2

I am building a service that talks to multiple devices using SOAP over https. These devices expose the same webservice API (same wsdl). New devices can be added to this scheme any time at runtime.

I need to dynamically query each of these devices and any that may be added in the future. Each of these devices have a self signed certificate for ssl. The service that I am building needs to be implemented using Spring Integration.

Given the above I have two main questions:

  1. In Spring Integration how can I, dynamically at runtime, assign the service uri.
  2. How do I trust all the certs.

Any help would be greatly appreciated.

4

2 回答 2

1

感谢您的帮助加里和阿尔乔姆。

我能够使用线程局部变量和 SPEL 解决动态 uri 的问题。

为了信任自签名证书,我使用 httpclient 实现了新的消息发送者。HttpClient 提供了一个 TrustSelfSignedStrategy。我用它来信任所有自签名证书。解决方案似乎奏效了。如果将来有人有类似的需求,以下是代码。

    KeyStore trustStore  = KeyStore.getInstance(KeyStore.getDefaultType());

    InputStream instream = getClass().getResourceAsStream(trustStoreFile);

     try {
        trustStore.load(instream, trustStorePassword.toCharArray());
    } finally {
        instream.close();
    }

    SSLContextBuilder builder = new SSLContextBuilder();
    builder.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());
    SSLContext sslcontext = builder.build();

    SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    HttpClientBuilder httpClientBuilder = HttpClients.custom();
    httpClientBuilder.setSSLSocketFactory(sslsf);
    httpClientBuilder.addInterceptorFirst(new RemoveSoapHeadersInterceptor());

    if (credentials!=null){
        CredentialsProvider credsProvider = new BasicCredentialsProvider();
        credsProvider.setCredentials(AuthScope.ANY,credentials);
        httpClientBuilder.setDefaultCredentialsProvider(credsProvider);
    }

    CloseableHttpClient closeableHttpclient = httpClientBuilder.build();
    setHttpClient(closeableHttpclient);
于 2014-07-03T19:10:09.723 回答
0

第一个问题很简单;请参阅 XSD 文档:

The Destination URI for this Web Service Gateway. If the URI should be determined at runtime
(e.g. registry lookup), then configure a 'destination-provider' reference instead. Aternatively,
this URI may include {placeholders} whose values are determined by evaluating SpEL expressions
provided via 'uri-variable' sub-elements. The root object for those evaluations is the actual
request Message at runtime, i.e. you can access its payload or headers in the expression.

以及有关 URI 占位符的文档

我不知道您是否可以在运行时将密钥/证书动态添加到密钥库/信任库;我从来没有试过。

于 2014-07-02T20:25:09.763 回答