我正在尝试在Apache Mina中实现starttls以下参考。http://mina.apache.org/mina-project/apidocs/org/apache/mina/filter/filter/ssl/sslfilter.html
我的代码如下:
@Override 公共无效的MessageReceived(ioSession会话,对象消息)抛出异常{
jsonparser(msg);
if (condition) {
startTLS();
}
}
sslfilter sslfilter;public void starttls(){
try {
SSLContext sslContext = SSLContext.getInstance("TLSv1");
sslContext.init(null, null, new SecureRandom());
sslFilter = new SslFilter(sslContext);
sslFilter.setUseClientMode(true);
sslFilter.setNeedClientAuth(false);
session.getFilterChain().addFirst("mySSL", sslFilter);
session.setAttribute(SslFilter.DISABLE_ENCRYPTION_ONCE, Boolean.TRUE);
assert session.getAttribute(SslFilter.DISABLE_ENCRYPTION_ONCE) == null;
} catch (Exception e) {
e.printStactTrace();
}
}
我正在尝试使用JSON进行操作。因此,我收到的每条消息都会与JSON库解析。协商消息是:session_unsecured轨道跟踪如下:
02-05 12:50:20.365: W/System.err(994): Unexpected character (S) at position 0.
02-05 12:50:20.374: W/System.err(994): at org.json.simple.parser.Yylex.yylex(Yylex.java:610)
02-05 12:50:20.394: W/System.err(994): at org.json.simple.parser.JSONParser.nextToken(JSONParser.java:269)
02-05 12:50:20.394: W/System.err(994): at org.json.simple.parser.JSONParser.parse(JSONParser.java:118)
02-05 12:50:20.404: W/System.err(994): at org.json.simple.parser.JSONParser.parse(JSONParser.java:81)
02-05 12:50:20.444: W/System.err(994): at org.json.simple.parser.JSONParser.parse(JSONParser.java:75)
02-05 12:50:20.444: W/System.err(994): at network.com.parse(com.java:146)
02-05 12:50:20.444: W/System.err(994): at network.com.messageReceived(com.java:106)
02-05 12:50:20.474: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:690)
02-05 12:50:20.474: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
02-05 12:50:20.474: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
02-05 12:50:20.474: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765)
02-05 12:50:20.487: W/System.err(994): at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:214)
02-05 12:50:20.494: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
02-05 12:50:20.494: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
02-05 12:50:20.514: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765)
02-05 12:50:20.514: W/System.err(994): at org.apache.mina.filter.ssl.SslHandler.flushScheduledEvents(SslHandler.java:322)
02-05 12:50:20.524: W/System.err(994): at org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:497)
02-05 12:50:20.524: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
02-05 12:50:20.524: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
02-05 12:50:20.524: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765)
02-05 12:50:20.556: W/System.err(994): at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:109)
02-05 12:50:20.564: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
02-05 12:50:20.564: W/System.err(994): at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:410)
02-05 12:50:20.574: W/System.err(994): at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:710)
02-05 12:50:20.574: W/System.err(994): at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:664)
02-05 12:50:20.604: W/System.err(994): at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:653)
02-05 12:50:20.604: W/System.err(994): at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:67)
02-05 12:50:20.604: W/System.err(994): at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1124)
02-05 12:50:20.614: W/System.err(994): at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
02-05 12:50:20.614: W/System.err(994): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1080)
02-05 12:50:20.614: W/System.err(994): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:573)
02-05 12:50:20.625: W/System.err(994): at java.lang.Thread.run(Thread.java:841)
预先感谢您。
最后它起作用。实施如下。
public void startTLS() {
try {
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, null);
} catch(NoSuchAlgorithmException nsa) {
System.out.println("Exception : No Such Algorithm");
} catch(KeyManagementException kme) {
System.out.println("Exception : KeyManagementException:");
}//try-catch
IoFilterChain chain = session.getFilterChain();
SslFilter sslFilter = (SslFilter) chain.get("sslFilter");
if (sslFilter == null) {
sslFilter = new SslFilter(sslContext);
sslFilter.setUseClientMode(true);
if ((cipherSuites != null) && !cipherSuites.isEmpty()) {
sslFilter.setEnabledCipherSuites(cipherSuites.toArray( new String[cipherSuites.size()] ));
}
chain.addFirst("sslFilter", sslFilter);
}else {
try {
sslFilter.startSsl(this.session);
} catch(SSLException se) {
System.out.println("SslException:"+se);
}
}//if-else
}//startTLS
如果我在做任何错误,请让我知道。
感谢EmmanuelLécharny的指导。