code/java
HTTPS 사용 예제
meincode
2008. 3. 25. 07:00
/*
* http://forum.java.sun.com/thread.jspa?threadID=521779&tstart=90
* File name: TestServlet.java
*
* Created on 2005.01.21.
*/
package georgie.test.servlet;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URL;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @author György Novák
*/
public class TestServlet extends HttpServlet
{
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException
{
try
{
trustAllHttpsCertificates();
String urlStr = request.getParameter("url");
HttpsURLConnection.setDefaultHostnameVerifier(hv);
URL url = new URL(urlStr == null ? "https://www.verisign.com/"
: urlStr);
debug("URL READY");
BufferedReader in = new BufferedReader(new InputStreamReader(url
.openStream()));
debug("INPUT READY");
int buff;
while ((buff = in.read()) != -1)
{
}
in.close();
debug("EVERYTHING IS DONE!!!");
}
catch (Exception e)
{
e.printStackTrace();
}
}
HostnameVerifier hv = new HostnameVerifier()
{
public boolean verify(String urlHostName, SSLSession session)
{
System.out.println("Warning: URL Host: " + urlHostName + " vs. "
+ session.getPeerHost());
return true;
}
};
private void debug(String s)
{
System.out.println("[DEBUG] -- TestServlet -- \n" + s);
}
private static void trustAllHttpsCertificates() throws Exception
{
// Create a trust manager that does not validate certificate chains:
javax.net.ssl.TrustManager[] trustAllCerts =
new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new miTM();
trustAllCerts[0] = tm;
javax.net.ssl.SSLContext sc =
javax.net.ssl.SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(
sc.getSocketFactory());
}
public static class miTM implements javax.net.ssl.TrustManager,
javax.net.ssl.X509TrustManager
{
public java.security.cert.X509Certificate[] getAcceptedIssuers()
{
return null;
}
public boolean isServerTrusted(
java.security.cert.X509Certificate[] certs)
{
return true;
}
public boolean isClientTrusted(
java.security.cert.X509Certificate[] certs)
{
return true;
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException
{
return;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException
{
return;
}
}
}