首页 > 编程入门 文章详情

如何配置Simple Framework以要求SSL客户端身份验证?(How can I configure Simple Framework to require SSL client authen

编程入门 行业动态 更新时间:2024-10-26 04:21:45
如何配置Simple Framework以要求SSL客户端身份验证?(How can I configure Simple Framework to require SSL client authentication?)

我正在使用Simple Framework编写HTTP服务器,并希望客户端提供由我的证书颁发机构签名的有效证书以建立连接。

我写了以下的简单服务器。 如何修改此代码以要求对所有SSL连接进行客户端证书身份验证?

public static void main(String[] args) throws Exception { Container container = createContainer(); Server server = new ContainerServer(container); Connection connection = new SocketConnection(server); SocketAddress address = new InetSocketAddress(8443); KeyManagerFactory km = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore serverKeystore = KeyStore.getInstance(KeyStore.getDefaultType()); try(InputStream keystoreFile = new FileInputStream(SERVER_KEYSTORE_PATH)) { serverKeystore.load(keystoreFile, "asdfgh".toCharArray()); } km.init(serverKeystore, SERVER_KS_PASSWORD.toCharArray()); TrustManagerFactory tm = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore caKeystore = KeyStore.getInstance(KeyStore.getDefaultType()); try(InputStream caCertFile = new FileInputStream(CA_CERT_PATH)) { caKeystore.load(caCertFile, CA_KS_PASSWORD.toCharArray()); } tm.init(caKeystore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(km.getKeyManagers(), tm.getTrustManagers(), null); connection.connect(address, sslContext); }

I am writing an HTTP server using the Simple Framework and would like to require clients to present a valid certificate signed by my certificate authority in order to establish a connection.

I have the following bare-bones server written. How can I modify this code to require client certificate authentication for all SSL connections?

public static void main(String[] args) throws Exception { Container container = createContainer(); Server server = new ContainerServer(container); Connection connection = new SocketConnection(server); SocketAddress address = new InetSocketAddress(8443); KeyManagerFactory km = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore serverKeystore = KeyStore.getInstance(KeyStore.getDefaultType()); try(InputStream keystoreFile = new FileInputStream(SERVER_KEYSTORE_PATH)) { serverKeystore.load(keystoreFile, "asdfgh".toCharArray()); } km.init(serverKeystore, SERVER_KS_PASSWORD.toCharArray()); TrustManagerFactory tm = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore caKeystore = KeyStore.getInstance(KeyStore.getDefaultType()); try(InputStream caCertFile = new FileInputStream(CA_CERT_PATH)) { caKeystore.load(caCertFile, CA_KS_PASSWORD.toCharArray()); } tm.init(caKeystore); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(km.getKeyManagers(), tm.getTrustManagers(), null); connection.connect(address, sslContext); }

最满意答案

尝试这个

public class MyServer implements org.simpleframework.transport.Server { private Server delegateServer; public MyServer(Server delegateServer){ this.delegateServer = delegateServer; } public void process(Socket socket){ socket.getEngine().setNeedClientAuth(true); delegateServer.process(socket); } }

Try this

public class MyServer implements org.simpleframework.transport.Server { private Server delegateServer; public MyServer(Server delegateServer){ this.delegateServer = delegateServer; } public void process(Socket socket){ socket.getEngine().setNeedClientAuth(true); delegateServer.process(socket); } }

更多推荐

本文发布于:2023-07-16 15:43:00,感谢您对本站的认可!
本文链接:https://www.elefans.com/category/jswz/34/1130472.html
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。
本文标签:身份验证   客户端   Framework   SSL   Simple

发布评论

评论列表 (有 0 条评论)

最近发表

草根站长

>www.elefans.com

编程频道|电子爱好者 - 技术资讯及电子产品介绍!

热门文章

标签列表