摘要:序本文從里頭摘出訪問的源碼,展示一下怎么用去訪問。其中指定要不要檢驗,如果不校驗,則是使用小結使用不去驗證,但是可能存在風險構造
序
本文從spring cloud netflix zuul里頭摘出httpclient訪問https/http的源碼,展示一下怎么用httpclient去訪問https。
newConnectionManagerprotected PoolingHttpClientConnectionManager newConnectionManager(boolean sslHostnameValidationEnabled) { try { final SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, new TrustManager[] { new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return null; } } }, new SecureRandom()); RegistryBuilderregistryBuilder = RegistryBuilder . create() .register("http", PlainConnectionSocketFactory.INSTANCE); if (sslHostnameValidationEnabled) { registryBuilder.register("https", new SSLConnectionSocketFactory(sslContext)); } else { registryBuilder.register("https", new SSLConnectionSocketFactory( sslContext, NoopHostnameVerifier.INSTANCE)); } final Registry registry = registryBuilder.build(); PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(registry); connectionManager .setMaxTotal(200); connectionManager.setDefaultMaxPerRoute(20); return connectionManager; } catch (Exception ex) { throw new RuntimeException(ex); } }
其中sslHostnameValidationEnabled指定要不要檢驗ssl,如果不校驗,則是使用NoopHostnameVerifier
@Contract(threading = ThreadingBehavior.IMMUTABLE) public class NoopHostnameVerifier implements HostnameVerifier { public static final NoopHostnameVerifier INSTANCE = new NoopHostnameVerifier(); @Override public boolean verify(final String s, final SSLSession sslSession) { return true; } @Override public final String toString() { return "NO_OP"; } }newClient
final RequestConfig requestConfig = RequestConfig.custom() .setSocketTimeout(60000) .setConnectTimeout(60000) .setCookieSpec(CookieSpecs.IGNORE_COOKIES).build(); HttpClientBuilder httpClientBuilder = HttpClients.custom(); httpClientBuilder.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE); HttpClient httpclient = httpClientBuilder.setConnectionManager(newConnectionManager(false)) .useSystemProperties().setDefaultRequestConfig(requestConfig) .setRetryHandler(new DefaultHttpRequestRetryHandler(0, false)) .setRedirectStrategy(new RedirectStrategy() { @Override public boolean isRedirected(HttpRequest request, HttpResponse response, HttpContext context) throws ProtocolException { return false; } @Override public HttpUriRequest getRedirect(HttpRequest request, HttpResponse response, HttpContext context) throws ProtocolException { return null; } }).build();request
HttpRequest httpRequest = new BasicHttpRequest("GET","/api/data"); HttpHost httpHost = new HttpHost("demo.com.cn",-1,"https"); try{ return httpClient.execute(httpHost, httpRequest); // System.out.println(response.getEntity().getContent()); }catch (Exception e){ e.printStackTrace(); }小結
使用NoopHostnameVerifier不去驗證ssl,但是可能存在風險
構造X509TrustManager
文章版權歸作者所有,未經允許請勿轉載,若此文章存在違規行為,您可以聯系管理員刪除。
轉載請注明本文地址:http://specialneedsforspecialkids.com/yun/70185.html
摘要:組件版本信息使用自帶的命令生成文件命令將拷貝到目錄下配置的目錄文件,在配置文件中新增配置將工程添加進并啟動,使用訪問和鏈接。原理后續進一步研究 1.組件版本信息apache-tomcat-7.0.75JDK 1.8.0_91 2.使用jdk自帶的keytool命令生成keystore文件test.keystore命令:keytool -genkey -alias test123 -ke...
摘要:如果服務器證書這兩者不合法而我們又必須讓其校驗通過,則可以自己實現。這個屬性是新加的屬性,因為目前版本是可以共享連接池的。請求獲取數據的超時時間,單位毫秒。如果訪問一個接口,多少時間內無法返回數據,就直接放棄此次調用。 /** com.alibaba fastjson 1.2.47 org.apache.httpcomponents ht...
摘要:鑒于它還處在,如果不是著急使用,建議還是使用的,它是遵循規范的,使用起來更加方便。貌似要在版本才支持。揭秘讓支持協議如何啟用命令支持 序 本文主要研究下JEP 110: HTTP/2 Client (Incubator) 基本實例 sync get /** * --add-modules jdk.incubator.httpclient * @throws ...
閱讀 1370·2021-11-25 09:43
閱讀 3582·2021-11-10 11:48
閱讀 5091·2021-09-23 11:21
閱讀 1597·2019-08-30 15:55
閱讀 3508·2019-08-30 13:53
閱讀 1235·2019-08-30 10:51
閱讀 868·2019-08-29 14:20
閱讀 1972·2019-08-29 13:11