问题
I'm trying to pass client certificate to a web service using JAX-RPC implementation. (the web service is in rpc-encoded style).
So far, I am able to do it by setting system properties:
System.setProperty("javax.net.ssl.keyStore", "client_cert.p12");
System.setProperty("javax.net.ssl.keyStorePassword", "newpasswd");
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
and then constructing and calling the web service:
CertificateInfoPortType svc = new CertificateInfoLocator().getCertificateInfo(new URL(SERVICE_URL));
svc.methodToBeInvoked();
But since this will be used inside of an EJB, I don't want to set the JVM-wide parameters using System.setProperty since that will affect all web service clients.
Is there a way to pass client certificate as parameter? From what I've been able to read up I should be using a custom KeyManager, but I don't know how to set the custom KeyManager to the client.
Thanks!
回答1:
i'm not sure if this will work for how you use jaxws, but you can set a custom socket factory (configured with a custom ssl context) on a jaxws client using something like:
dispatch.getRequestContext().put(com.sun.xml.ws.developer.JAXWSProperties.SSL_SOCKET_FACTORY, getSSLContext().getSocketFactory());
(this is specific to the sun/oracle jaxws implementation).
来源:https://stackoverflow.com/questions/5689233/pass-client-certificate-to-web-service-without-setting-system-wide-properties