android前端与java web后台如何进行ssl交互(双向的)?

1、创建后台密钥(serverKey.jks)和android前端密钥(clientKey.bks),同样再创建后台信任库(serverTrust.jks)和android前端信任库(clientTrust.bks)。

2、将后台的密key导出证书server.cer,将前端的密key导出证书client.cer,将server.cer导入到前端信任库clientTrust.bks,将client.cer导入到后台的信任库serverTrust.jks,使前后互相信任(双向的)。

3、后台配置weblogic服务器中的ssl,如何配置,可Google一下

4、前端android请求,部分代码如下:

public final class SSLTransport{private SSLSocketFactory sslSocketFactory = null;public String sendAndReceive(String requestUrl, String sid, String xml, SSLConfig sslConfig) throws Exception{String returnXml = null;OutputStream os = null;HttpsURLConnection connection = null;try{    System.setProperty("java.protocol.handler.pkgs", "javax.net.ssl");    HostnameVerifier hostnameVerifier = new HostnameVerifier()    {    public boolean verify(String urlHostName, SSLSession session)    {    String peerHost = session.getPeerHost();    if(peerHost.equalsIgnoreCase("localhost"))    {    peerHost = "192.168.0.119";    }    return urlHostName.equals(peerHost);    }    };    HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);    URL url = new URL(requestUrl);        connection = (HttpsURLConnection)url.openConnection();        connection.setRequestMethod("POST");        connection.setRequestProperty("Content-Type", "text/xml;charset=GBK");         connection.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; FIREFOX 3.6; IBM AIX 5)");connection.setConnectTimeout(10 * 1000);connection.setDoOutput(true);connection.setDoInput(true);connection.setSSLSocketFactory(getSSLSocketFactory(sslConfig));connection.connect();writeStringToStream(connection.getOutputStream(), repairRacketXml(sid, xml));if(HttpsURLConnection.HTTP_OK == connection.getResponseCode()){returnXml = readStringFromStream(connection.getInputStream());}}finally{if(os != null){os.close();}if(connection != null){connection.disconnect();}}return returnXml;}/** * 获取 SSLSocketFactory 实例。 * @param sslConfig SSLConfig 实例。 * @return SSLSocketFactory 实例。 * @throws Exception Exception 实例。 */private SSLSocketFactory getSSLSocketFactory(SSLConfig sslConfig) throws Exception{//取得SSLContextSSLContext sslContext = SSLContext.getInstance(sslConfig.getProtocol());//取得X509私钥管理器KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(sslConfig.getAlgorithm());//取得X509信任管理器TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(sslConfig.getAlgorithm());//取得私钥库实例KeyStore keyStore = KeyStore.getInstance(sslConfig.getStoreType());//取得信任库实例KeyStore trustkeyStore = KeyStore.getInstance(sslConfig.getStoreType());//加载私钥库keyStore.load(sslConfig.getIdentityStoreStream(), sslConfig.getIdentityStorePassword().toCharArray());//加载信任列表        trustkeyStore.load(sslConfig.getTrustStoreStream(), sslConfig.getTrustStorePassword().toCharArray());        //初始化私钥工厂        keyManagerFactory.init(keyStore, sslConfig.getIdentityStorePassword().toCharArray());        //初始化信任列表工厂        trustManagerFactory.init(trustkeyStore);        //初始化SSLContext        sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);        //通过SSLContext取得SocketFactory        if(sslSocketFactory == null)        {        sslSocketFactory = sslContext.getSocketFactory();        }        //关闭输入流。        sslConfig.getIdentityStoreStream().close();        sslConfig.getTrustStoreStream().close();        return sslSocketFactory;}/** * 从输入流中获取字符串。 * @param is InputStream 实例。 * @return 结果字符串。 * @throws Exception Exception 实例。 */private String readStringFromStream(InputStream is) throws Exception{StringBuffer sb = new StringBuffer();InputStreamReader isr = null;BufferedReader br = null;try{String buffer = null;isr = new InputStreamReader(is, "GBK");br = new BufferedReader(isr);while((buffer = br.readLine()) != null){sb.append(buffer);}}catch(Exception ex){throw new Exception(ex);}finally{if(br != null){br.close();}if(isr != null){isr.close();}if(is != null){is.close();}}return sb.toString().trim();}/** * 将XML字符串写入输出流。 * @param os OutputStream 实例。 * @param xml XML字符串。 * @throws Exception Exception 实例。 */private void writeStringToStream(OutputStream os, String xml) throws Exception{OutputStreamWriter osw = null;try{osw = new OutputStreamWriter(os, "GBK");osw.write(xml);osw.flush();}catch(Exception ex){throw new Exception(ex);}finally{if(osw != null){osw.close();}if(os != null){os.close();}}}/** * 修复Packet形式的XML字符串。 * @param sid 服务请求ID。 * @param xml 请求XML。 * @return 修复后Packet形式的字符串。 * @throws Exception Exception 异常。 */private String repairRacketXml(String sid, String xml) throws Exception{Packet packet = PacketParser.parse(xml);packet.getHead().getService().setHandler(sid);return packet.toString();}}

更多相关文章

  1. Android获取其他包的Context实例
  2. [置顶] Activity的四种启动模式和onNewIntent()
  3. Activity的四种启动模式和onNewIntent()
  4. Android(安卓)15本经典教程和150多个实例源码
  5. Android(安卓)Binder 简单实例
  6. [Android] AIDL的使用情况和实例介绍
  7. Android评分控件RatingBar使用实例解析
  8. Android中Activity启动模式详解
  9. android 字符串、颜色和尺寸

随机推荐

  1. zxing二维码扫描的流程简析(Android版)
  2. 如何选好Android开发书籍和教程[总结]
  3. 让Qt应用程序跑在Android上
  4. android 操作sdcard中的多媒体文件(一)——
  5. 基于Android的传感器和语音识别的设计与
  6. 【Android开发】多媒体应用开发-使用Medi
  7. android 中管理短信
  8. Android(安卓)Handler
  9. Android开发笔记之【Android(安卓)API】A
  10. Android内存管理-SoftReference的使用