public class ttttt {
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("SSLv3");
// 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
String paramString) throws CertificateException {
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
String paramString) throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sc.init(null, new TrustManager[] { trustManager }, null);
return sc;
}
public static <NameValuePair, ConnectionSocketFactory> void main(String[] args) throws Exception {
String body = "";
//采用绕过验证的方式处理https请求
SSLContext sslcontext = createIgnoreVerifySSL();
//设置协议http和https对应的处理socket链接工厂的对象
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", (ConnectionSocketFactory) PlainConnectionSocketFactory.INSTANCE)
.register("https", (ConnectionSocketFactory) new SSLConnectionSocketFactory(sslcontext))
.build();
PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager((Registry<org.apache.http.conn.socket.ConnectionSocketFactory>) socketFactoryRegistry);
HttpClients.custom().setConnectionManager(connManager);
HttpHost target = new HttpHost("192.168.93.46", 8443, "https");
HttpClientContext context = HttpClientContext.create();
DefaultHttpClient client = new DefaultHttpClient();
client.getCredentialsProvider().setCredentials(new AuthScope(null, -1, null), new UsernamePasswordCredentials("cdrapi", "cdrapi123"));
HttpPost post = new HttpPost(URI.create("/cdrapi?format=xml"));
List<NameValuePair> nvps = new ArrayList<NameValuePair>();
nvps.add((NameValuePair) new BasicNameValuePair("domain", "username"));
post.setEntity((HttpEntity) new UrlEncodedFormEntity((List<? extends org.apache.http.NameValuePair>) nvps, HTTP.UTF_8));
BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY,
new UsernamePasswordCredentials("cdrapi", "cdrapi123"));
BasicAuthCache authCache = new BasicAuthCache();
DigestScheme digestAuth = new DigestScheme();
digestAuth.overrideParamter("algorithm", "MD5");
digestAuth.overrideParamter("realm", "passwd");
digestAuth.overrideParamter("nonce", "5b3edf3c:cd95b19ed02ecab20f7a9aa24c3373df");
//digestAuth.overrideParamter("nonce", Long.toString(new Random().nextLong(), 36));
digestAuth.overrideParamter("qop", "auth");
digestAuth.overrideParamter("nc", "0");
digestAuth.overrideParamter("cnonce", DigestScheme.createCnonce());
Header auth = digestAuth.authenticate(new
UsernamePasswordCredentials("cdrapi", "cdrapi123"), post);
System.out.println(auth.getName());
System.out.println(auth.getValue());
post.setHeader(auth);
authCache.put(target, digestAuth);
context.setCredentialsProvider(credsProvider);
context.setAuthCache(authCache);
HttpGet httpget = new HttpGet("/cdrapi?format=xml");
CloseableHttpResponse response = client.execute(target, httpget, context);
}
}
Авторизация
Дайджест имени пользователя = "cdrapi", realm = "passwd", nonce = "5b3edf3c: cd95b19ed02ecab20f7a9aa24c3373df", uri = "/ cdrapi? Format = xml", response = "8a5889daee18112d7849e5b77ab80 = 0508 = 0506 = 0506 = 0506 = 0506 = 0506006005 (0) = 0) =) ", алгоритм = MD5
Исключение в потоке "main" javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: не удалось построить путь PKIX:
sun.security.provider.certpath.SunCertPathBuilderException: невозможно
найти действительный путь сертификации для запрошенной цели