android前端与java web后台如何进行ssl交互(双向的)?

1、创建后台密钥(serverKey.jks)和android前端密钥(clientKey.bks),同样再创建后台信任库(serverTrust.jks)和android前端信任库(clientTrust.bks)。

2、将后台的密key导出证书server.cer,将前端的密key导出证书client.cer,将server.cer导入到前端信任库clientTrust.bks,将client.cer导入到后台的信任库serverTrust.jks,使前后互相信任(双向的)。

3、后台配置weblogic服务器中的ssl,如何配置,可Google一下

4、前端android请求,部分代码如下:

public final class SSLTransport{private SSLSocketFactory sslSocketFactory = null;public String sendAndReceive(String requestUrl, String sid, String xml, SSLConfig sslConfig) throws Exception{String returnXml = null;OutputStream os = null;HttpsURLConnection connection = null;try{    System.setProperty("java.protocol.handler.pkgs", "javax.net.ssl");    HostnameVerifier hostnameVerifier = new HostnameVerifier()    {    public boolean verify(String urlHostName, SSLSession session)    {    String peerHost = session.getPeerHost();    if(peerHost.equalsIgnoreCase("localhost"))    {    peerHost = "192.168.0.119";    }    return urlHostName.equals(peerHost);    }    };    HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);    URL url = new URL(requestUrl);        connection = (HttpsURLConnection)url.openConnection();        connection.setRequestMethod("POST");        connection.setRequestProperty("Content-Type", "text/xml;charset=GBK");         connection.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; FIREFOX 3.6; IBM AIX 5)");connection.setConnectTimeout(10 * 1000);connection.setDoOutput(true);connection.setDoInput(true);connection.setSSLSocketFactory(getSSLSocketFactory(sslConfig));connection.connect();writeStringToStream(connection.getOutputStream(), repairRacketXml(sid, xml));if(HttpsURLConnection.HTTP_OK == connection.getResponseCode()){returnXml = readStringFromStream(connection.getInputStream());}}finally{if(os != null){os.close();}if(connection != null){connection.disconnect();}}return returnXml;}/** * 获取 SSLSocketFactory 实例。 * @param sslConfig SSLConfig 实例。 * @return SSLSocketFactory 实例。 * @throws Exception Exception 实例。 */private SSLSocketFactory getSSLSocketFactory(SSLConfig sslConfig) throws Exception{//取得SSLContextSSLContext sslContext = SSLContext.getInstance(sslConfig.getProtocol());//取得X509私钥管理器KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(sslConfig.getAlgorithm());//取得X509信任管理器TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(sslConfig.getAlgorithm());//取得私钥库实例KeyStore keyStore = KeyStore.getInstance(sslConfig.getStoreType());//取得信任库实例KeyStore trustkeyStore = KeyStore.getInstance(sslConfig.getStoreType());//加载私钥库keyStore.load(sslConfig.getIdentityStoreStream(), sslConfig.getIdentityStorePassword().toCharArray());//加载信任列表        trustkeyStore.load(sslConfig.getTrustStoreStream(), sslConfig.getTrustStorePassword().toCharArray());        //初始化私钥工厂        keyManagerFactory.init(keyStore, sslConfig.getIdentityStorePassword().toCharArray());        //初始化信任列表工厂        trustManagerFactory.init(trustkeyStore);        //初始化SSLContext        sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);        //通过SSLContext取得SocketFactory        if(sslSocketFactory == null)        {        sslSocketFactory = sslContext.getSocketFactory();        }        //关闭输入流。        sslConfig.getIdentityStoreStream().close();        sslConfig.getTrustStoreStream().close();        return sslSocketFactory;}/** * 从输入流中获取字符串。 * @param is InputStream 实例。 * @return 结果字符串。 * @throws Exception Exception 实例。 */private String readStringFromStream(InputStream is) throws Exception{StringBuffer sb = new StringBuffer();InputStreamReader isr = null;BufferedReader br = null;try{String buffer = null;isr = new InputStreamReader(is, "GBK");br = new BufferedReader(isr);while((buffer = br.readLine()) != null){sb.append(buffer);}}catch(Exception ex){throw new Exception(ex);}finally{if(br != null){br.close();}if(isr != null){isr.close();}if(is != null){is.close();}}return sb.toString().trim();}/** * 将XML字符串写入输出流。 * @param os OutputStream 实例。 * @param xml XML字符串。 * @throws Exception Exception 实例。 */private void writeStringToStream(OutputStream os, String xml) throws Exception{OutputStreamWriter osw = null;try{osw = new OutputStreamWriter(os, "GBK");osw.write(xml);osw.flush();}catch(Exception ex){throw new Exception(ex);}finally{if(osw != null){osw.close();}if(os != null){os.close();}}}/** * 修复Packet形式的XML字符串。 * @param sid 服务请求ID。 * @param xml 请求XML。 * @return 修复后Packet形式的字符串。 * @throws Exception Exception 异常。 */private String repairRacketXml(String sid, String xml) throws Exception{Packet packet = PacketParser.parse(xml);packet.getHead().getService().setHandler(sid);return packet.toString();}}

更多相关文章

  1. android之调用webservice 实现图片上传
  2. Android的休眠与唤醒 && 实例
  3. Activity的启动
  4. 从UA类型设备分辨出Android设备类型
  5. Activity的四种启动模式和onNewIntent()
  6. Android实例剖析笔记(二)
  7. Android(安卓)Uevent 分析,从kernel到framework
  8. Android中bindService的使用及Service生命周期
  9. Android(安卓)Textview 字数超长显示省略号

随机推荐

  1. 5 Android Websites You Should Check Ou
  2. 10.Android ImageView ScaleType属性
  3. Android 音乐播放器实现歌词显示
  4. android视频聊天源码下载(wifi)
  5. Android_自定义View拖拽重绘
  6. Android UI控件详解-Gallery(画廊)
  7. Android Studio 自带的侧滑布局设置
  8. Android studio 1.0.2 下载地址
  9. Android switch 开关(兼容)
  10. Android:VerticalSeekBar