使用KSOAP2和HTTPS的Android web服务
我正在尝试用JAVA和KSOAP2为android写一个webservice。SOAP是我唯一可以使用的协议,而ReST不是一个选项。
因此,我成功地创建了SOAP请求,并使用HTTP连接到服务器。但是,我需要HTTPS,因为敏感信息将被传输。禁用证书检查不是一个选项,因为数据是敏感的,我必须使用SSL。
由于Android在HTTPS中抛出了认证错误,我创建了自己的密钥库,如下所示
1- http://blog.antoine.li/index.php/2010/10/android-trusting-ssl-certificates/
并将其添加到项目中。
我的代码类似于
2- http://www.techques.com/question/1-4646121/Not-trusted-certificate-using-ksoap2-android。
我还经历了
4- Apache HttpClient on Android producing CertPathValidatorException (IssuerName != SubjectName)
但不能直接使用它们。
使用HTTPS显示1中的代码相对于2中的代码的伪代码将非常受欢迎。
2中的最后一个注释到底是什么意思?他在代码中使用了HttpsTransportSE,但说他扩展了HttpsServiceConnectionSE。你能在伪代码中显示这个吗?
此外,我应该使用HttpsTransportSE或HttpsServiceConnectionSE来提供我将连接到的网址。
回答 1
Stack Overflow用户
发布于 2013-04-11 22:13:31
适用于我使用eclipse的KSOAP + Web服务WCF。带有证书和登录/密码的Tomcat
也许这对你有帮助
private static SoapObject getBody(final SoapSerializationEnvelope soapEnvelope) throws Exception {
if (soapEnvelope.bodyIn == null) {
throw new Exception("soapEnvelope.bodyIn=null");
}
else if (soapEnvelope.bodyIn.getClass() == SoapFault.class) {
throw new ExceptionLogic((SoapFault) soapEnvelope.bodyIn));
}
else {
return (SoapObject) soapEnvelope.bodyIn;
}
}
private static SoapSerializationEnvelope sendRequete(final SoapObject soapReq, final String classMappingName,
final Class<?> classMapping, final int timeOutSpecial) {
final SoapSerializationEnvelope soapEnvelope = new SoapSerializationEnvelope(SoapEnvelope.VER11);
soapEnvelope.implicitTypes = true;
soapEnvelope.dotNet = true;
if (classMappingName != null) {
soapEnvelope.addMapping(NAMESPACE, classMappingName, classMapping);
}
soapEnvelope.setOutputSoapObject(soapReq);
try {
final HttpTransportSE httpTransport = new HttpTransportSE(Constante.urlWebService, timeOutSpecial);
httpTransport.debug = BuildConfig.DEBUG;
// Prod
if (Constante.urlWebService.startsWith("https://")) {
final List<HeaderProperty> headerList = new ArrayList<HeaderProperty>();
headerList.add(new HeaderProperty("Authorization", "Basic "
+ org.kobjects.base64.Base64.encode((Constante.CERTIFICAT_LOGIN + ":" + Constante.CERTIFICAT_MDP).getBytes())));
FakeX509TrustManager.allowAllSSL();
httpTransport.call(NAMESPACE + "/" + soapReq.getName(), soapEnvelope, headerList);
}
// Test
else {
httpTransport.call(NAMESPACE + "/" + soapReq.getName(), soapEnvelope);
}
return soapEnvelope;
}
catch (final Exception e) {
throw new Exception("Erreur : " + e.getMessage(), e);
}
}
private static class FakeX509TrustManager implements X509TrustManager {
private static TrustManager[] trustManagers;
private final X509Certificate[] _AcceptedIssuers = new X509Certificate[] {};
@Override
public X509Certificate[] getAcceptedIssuers() {
return _AcceptedIssuers;
}
public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(final String hostname, final SSLSession session) {
return true;
}
});
SSLContext context = null;
if (trustManagers == null) {
trustManagers = new TrustManager[] { new FakeX509TrustManager() };
}
try {
context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, new SecureRandom());
}
catch (final NoSuchAlgorithmException e) {
e.printStackTrace();
}
catch (final KeyManagementException e) {
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
}
@Override
public void checkClientTrusted(final X509Certificate[] arg0, final String arg1) throws CertificateException {
}
@Override
public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
}
}https://stackoverflow.com/questions/6691084
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号