美好时光!
我创建了一个简单的 CXF 客户端来与受 SSL 保护的远程服务进行通信。如果我运行 JUnit 测试,握手不会出错并且通信正常。
<http:conduit name="<service_namespace_port>.http-conduit">
<http:client AutoRedirect="true" Connection="Keep-Alive"/>
<http:tlsClientParameters secureSocketProtocol="SSL" disableCNCheck="true">
<sec:keyManagers keyPassword="pass">
<sec:keyStore type="JKS" password="pass" file="keystore"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="pass" file="truststore"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_AES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
如果我在 Weblogic Server (11g) 上部署我的应用程序并执行请求,则握手失败并显示错误“无法找到到请求目标的有效证书路径”。根据“-Djavax.net.debug=all”得到的日志,问题是Weblogic得到它的java cacert(/jre/lib/security)忽略了配置的CXF客户端的信任库。
我试图<package-name>javax.jws.*</package-name>
在 weblogic-application.xml 中写一行,但这会以错误“org.springframework.beans.MethodInvocationException: Property 'serviceClass' throw exception; 嵌套异常是 java.lang.NoClassDefFoundError: javax /jws/Web 服务”。
有人可以建议如何告诉weblogic不要参与客户端-服务器通信吗?
编辑。这是完整的客户端配置(Spring-CXF):
<http:conduit name="<service_namespace_port>.http-conduit">
<http:client AutoRedirect="true" Connection="Keep-Alive"/>
<http:tlsClientParameters secureSocketProtocol="SSL" disableCNCheck="true">
<sec:keyManagers keyPassword="pass">
<sec:keyStore type="JKS" password="pass" file="keystore"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="pass" file="truststore"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_AES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
<jaxws:client id="service"
serviceClass="foo.bar.ServiceClass"
address="<service_url>" />
<bean id="client" class="foo.bar.ClientClass"/>
编辑。根据这篇文章,我已更改
<http:conduit name="<service_namespace_port>.http-conduit">
为<http:conduit name="*.http-conduit">
,现在我收到错误“嵌套异常是 java.lang.RuntimeException:无法创建安全的 XMLInputFactory”。前段时间我遇到了这个错误,我找到的解决方案是使用系统属性。但它不再适合......有人知道如何解决这个问题吗?