HTTPS请求

  hhtps:HTTPS(全称:Hyper Text Transfer Protocol over Secure Socket Layer),是以安全为目标的 HTTP通道,简单讲是HTTP的安全版,即HTTP下加入SSL层,HTTPS的安全基础是SSL,因此加密的详细内容就需要SSL。一般用于解决信任主机、通讯过程中的数据的泄密和被篡改等问题。

  http:全称是Hypertext Transfer Protocol Vertion (超文本传输协议),说通俗点就是用网络链接传输文本信息的协议,

  所以http和https之间的区别就在于其传输的内容是否加密和是否是开发性的内容。

  HTTPS和HTTP的区别:

      https协议需要到ca申请证书,一般免费证书很少,需要交费。

      http是超文本传输协议,信息是明文传输,https 则是具有安全性的ssl加密传输协议。

      http和https使用的是完全不同的连接方式用的端口也不一样,前者是80,后者是443。

      http的连接很简单,是无状态的。

      HTTPS协议是由SSL+HTTP协议构建的可进行加密传输、身份认证的网络协议,要比http协议安全。

  相关详细信息参考:https://blog.csdn.net/zmx729618/article/details/51372659

XmlManager.java

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.DataOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileWriter;
import java.io.FilenameFilter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.URL;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
 
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.HttpsURLConnection;
 
import net.sf.json.JSONObject;
 
 
public class XmlManager {          
 
public static String httpurlconnection(Map map,String httpurls){
         
        try {          
            //创建SSLContext
            SSLContext sslContext=SSLContext.getInstance("SSL");
            TrustManager[] tm={new MyX509TrustManager()};
            //初始化
             sslContext.init(null, tm, new java.security.SecureRandom());
            //获取SSLSocketFactory对象
             
            SSLSocketFactory ssf=sslContext.getSocketFactory();
            URL url=new URL(httpurls);
            HttpsURLConnection conn=(HttpsURLConnection) url.openConnection();
            //设置是否进行主机名确认(类中类)
            conn.setHostnameVerifier(new TrustAnyHostnameVerifier());
            //设置当前实例使用的SSLSocketFactory                                     conn.setSSLSocketFactory(ssf);
            conn.setRequestMethod("POST");//连接方式为post
            conn.setDoOutput(true);//设置是否向urlConn输出,因为是post请求,参数要放在http正文内,因此需要设置为true,默认情况下为false
            conn.setDoInput(true);//设置是否从urlConn读入,默认情况下为true
              conn.setRequestProperty("Content-Type","application/json;charset=UTF-8");//设置参数格式
            conn.setUseCaches(false);
            conn.connect();
            //往服务器写内容
            if(null!=map){
                DataOutputStream os=new DataOutputStream(conn.getOutputStream());
                JSONObject json=JSONObject.fromObject(map);
                os.writeBytes(json.toString());
                System.err.println("json.toString()"+json.toString());
                os.flush();
                os.close();
            }
            //读取服务器端返回的内容
            InputStream is=conn.getInputStream();
            InputStreamReader isr=new InputStreamReader(is, "utf-8");
            BufferedReader br=new BufferedReader(isr);
            String json=br.readLine();
            return json;
             
        } catch (Exception e) {
            System.err.println(e.getMessage());
            // TODO: handle exception
            return null;
        }
         
 
         
    }
    //类中类 作用:是否进行主机名确认。True 通过,false不通过
    public static class TrustAnyHostnameVerifier implements HostnameVerifier{
 
        public boolean verify(String arg0, SSLSession arg1) {
            // TODO Auto-generated method stub<br>              //设置为true,相当于不进行主机确认,具有一定的不安全性
            return true;
        }
 
    }
}

  MyX509TrustManager.java

 

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
 
import javax.net.ssl.X509TrustManager;
 
public class MyX509TrustManager implements X509TrustManager{
 
    public void checkClientTrusted(X509Certificate[] arg0, String arg1)
            throws CertificateException {
        // TODO Auto-generated method stub
         
    }
 
    public void checkServerTrusted(X509Certificate[] arg0, String arg1)
            throws CertificateException {
        // TODO Auto-generated method stub
         
    }
 
    public X509Certificate[] getAcceptedIssuers() {
        // TODO Auto-generated method stub
        return null;
    }
 
}

 

  

 

posted @   哎呀呀呀呀~~  阅读(628)  评论(0编辑  收藏  举报
(评论功能已被禁用)
点击右上角即可分享
微信分享提示