CONNECTION_MANAGER, connectionManager);
然后发送客户端证书。
如何设置 PoolingHttpClientConnectionManager
以使用 javax.net.ssl...
属性?
使用系统属性配置的 SSL 套接字工厂
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", SSLConnectionSocketFactory.getSystemSocketFactory())
.build();
PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
如果您使用默认的 SSL 上下文,则上面的示例有效。 如果您有自定义 SSL 上下文,例如:
SslConfigurator sslConfig = SslConfigurator.newInstance()
.trustStoreFile(...).trustStorePassword(...)
.keyStoreFile(...).keyStorePassword(...).keyPassword(...);
SSLContext sslContext = sslConfig.createSSLContext();
然后将其交给 PoolingHttpClientConnectionManager :
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", new SSLConnectionSocketFactory(sslContext))
.build();
PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
不再需要调用 ClientBuilder.sslContext()。