axis2 over https 入门问题
我正在尝试弄清楚如何通过 https 使用 axis2。
axis2 指南说:
CommonsHTTPTransportSender 也可以 用于通过 https 进行通信。
还:
请注意,默认情况下 HTTPS 仅当服务器不工作时才有效 期望对客户进行身份验证 (仅限单向 SSL)以及服务器所在位置 其公钥中有客户的公钥 信任商店。如果你想表演 SSL 客户端身份验证(2 路 SSL), 你可以使用 Protocol.registerProtocol 的特性 HttpClient。
所以我的问题是轴的 HTTPS 有两种方法吗?
1)使用CommonsHTTPTransportSender
2) 取消注释 apache 配置上的 https 连接器 ??
或者只有(1)是标准方法??
另外,客户端身份验证有什么问题?我知道对于 apache 连接器我只需要设置 clientAuth。这对轴不起作用?
欢迎任何意见!
谢谢
I am trying to figure out how to use axis2 over https.
The axis2 guide says:
CommonsHTTPTransportSender can be also
used to communicate over https.
also:
Please note that by default HTTPS
works only when the server does not
expect to authenticate the clients
(1-way SSL only) and where the server
has the clients' public keys in its
trust store. If you want to perform
SSL client authentication (2-way SSL),
you may use the
Protocol.registerProtocol feature of
HttpClient.
So my question is are there are 2 approaches for HTTPS for axis?
1) To use CommonsHTTPTransportSender
2) Uncomment the https connector on apache configuration ??
Or only (1) is the standard approach??
Also what is the problem with client authentication? I know that for apache connector I just need to set the clientAuth. This does not work for axis?
Any input is welcome!
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
参考: http://axis.apache.org/axis2/java /core/docs/servlet-transport.html
对于每个协议(HTTP 和/或 HTTPS),必须在 axis2.xml 中声明 AxisServletListener 实例。如果仅使用单一协议,则无需进一步配置。例如,如果仅使用 HTTP,则 axis2.xml 中必须存在以下声明:
如果同时使用 HTTP 和 HTTPS,则事情会变得有点复杂。原因是,为了使用正确的端点 URI 公开 WSDL,AxisServlet 必须知道 HTTP 和 HTTPS 使用的端口。遗憾的是,Servlet API 不允许 Web 应用程序发现所有已配置的协议。它仅提供有关当前请求的协议、主机名和端口的信息。如果仅配置了一个 AxisServletListener,则此信息足以让 AxisServlet 自动检测端口号。如果同时使用 HTTP 和 HTTPS(或者如果通过 AxisServlet 以外的传输方式检索 WSDL),则 AxisServlet 在处理了每种协议的至少一个请求之前无法获知端口号。为了使 WSDL 生成在此场景中可预测,需要在 axis2.xml 中显式配置端口号,如下例所示:
Reference: http://axis.apache.org/axis2/java/core/docs/servlet-transport.html
For each protocol (HTTP and/or HTTPS), an AxisServletListener instance must be declared in axis2.xml. If only a single protocol is used, no further configuration is required. For example, if only HTTP is used, the following declaration must be present in axis2.xml:
If both HTTP and HTTPS are used, then things become a bit more complicated. The reason is that in order to expose WSDLs with correct endpoint URIs, AxisServlet must know the ports used by HTTP and HTTPS. Unfortunately the servlet API doesn't allow a Web application to discover all configured protocols. It only provides information about the protocol, host name and port for the current request. If only a single AxisServletListener is configured, then this information is enough to let AxisServlet auto-detect the port number. If both HTTP and HTTPS are used (or if WSDLs are retrieved through transports other than AxisServlet), then AxisServlet has no way of knowing the port numbers until it has processed at least one request for each protocol. To make WSDL generation predictable in this scenario, it is necessary to explicitly configure the port numbers in axis2.xml, such as in the following example:
以下是我在 axis.xml 配置中使用的 https 连接器方法(Axis 1.4.1)。
我将密钥库转储到 axis2-1.4.1/lib 下,以避免添加专用的类路径。
Here's what I am using in my axis.xml configuration for the https connector approach (Axis 1.4.1).
I dumped my keystore under axis2-1.4.1/lib to avoid adding a dedicated classpath.