Hallo,
hat jemand Erfahrung mit HTTPS-Verbindungen im XPages Umfeld?
Ich will einen WebService über eine HTTPS Verbindung konsumieren.
Verwendet hab ich folgenden Code, der mit einer HTTP-Verbindung ohne Problem funktioniert:
function getJSONDataLive(){
try{
var url = new java.net.URL("http://xxxxx");
var conn:java.net.HttpURLConnection = url.openConnection();
conn.setRequestProperty("Accept", "application/json");
if (conn.getResponseCode() == "200") {
var reader = new java.io.BufferedReader(new java.io.InputStreamReader(conn.getInputStream()));
var buffer = new java.lang.StringBuffer();
var line = "";
while ((line = reader.readLine()) != null) {
buffer.append(line);
}
reader.close();
return buffer.toString();
} else {
return conn.getResponseCode() + " " + conn.getResponseMessage();
}
} catch(e){
print(e);
}
}
Ich habe mittlerweile eine kleine Javaklasse geschrieben, damit ich die Möglichkeit habe der Connection beizubringen auch SSL Zertifikate zu akzeptieren ohne Rootzertifikate etc. zu importieren.
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.Reader;
import java.net.URL;
import java.net.URLConnection;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.crypto.*;
public class JSONReader {
public static String getJSON(String endpoint, String user, String apiKey) throws Exception {
StringBuffer buffer = new java.lang.StringBuffer();
String line = "";
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
final SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
URL url = new URL(endpoint);
URLConnection con = url.openConnection();
con.setRequestProperty("Accept", "application/json");
final Reader reader = new InputStreamReader(con.getInputStream());
final BufferedReader br = new BufferedReader(reader);
while ((line = br.readLine()) != null) {
buffer.append(line);
}
br.close();
return buffer.toString();
}
}
Anfangs hab ich noch diverse Fehlermeldungen wie z.B.
- Illegal key size or default parameters
- permission javax.net.ssl.SSLPermission "setHostnameVerifier"
- Access denied (javax.net.ssl.SSLPermission setHostnameVerifier)
bekommen, konnte diese aber durch anpassen der
java.policy (permission javax.net.ssl.SSLPermission "setHostnameVerifier"; )
sowie durch Installation der "Java Cryptography Extension (JCE)"
beheben.
Jetzt bekomm ich aber einen "Error 500 - HTTP Web Server: Command Not Handled Exception", der mich verzeifeln lässt.
Im Trace-Log habe ich eine ausführliche, mir nichts sagende Javaexception.
Hat Jemand noch ne Idee.
Vielleicht denke ich auch zu kompliziert und es gibt was Einfacheres...
Danke schon mal
Marcus
javax.servlet.ServletException: java.lang.NoClassDefFoundError: javax.crypto.b (initialization failure )
at com.ibm.xsp.webapp.FacesServlet.handleError(FacesServlet.java:648)
at com.ibm.xsp.webapp.FacesServlet.renderErrorPage(FacesServlet.java:482)
at com.ibm.xsp.webapp.FacesServlet.service(FacesServlet.java:183)
at com.ibm.xsp.webapp.FacesServletEx.service(FacesServletEx.java:138)
at com.ibm.xsp.webapp.DesignerFacesServlet.service(DesignerFacesServlet.java:103)
at com.ibm.designer.runtime.domino.adapter.ComponentModule.invokeServlet(ComponentModule.java:576)
at com.ibm.domino.xsp.module.nsf.NSFComponentModule.invokeServlet(NSFComponentModule.java:1315)
at com.ibm.designer.runtime.domino.adapter.ComponentModule$AdapterInvoker.invokeServlet(ComponentModule.java:853)
at com.ibm.designer.runtime.domino.adapter.ComponentModule$ServletInvoker.doService(ComponentModule.java:796)
at com.ibm.designer.runtime.domino.adapter.ComponentModule.doService(ComponentModule.java:565)
at com.ibm.domino.xsp.module.nsf.NSFComponentModule.doService(NSFComponentModule.java:1299)
at com.ibm.domino.xsp.module.nsf.NSFService.doServiceInternal(NSFService.java:662)
at com.ibm.domino.xsp.module.nsf.NSFService.doService(NSFService.java:482)
at com.ibm.designer.runtime.domino.adapter.LCDEnvironment.doService(LCDEnvironment.java:350)
at com.ibm.designer.runtime.domino.adapter.LCDEnvironment.service(LCDEnvironment.java:306)
at com.ibm.domino.xsp.bridge.http.engine.XspCmdManager.service(XspCmdManager.java:272)
Caused by: java.lang.NoClassDefFoundError: javax.crypto.b (initialization failure)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:140)
at javax.crypto.KeyGenerator.a(Unknown Source)
at javax.crypto.KeyGenerator.<init>(Unknown Source)
at javax.crypto.KeyGenerator.getInstance(Unknown Source)
at com.ibm.jsse2.vb.d(vb.java:169)
at com.ibm.jsse2.jb.<init>(jb.java:18)
at com.ibm.jsse2.lb.a(lb.java:208)
at com.ibm.jsse2.lb.a(lb.java:459)
at com.ibm.jsse2.kb.s(kb.java:11)
at com.ibm.jsse2.kb.a(kb.java:394)
at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:44)
at com.ibm.jsse2.SSLSocketImpl.h(SSLSocketImpl.java:496)
at com.ibm.jsse2.SSLSocketImpl.a(SSLSocketImpl.java:528)
at com.ibm.jsse2.SSLSocketImpl.startHandshake(SSLSocketImpl.java:505)
at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:83)
at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:31)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1184)
at com.ibm.net.ssl.www2.protocol.https.b.getInputStream(b.java:40)
at xxxxx.getJSON(JSONReader.java:48) (Name auskommentiert)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
at com.ibm.jscript.types.JavaAccessObject.call(JavaAccessObject.java:321)
at com.ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript.ASTTree.ASTReturn.interpret(ASTReturn.java:49)
at com.ibm.jscript.std.FunctionObject._executeFunction(FunctionObject.java:261)
at com.ibm.jscript.std.FunctionObject.executeFunction(FunctionObject.java:185)
at com.ibm.jscript.std.FunctionObject.call(FunctionObject.java:171)
at com.ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript.ASTTree.ASTArgumentList.interpretArguments(ASTArgumentList.java:65)
at com.ibm.jscript.types.FBSObject.call(FBSObject.java:153)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:197)
at com.ibm.jscript.ASTTree.ASTProgram.interpret(ASTProgram.java:119)
at com.ibm.jscript.ASTTree.ASTProgram.interpretEx(ASTProgram.java:139)
at com.ibm.jscript.JSExpression._interpretExpression(JSExpression.java:435)
at com.ibm.jscript.JSExpression.access$1(JSExpression.java:424)
at com.ibm.jscript.JSExpression$2.run(JSExpression.java:414)
at java.security.AccessController.doPrivileged(AccessController.java:310)
at com.ibm.jscript.JSExpression.interpretExpression(JSExpression.java:410)
at com.ibm.jscript.JSExpression.evaluateValue(JSExpression.java:251)
at com.ibm.jscript.JSExpression.evaluateValue(JSExpression.java:234)
at com.ibm.xsp.javascript.JavaScriptInterpreter.interpret(JavaScriptInterpreter.java:222)
at com.ibm.xsp.binding.javascript.JavaScriptMethodBinding.invoke(JavaScriptMethodBinding.java:111)
at com.ibm.xsp.application.ActionListenerImpl.processAction(ActionListenerImpl.java:60)
at javax.faces.component.UICommand.broadcast(UICommand.java:324)
at com.ibm.xsp.component.UIEventHandler.broadcast(UIEventHandler.java:366)
at com.ibm.xsp.component.UIViewRootEx.broadcast(UIViewRootEx.java:1535)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:307)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:428)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:94)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:210)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:96)
at com.ibm.xsp.controller.FacesControllerImpl.execute(FacesControllerImpl.java:256)
at com.ibm.xsp.webapp.FacesServlet.serviceView(FacesServlet.java:228)
at com.ibm.xsp.webapp.FacesServletEx.serviceView(FacesServletEx.java:157)
at com.ibm.xsp.webapp.FacesServlet.service(FacesServlet.java:160)
... 13 more