cas登入換用 jdk1.6 報錯handshake_failure握手失敗
阿新 • • 發佈:2018-11-02
cas登入換用 jdk1.6 報錯handshake_failure握手失敗
用cas程式碼搭建demo,jdk版本為1.6,結果報錯javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure。
總結百度搜索答案:
- 替換jdk的jar包,即jre\lib\security的local_policy.jar,US_export_policy.jar檔案替換掉(jre和jdk中的jre均替換掉),下載地址
http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html; - 設定引數System.setProperty(“https.protocols”, “TLSv1.2,TLSv1.1,SSLv3”);
試用過第一種,沒有解決問題;開始嘗試第二種,首先要找到引數新增地址,觀察報錯:
標明cas.client.util.Commonutils.getResponseFromServer 報錯,所以在建立客戶端與服務端建立連線時要指定jdk1.6的證書型別,經查證:
故程式碼設定為 System.setProperty(“https.protocols”, “TLSv1,SSLv3”);即
public static String getResponseFromServer(final URL constructedUrl, final HostnameVerifier hostnameVerifier, final String encoding) { URLConnection conn = null; try { //加入支援證書型別 System.setProperty("https.protocols", "TLSv1,SSLv3"); conn = constructedUrl.openConnection(); if (conn instanceof HttpsURLConnection) { ((HttpsURLConnection)conn).setHostnameVerifier(hostnameVerifier); } final BufferedReader in; if (CommonUtils.isEmpty(encoding)) { in = new BufferedReader(new InputStreamReader(conn.getInputStream())); } else { in = new BufferedReader(new InputStreamReader(conn.getInputStream(), encoding)); } String line; final StringBuilder stringBuffer = new StringBuilder(255); while ((line = in.readLine()) != null) { stringBuffer.append(line); stringBuffer.append("\n"); } return stringBuffer.toString(); } catch (final Exception e) { LOG.error(e.getMessage(), e); throw new RuntimeException(e); } finally { if (conn != null && conn instanceof HttpURLConnection) { ((HttpURLConnection)conn).disconnect(); } } }
重啟專案,登入成功。
jdk證書型別部分參考https://blog.csdn.net/tawlang/article/details/80655460;
做一個備忘錄,若有不準確還望指正。