HttpComponents (HttpClient 4.x)¿¡¼ HTTPS ¼¹ö ¿¬µ¿Çϱâ
¿¹Àü Á¦°¡ ¿ÜºÎ ½Ã½ºÅÛ°ú ¿¬µ¿ÇÒ¶§´Â ´ëºÎºÐÀÌ TCP/IP ±â¹Ý Socket Åë½ÅÀ»
Çß¾ú½À´Ï´Ù.
Áö±Ý »ý°¢ ÇÏ¸é ¸»µµ ¾ÈµÇ´Â ÀÎÅÍÆäÀ̽º ¸Þ¼¼Áö ¼³°èÇÏ°í,
³ª Ȧ·Î Æļ¸¦ ¸¸µé¾úÁÒ.°³¹ß ³âÂ÷°¡ ÀÖÀ¸½ÅºÐµéÀº ÀÌÇظ¦ ÇϽǵí ..
^^ÇÏÁö¸¸ ÃÖ±Ù¿¡´Â ¾Èµå·ÎÀ̵å, ¾ÆÀÌÆùµî ¾Û ¾îÇø®ÄÉÀÌ¼Ç °ú
À¥ ¼ºñ½º°£ÀÇ ´Ù¾çÇѸŽ¬¾÷À¸·Î ÀÎÇؼ ´ëºÎºÐ Åë½ÅÀÌ TCP/IP ±â¹Ý
HTTP Åë½ÅÀÌ ÁÖ¸¦ ÀÌ·ç°í ÀÖ½À´Ï´Ù.ƯÈ÷ ³»ºÎ/¿ÜºÎ ½Ã½ºÅÛ °£¿¡ Åë½Å ¹æ½Äµµ
HTTP Åë½ÅÀÌ °ÅÀÇ ÀϹÝÈ·Î ÀÚ¸®¸¦ Àâ¾Æ°¡´Âµí ÇÕ´Ï´Ù.±×Áß¿¡¼ ¾ø¾î¼´Â ¾ÈµÉ
¶óÀ̺귯¸®°¡ ¹Ù·Î Apache HttpClient ÀÔ´Ï´Ù.
ÀÌ·± ÀÌÀ¯¿¡¼ÀÎÁö ÃÖ±Ù(?)
4.x·Î µÇ¸é¼ ´õÀÌ»ó Apache CommonsÀÇ ¼ºê ÇÁ·ÎÁ§Æ®°¡ ¾Æ´Ñ,
Top Project·Î ½Â°ÝÀÌ µÇ¾ú°í À̸§µµ ¡°Apache Components¡±¶ó°í
¸íĪ º¯°æµµ µÇ¾úÁÒ.¹°·Ð JDK¿¡¼ Á¦°øÇÏ´Â ¶óÀ̺귯¸®µµ ÀÖÁö¸¸, ½ÉÇÃÇϸé¼,
´Ù¾çÇÑ ±â´ÉÀº¿ª½Ã HttpClient¶ó°í ÇÒ ¼ö ÀÖ½À´Ï´Ù. ´Ü¼ø ¡°http://¡± Åë½ÅÀº
¿¹Á¦µµ ¸¹°í ½ÉÇÃÇѵ¥, SSL Åë½ÅÀ» ÇØ¾ß ÇÒ°æ¿ì(°³ÀÎ Á¤º¸¸¦ ÆĶó¹ÌÅÍ Àü¼ÛÇÒ °æ¿ì)
»ý°¢ º¸´Ù´Â ½ÉÇÃÇÏÁö°¡ ¾Ê´õ±º¿ä. ¤Ñ.¤Ñ°Å±â´Ù°¡ Å×½ºÆ®¸¦ Çϱâ À§Çؼ
WAS ¶Ç´Â Web Server¿¡ SSL ¼³Á¤À»ÇؾßÇÏ´Â ¹ø°Å·¯¿òµµ ÀÖÁÒ¡¦.
´õ±º´Ù³ª veriSing °°Àº CA (Certificate Authority ) ¹ß±ÞÇÏ´Â °æ¿ì´Â
SSL Åë½Å ¹æ½Ä¶ÇÇÑ ´Ù¼Ò Ʋ·Á¼ Å×½ºÆ®ÇϱⰡ´õ¿í ½±Áö ¾Ê½À´Ï´Ù.
ÇÏÁö¸¸ ´ÙÇàÈ÷ CA ÀÎÁõ¼¸¦ ¹ÞÀº Å×½ºÆ® À¥»çÀÌÆ®°¡ ÀÖ½À´Ï´Ù.
±×·¡¼ Å×½ºÆ® À¥»çÀÌÆ® ¿Í HttpClient ¸ðµâÀ» ÀÌ¿ëÇؼ º¸´Ù ½±°í,
ÆíÇÏ°Ô ¡°https://¡± Å×½ºÆ® ¹× »ùÇÃÄڵ忡 ´ëÇؼ ¸»¾¸ µå¸®°Ú½À´Ï´Ù.
º» Æ÷½ºÆÃÀº Android °³¹ßÀںе鿡°Ô ´õ µµ¿òÀÌ ¸¹ÀÌ µÉ °Í °°À¸´Ï²À
Âü°í ÇϽñ⠹ٶø´Ï´Ù.
- ¼±Çà Á¶°Ç
¾Æ·¡¿Í °°ÀÌ ¸ÞÀÌºì ¼³Á¤À» ÇÏ½Ã¸é µË´Ï´Ù.
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.1</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
- HTTPS Å×½ºÆ® À¥ÆäÀÌÁö
Å×½ºÆ® À¥»çÀÌÆ® Á¤º¸´Â ¾Æ·¡¿Í °°½À´Ï´Ù.
Á¢¼Ó URL : https://msp.f-secure.com/web-test/common/test.html
Á¢¼Ó Port : 443 (ssl ±âº» Æ÷Æ®)
- HttpClient·Î Á¢¼Ó Çϱâ
package org.beyondj2ee;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;
public class HttpsTest {
/-*
* @param args
*-
public static void main(String[] args) throws Exception {
DefaultHttpClient httpclient = new DefaultHttpClient();
TrustManager easyTrustManager = new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
// no-op
return null;
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}
};
try {
SSLContext sslcontext = SSLContext.getInstance(¡°TLS¡±);
sslcontext
.init(null, new TrustManager[] { easyTrustManager }, null);
SSLSocketFactory socketFactory = new SSLSocketFactory(sslcontext,
SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
// SSLSocketFactory socketFactory = new SSLSocketFactory(sslcontext,
// SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
Scheme sch = new Scheme(¡°https¡±, 443, socketFactory);
httpclient.getConnectionManager().getSchemeRegistry().register(sch);
HttpGet httpget = new HttpGet(
¡°https://msp.f-secure.com/web-test/common/test.html¡±);
System.out.println(¡°executing request¡± + httpget.getRequestLine());
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
String responseBody = EntityUtils.toString(response.getEntity(),
¡°UTF-8¡±);
System.out.println(responseBody);
System.out.println(¡°—————————————-¡±);
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println(¡°Response content length: ¡±
+ entity.getContentLength());
}
EntityUtils.consume(entity);
} finally {
httpclient.getConnectionManager().shutdown();
}
}
}
¸¸¾à º»ÀÎ ÀÎÁõ ¹æ½Ä (Self-Signed Certificate)ÀÏ °æ¿ì´Â ¡°SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER"¼±¾ðµÈ Äڵ带
ÁÖ¼®ÇØÁ¦ ÇÏ½Ã¸é µË´Ï´Ù. ¹°·Ð ¹Ù·Î À§ÀÇ ¡± SSLSocketFactory.STRICT_HOSTNAME_VERIFIER"ÄÚµå´Â ÁÖ¼® ó¸®
ÇÏ¼Å¾ß °ÚÁÒ.^^ ½ÇÇàÀ» ÇÏ¸é ¾Æ·¡¿Í °°ÀÌ Output¸¦ È®ÀÎ ÇÒ¼ö ÀÖ½À´Ï´Ù.