1. 首頁
  2. 問答
  3. Spring 5 WebClient使用ssl

Spring 5 WebClient使用ssl

2017-07-31 213 views
2

我試圖找到WebClient使用的例子。 我的目標是使用Spring 5 WebClient使用https和自簽名證書查詢REST服務Spring 5 WebClient使用ssl

任何示例?

來源

2017-07-31 Seb

回答

4

請參閱使用示例insecure TrustManagerFactory,它信任所有X.509證書(包括自簽名),而不進行任何驗證。來自文檔的重要注意事項:

切勿在生產中使用此TrustManagerFactory。這純粹是爲了測試目的,因此它非常不安全。

@Bean 
public WebClient createWebClient() throws SSLException { 
    SslContext sslContext = SslContextBuilder 
      .forClient() 
      .trustManager(InsecureTrustManagerFactory.INSTANCE) 
      .build(); 

    ClientHttpConnector httpConnector = new ReactorClientHttpConnector(opt -> opt.sslContext(sslContext)); 
    return WebClient.builder(httpConnector).build(); 
}

來源

2017-08-01 14:54:23 Venelin

+0

感謝您的回答,我還需要在讀取和連接時設置超時,我該如何實現這一目標? – Seb

0

另一種方式,如果你想利用的信任和密鑰存儲在彈簧引導服務器的設置,節目製作代碼,創建一個Spring bean像這樣,可修改注入的WebClient是。在客戶端中,如果您使用2-way-ssl,則只需提供密鑰庫。不確定,爲什麼ssl-stuff沒有預配置並且容易注入,類似於非常酷的spring-boot服務器設置。

import io.netty.handler.ssl.SslContext; 
import io.netty.handler.ssl.SslContextBuilder; 
. 
. 
. 

    @Bean 
    WebClientCustomizer configureWebclient(@Value("${server.ssl.trust-store}") String trustStorePath, @Value("${server.ssl.trust-store-password}") String trustStorePass, 
     @Value("${server.ssl.key-store}") String keyStorePath, @Value("${server.ssl.key-store-password}") String keyStorePass, @Value("${server.ssl.key-alias}") String keyAlias) { 

    return new WebClientCustomizer() { 

     @Override 
     public void customize(Builder webClientBuilder) { 
     SslContext sslContext; 
     try { 
      KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); 
      trustStore.load(new FileInputStream(ResourceUtils.getFile(trustStorePath)), trustStorePass.toCharArray()); 

      List<Certificate> certificateCollcetion = Collections.list(trustStore.aliases()).stream().filter(t -> { 
      try { 
       return trustStore.isCertificateEntry(t); 
      } catch (KeyStoreException e1) { 
       throw new RuntimeException("Error reading truststore", e1); 
      } 
      }).map(t -> { 
      try { 
       return trustStore.getCertificate(t); 
      } catch (KeyStoreException e2) { 
       throw new RuntimeException("Error reading truststore", e2); 
      } 
      }).collect(Collectors.toList()); 

      KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 
      keyStore.load(new FileInputStream(ResourceUtils.getFile(keyStorePath)), keyStorePass.toCharArray()); 
      sslContext = SslContextBuilder.forClient() 
       .keyManager((PrivateKey) keyStore.getKey(keyAlias, keyStorePass.toCharArray())) 
       .trustManager((X509Certificate[]) certificateCollcetion.toArray(new X509Certificate[certificateCollcetion.size()])) 
       .build(); 
     } catch (Exception e) { 
      log.error("Error creating web client", e); 
      throw new RuntimeException(e); 
     } 
     ClientHttpConnector connector = new ReactorClientHttpConnector((opt) -> { 
      opt.sslContext(sslContext); 
     }); 
     webClientBuilder.clientConnector(connector); 
     } 
    }; 
    }

這裏的一部分,在您使用的Web客戶端: 進口org.springframework.web.reactive.function.client.WebClient;

@Component 
public class ClientComponent { 

    public ClientComponent(WebClient.Builder webClientBuilder, @Value("${url}") String url) { 
    this.client = webClientBuilder.baseUrl(solrUrl).build(); 
    } 
}

來源

2018-01-30 11:56:42 Frischling

相關問題

 相關問題