Java SOAPConnection 调用 Https ASMX 服务

Question

下午好，

我已经为此工作了几个小时，我已经用谷歌搜索了一遍又一遍，但没有运气。我有一个驻留在 https url 上的 ASMX 服务。我可以毫无问题地通过浏览器点击它并查看 Web 方法和 WSDL。我尝试了几种方法来尝试通过 java 连接到端点，但仍然收到相同的 403 禁止错误。

这是我当前的代码：

public static String getInspectorSchedulesProd(){
    //Local Variable Declaration
    //List<InspectorSchedule> returnValue = null;
    String returnValue = "";
    //String url = "";
    String content = "";
    javax.xml.soap.SOAPConnectionFactory connectionFactory = null;
    javax.xml.soap.SOAPConnection connection = null;
    javax.xml.soap.SOAPMessage soapResponse = null;
    java.io.ByteArrayOutputStream out = null;

    try{
        javax.net.ssl.HttpsURLConnection httpsConnection = null;

        // Create SSL context and trust all certificates
        javax.net.ssl.SSLContext sslContext = javax.net.ssl.SSLContext.getInstance("SSL");
        //content = "Current SSL Provider: " + sslContext.getProvider().getName() + "\n";

        for(java.security.Provider Item : java.security.Security.getProviders()){
            //content += Item.getName() + "\n";
        }

        javax.net.ssl.TrustManager[] trustAll = new javax.net.ssl.TrustManager[] {new TrustAllCertificates()};

        sslContext.init(null, trustAll, new java.security.SecureRandom());

        // Set trust all certificates context to HttpsURLConnection
        javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());

        // Open HTTPS connection
        java.net.URL url = new java.net.URL("https://www.twiddy.com/webservices/rnsportalws1.asmx");
        httpsConnection = (javax.net.ssl.HttpsURLConnection) url.openConnection();

        // Trust all hosts
        httpsConnection.setHostnameVerifier(new TrustAllHosts());

        // Connect
        httpsConnection.connect();

        content = "Content Type: " + httpsConnection.getContentType() + "\nResponse Message:" + httpsConnection.getResponseMessage() + "\nAllow User Interaction:" + httpsConnection.getAllowUserInteraction();

        // Send HTTP SOAP request and get response
        //connection = javax.xml.soap.SOAPConnectionFactory.newInstance().createConnection();

        //soapResponse = connection.call(createGetInspectorsSchedulesSoapMessageProd(), "https://url/portalws1.asmx");

        //Write the results from the request into the output stream
        //soapResponse.writeTo(out);

        //Convert the stream into a string
        //content = new String(out.toByteArray());

        returnValue = content;

        // Close connection
        //connection.close();
        httpsConnection.disconnect();
    }
    catch (Exception ex){
        returnValue = org.apache.commons.lang.exception.ExceptionUtils.getStackTrace(ex);
    }

    return  returnValue;
}

private static class TrustAllCertificates implements javax.net.ssl.X509TrustManager {
    @Override
    public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {

    }

    @Override
    public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
    }

    @Override
    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
        return new java.security.cert.X509Certificate[]{};
    }
}

private static class TrustAllHosts implements javax.net.ssl.HostnameVerifier {
    public boolean verify(String hostname, javax.net.ssl.SSLSession session) {
        return true;
    }
}

private static javax.xml.soap.SOAPMessage createGetInspectorsSchedulesSoapMessageProd() throws Exception{
    //Local Variable Declaration
    String serverURI = "";
    javax.xml.soap.MessageFactory messageFactory = null;
    javax.xml.soap.SOAPMessage soapMessage = null;
    javax.xml.soap.SOAPPart soapPart = null;
    javax.xml.soap.SOAPEnvelope envelope = null;
    javax.xml.soap.SOAPBody soapBody = null;
    javax.xml.soap.SOAPElement soapBodyElem = null;
    javax.xml.soap.SOAPElement soapMethodParam = null;
    javax.xml.soap.MimeHeaders headers = null;

    //Set the Server Uri Namespace
    serverURI = "http://url/PortalWS1";

    //Init the Message Factory
    messageFactory = javax.xml.soap.MessageFactory.newInstance();

    //Init the Message
    soapMessage = messageFactory.createMessage();

    //Init the SOAP-specific portion of a Message
    soapPart = soapMessage.getSOAPPart();

    //Create the envelope that will wrap the message
    envelope = soapPart.getEnvelope();
    envelope.addNamespaceDeclaration("PortalWS1Soap", serverURI);

    //Get an instance of the body of the message
    soapBody = envelope.getBody();

    //Add the Soap Method we wish to call
    soapBodyElem = soapBody.addChildElement("GetInspectorScheds", "PortalWS1Soap");

    //Add the Access Key Parameter
    soapMethodParam = soapBodyElem.addChildElement("strAccessKey", "PortalWS1Soap");
    soapMethodParam.addTextNode("SF!435gFW");

    //Get an instance of the http message headers
    headers = soapMessage.getMimeHeaders();

    //Append our soap Action header to the message
    headers.addHeader("soapAction", "https://url/webservices/portalws1.asmx/GetScheds");

    //Save our chnages
    soapMessage.saveChanges();

    return soapMessage;
}

提前谢谢大家！

Answer 1

我使用here的第一和第二类
AXIS 中的 HostnameVerifier 类为

    HostnameVerifier hv = new HostnameVerifier() {
        public boolean verify(String hostname, SSLSession session) {
            return fias.HostnameVerifier.DEFAULT.verify(hostname, session);
        }
    };
    HttpsURLConnection.setDefaultHostnameVerifier(hv);
    HttpsURLConnection con = (HttpsURLConnection) new URL(url).openConnection();
    con.connect();

以及来自 here 的类用于发送 SOAP
制作自己的 keyStore 和 trustStore
我通过 IP 进行连接，我使用别名作为键（它们在商店中相等）
不要忘记用于调试 System.setProperty("javax.net.debug", "ssl");
它对我有用
PS：my other simple method 还不适用于 SOAP ((
PSS：对于 SOAPAction 标头，我像您的 serverURI 一样使用 uri。我的意思是命名空间+动作