Apache Camel配置SSL的CXF
系统环境:
java version "1.8.0_66"
apache camel: 2.15.2
一:创建证书,并导出公钥证书
二:
1: 加入maven依赖
<dependency> <groupId>org.apache.camel</groupId> <artifactId>camel-cxf</artifactId> <version>2.15.2</version> </dependency> <dependency> <groupId>org.apache.camel</groupId> <artifactId>camel-spring</artifactId> <version>2.15.2</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-transports-http-jetty</artifactId> <version>3.0.4</version> </dependency>2:写一个接口,用户发布ws
package org.demo.cxf.api;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;
@WebService
public interface IBank
{
@WebMethod(operationName="getBankName")
public String getBankName(@WebParam(name="id") String id);
}
3:接口处理类
package org.demo.cxf.api;
import org.apache.camel.Exchange;
import org.apache.camel.Processor;
import org.apache.cxf.message.MessageContentsList;
public class ABC implements Processor
{
public void process(Exchange exchange) throws Exception
{
MessageContentsList params = exchange.getIn().getBody(MessageContentsList.class);
Object id = params.get(0);
exchange.getOut().setBody("hello : " + id.toString());
}
}
4:配置一个SSL的服务器
package org.demo.cxf.api;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import org.apache.cxf.configuration.jsse.TLSServerParameters;
import org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory;
/**
* 配置一个SSL的服务器,占用一个端口
*/
public class ConfigSSLServer
{
private String keyStoreFile;
private String keyStorePassword;
private String keyManagerPassword;
private Integer port;
public void startServer() throws Exception
{
TLSServerParameters tlsParams = new TLSServerParameters();
tlsParams.setKeyManagers(getKeyManagers());
tlsParams.setSecureSocketProtocol("TLS");
JettyHTTPServerEngineFactory factory = new JettyHTTPServerEngineFactory();
factory.setTLSServerParametersForPort(port, tlsParams);
}
private KeyManager[] getKeyManagers()throws Exception
{
if(keyManagerPassword == null)
{
keyManagerPassword = keyStorePassword;
}
InputStream input = null;
try
{
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
input = new FileInputStream(keyStoreFile);
ks.load(input, keyStorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, keyManagerPassword.toCharArray());
return kmf.getKeyManagers();
}finally
{
if(input != null)
{
input.close();
}
}
}
public String getKeyManagerPassword()
{
return keyManagerPassword;
}
public void setKeyManagerPassword(String keyManagerPassword)
{
this.keyManagerPassword = keyManagerPassword;
}
public String getKeyStoreFile()
{
return keyStoreFile;
}
public void setKeyStoreFile(String keyStoreFile)
{
this.keyStoreFile = keyStoreFile;
}
public String getKeyStorePassword()
{
return keyStorePassword;
}
public void setKeyStorePassword(String keyStorePassword)
{
this.keyStorePassword = keyStorePassword;
}
public Integer getPort()
{
return port;
}
public void setPort(Integer port)
{
this.port = port;
}
}
5:配置spring.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:camel="http://camel.apache.org/schema/spring"
xmlns:cxf="http://camel.apache.org/schema/cxf"
xsi:schemaLocation="
http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<!-- 启动一个SSL 服务器 -->
<bean id="configSSLServer" class="org.demo.cxf.api.ConfigSSLServer" init-method="startServer">
<property name="keyStoreFile" value="e:/jks/server.jks"/>
<property name="keyStorePassword" value="123456"/>
<property name="port" value="8443"/>
</bean>
<!-- 注意这里的8443端口,一定要和上面的SSL服务器的端口保持一致 -->
<cxf:cxfEndpoint id="bankService" serviceClass="org.demo.cxf.api.IBank" address="https://0.0.0.0:8443/cxf/test">
</cxf:cxfEndpoint>
<bean id="ABC" class="org.demo.cxf.api.ABC" />
<camelContext id="cxfCamelContext" xmlns="http://camel.apache.org/schema/spring">
<route>
<from uri="bankService" />
<to uri="bean:ABC" />
</route>
</camelContext>
</beans>
6:启动服务器,看能否访问 https://127.0.0.1:8443/cxf/test?wsdl
7:编写客户端
package org.demo.cxf;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
import org.apache.cxf.transport.http.HTTPConduit;
import org.demo.cxf.api.IBank;
public class TestClient
{
private static String keyStoreFile = "e:/jks/client.jks";
private static String keyStorePassword = "123456";
static TrustManager[] getTrustManagers()throws Exception
{
InputStream input = null;
try
{
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
input = new FileInputStream(keyStoreFile);
ks.load(input, keyStorePassword.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
return tmf.getTrustManagers();
}finally
{
if(input != null)
{
input.close();
}
}
}
public static void main(String[] args)throws Exception
{
JaxWsProxyFactoryBean factoryBean = new JaxWsProxyFactoryBean();
factoryBean.setAddress("https://127.0.0.1:8443/cxf/test?wsdl");
factoryBean.setServiceClass(IBank.class);
IBank bank = (IBank)factoryBean.create();
Client client = ClientProxy.getClient(bank);
HTTPConduit httpConduit = (HTTPConduit)client.getConduit();
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setDisableCNCheck(true);
tlsParams.setTrustManagers(getTrustManagers());
httpConduit.setTlsClientParameters(tlsParams);
System.out.println(bank.getBankName("101"));
}
}