1
似乎证书(X509)验证执行的唯一方式是: 如果对服务器的请求包含已存在于服务器密钥库中的证书,则处理该请求(以及相同与服务器的响应)。Apache CXF/WSS4J证书验证
你能请,提出一个方法来验证的CRL和根证书的证书?
有关使用弹簧安全和CXF的<jaxws:inInterceptors>什么?不能找到一个教程还
进展 试图写我自己的拦截:
public class MyInInterceptor extends AbstractPhaseInterceptor<Message> {
Logger logger = Logger.getLogger(MyInInterceptor.class);
public MyInInterceptor() {
super(Phase.PRE_PROTOCOL);
addAfter(WSS4JInInterceptor.class.getName());
}
private SOAPMessage getSOAPMessage(SoapMessage msg) {
SAAJInInterceptor.INSTANCE.handleMessage(msg);
return msg.getContent(SOAPMessage.class);
}
@Override
public void handleMessage(Message message) throws Fault {
logger.info("custom handleMessage method");
logger.info("getting a certificate");
HashMap engine = (HashMap) message.get("wss4j.signature.result");
X509Certificate certificate = (X509Certificate) engine.get("x509-certificate");
logger.info("parsing certificate");
}
对于现在的问题是用任何可能的方式来验证证书,说的纯java ..