Hy
I try to connect a java program to an REST API.
With the same part of code I have a Java Exception in Java 6 and it works fine in Java 8.
It's the same environment :
trustore
machine
unix user
the code :
import java.io.DataInputStream;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
public class MainClass {
public static void main (String[] args){
String serviceUrl = "https://api.domain.com" + "/endpont/path";
try {
URL url = new URL(serviceUrl);
URLConnection connection = null;
try{
connection = url.openConnection();
connection.setRequestProperty("Accept", "application/json");
connection.setRequestProperty("Content-Type", "application/json");
String body = "";
String inputLine;
DataInputStream input = new DataInputStream (connection.getInputStream());
while (((inputLine = input.readLine()) != null)){
body += inputLine;
}
System.out.println(body);
} catch (IOException e) {
e.printStackTrace();
}
} catch (MalformedURLException e) {
e.printStackTrace();
}
}
}
the error in Java 6 : sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Somebody know how it's different ? Can I use some tricks to have the same result in Java 6 ?
The CN of the cert is a wildcard : "*.domain.com" . It can be the cause ?
I tried several api but there all used the sun SSL layer. Do you know an other to replace it ?
JRE has it's own keystore, where certificates can be stored. Maybe your JDK/JRE for Java 6 has different keys than Java 8.
Related
This code is working in my laptop having latest java version. but not working in pc with java 1.5. i don't want to update java.
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.Reader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.LinkedHashMap;
import java.util.Map;
import org.json.JSONObject;
public class testjavafile {
public static void main(String[] args) {
try {
testjavafile.call_me();
} catch (Exception e) {
e.printStackTrace();
}
}
public static void call_me() throws Exception {
URL url = new URL("https://httpbin.org/post");
Map<String, Object> params = new LinkedHashMap<String, Object>();
params.put("name", "Jinu Jawad");
params.put("email", "helloworld#gmail.com");
params.put("CODE", 1111);
params.put("message", "Hello Post Test success");
StringBuilder postData = new StringBuilder();
for (Map.Entry param : params.entrySet()) {
if (postData.length() != 0) postData.append('&');
try {
postData.append(URLEncoder.encode(param.getKey().toString(), "UTF-8"));
postData.append('=');
postData.append(URLEncoder.encode(String.valueOf(param.getValue()), "UTF-8"));
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
}
byte[] postDataBytes = postData.toString().getBytes("UTF-8");
HttpURLConnection conn = (HttpURLConnection)url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
conn.setRequestProperty("Content-Length", String.valueOf(postDataBytes.length));
conn.setDoOutput(true);
conn.getOutputStream().write(postDataBytes);
// this place is showing error
Reader in = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8"));
StringBuilder sb = new StringBuilder();
for (int c; (c = in.read()) >= 0;)
sb.append((char)c);
String response = sb.toString();
System.out.println(response);
JSONObject myResponse = new JSONObject(response.toString());
System.out.println("result after Reading JSON Response");
System.out.println("origin- "+myResponse.getString("origin"));
System.out.println("url- "+myResponse.getString("url"));
JSONObject form_data = myResponse.getJSONObject("form");
System.out.println("CODE- "+form_data.getString("CODE"));
System.out.println("email- "+form_data.getString("email"));
System.out.println("message- "+form_data.getString("message"));
System.out.println("name"+form_data.getString("name"));
}
}
Does your laptop and pc have the same network environment?
It seems your pc can't connect to the network
Your code tries to establish a HTTPS connection to httpbin.org. HTTPS and the security layer SSL/TLS it uses exists in different versions: SSL 3.0, TLS 1.0, TLS 1.2, TLS 1.2, TLS 1.3.
Because of security problems most web servers have disabled all versions below TLS 1.2.
But you are lucky, at the moment httpbin.org supports even the older TLS 1.0 and TLS1.1 version.
Your problem is that your used Java version 1.5 is very old and no longer supported. So old that as far as I know it does not even support the deprecated version TLS 1.0.
Therefore you need at least Java 1.6 which supports TLS 1.0: https://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider
But my recommendation would be to upgrade to Java 7 or better 8 as in Java 8 TLS 1.2 is supported and enabled by default.
I'm using OpenJDK 11 on Linux and I need to make sure all my web requests done with HttpURLConnection are properly closed and do not keep any file descriptors open.
Oracle's manual tells to use close on the InputStream and Android's manual tells to use disconnect on the HttpURLConnection object.
I also set Connection: close and http.keepAlive to false to avoid pooling of connections.
This seems to work with plain http requests but not encrypted https requests whose response is sent with non-chunked encoding. Only a GC seems to clean up the closed connections.
This example code:
import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.stream.Stream;
public class Test {
private static int printFds() throws IOException {
int cnt = 0;
try (Stream<Path> paths = Files.list(new File("/proc/self/fd").toPath())) {
for (Path path : (Iterable<Path>)paths::iterator) {
System.out.println(path);
++cnt;
}
}
System.out.println();
return cnt;
}
public static void main(String[] args) throws IOException, InterruptedException {
System.setProperty("http.keepAlive", "false");
for (int i = 0; i < 10; i++) {
// Must be a https endpoint returning non-chunked response
HttpURLConnection conn = (HttpURLConnection) new URL("https://www.google.com/").openConnection();
conn.setRequestProperty("Connection", "close");
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
while (in.readLine() != null) {
}
in.close();
conn.disconnect();
conn = null;
in = null;
}
Thread.sleep(1000);
int numBeforeGc = printFds();
System.gc();
Thread.sleep(1000);
int numAfterGc = printFds();
System.out.println(numBeforeGc == numAfterGc ? "No socket leaks" : "Sockets were leaked");
}
}
prints this output:
/proc/self/fd/0
/proc/self/fd/1
/proc/self/fd/2
/proc/self/fd/3
/proc/self/fd/4
/proc/self/fd/5
/proc/self/fd/9
/proc/self/fd/6
/proc/self/fd/7
/proc/self/fd/8
/proc/self/fd/10
/proc/self/fd/11
/proc/self/fd/12
/proc/self/fd/13
/proc/self/fd/14
/proc/self/fd/15
/proc/self/fd/16
/proc/self/fd/17
/proc/self/fd/18
/proc/self/fd/19
/proc/self/fd/0
/proc/self/fd/1
/proc/self/fd/2
/proc/self/fd/3
/proc/self/fd/4
/proc/self/fd/5
/proc/self/fd/9
/proc/self/fd/6
/proc/self/fd/7
/proc/self/fd/8
Sockets were leaked
Changing to a http URL makes the sockets close correctly as expected without GC:
/proc/self/fd/0
/proc/self/fd/1
/proc/self/fd/2
/proc/self/fd/3
/proc/self/fd/4
/proc/self/fd/5
/proc/self/fd/6
/proc/self/fd/0
/proc/self/fd/1
/proc/self/fd/2
/proc/self/fd/3
/proc/self/fd/4
/proc/self/fd/5
/proc/self/fd/6
No socket leak
Tested with both OpenJDK 11 and 12. Did I miss something or is this a bug?
Turns out to be a bug after all: https://bugs.openjdk.java.net/browse/JDK-8216326
shutdownInput is now replaced by close in the latest builds of JDK 11 and 13 (but not 12).
I need to consume a SOAP service, and I have seen on the spring tutorial that my java classes for consuming and receiving the services, can be automatically generated using a tool or a framework.
The thing is most tutorials rely on wsimport tool from the JDK...and after lots of hours trying I found out that for Java 11, this is deprecated.
After this I found this ,this, and this talking about some workarounds for this problem. I tried all of them, but my gradle.build starts generating dependencies issues around this libraries. I have tried to exclude the problematic libraries but it doesn´t solve the issue.
So I'm wondering how can I generate my SOAP client classes on a not so patched way?
Additional info: It's a contract first approach, the service is on the web and it is a ?wsdl url.
At the end, I just followed this tutorial, which was simple enough and allowed me to consume a SOAP web service and then build an XML file to process the info retrieved. Hopefully Java 11 will have some better support for this type of service on the near future, but meanwhile I solved my problem and maybe this post can be useful to someone with a similar task to perform.
ofcourse that I can share :) my coding:
import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;
#Service
#Slf4j
public class GusGetCompanyRawXml {
public String getCompanyRawXmlData(String sessionKey, String polishVatId) {
String outputString = "";
try {
URL url = new URL("https://wyszukiwarkaregon.stat.gov.pl/wsBIR/UslugaBIRzewnPubl.svc");
URLConnection connection = url.openConnection();
HttpURLConnection httpConn = (HttpURLConnection) connection;
ByteArrayOutputStream bout = new ByteArrayOutputStream();
String xmlInput =
"<soap:Envelope xmlns:soap=\"http://www.w3.org/2003/05/soap-envelope\"\n"
+ "xmlns:ns=\"http://CIS/BIR/PUBL/2014/07\" xmlns:dat=\"http://CIS/BIR/PUBL/2014/07/DataContract\">\n"
+ "<soap:Header xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n"
+ "<wsa:To>https://wyszukiwarkaregontest.stat.gov.pl/wsBIR/UslugaBIRzewnPubl.svc</wsa:To>\n"
+ "<wsa:Action>http://CIS/BIR/PUBL/2014/07/IUslugaBIRzewnPubl/DaneSzukajPodmioty</wsa:Action>\n"
+ "</soap:Header>\n"
+ "<soap:Body>\n"
+ "<ns:DaneSzukajPodmioty>\n"
+ "<ns:pParametryWyszukiwania>\n"
+ "<dat:Nip>"+polishVatId+"</dat:Nip>\n"
+ "</ns:pParametryWyszukiwania>\n"
+ "</ns:DaneSzukajPodmioty>\n"
+ "</soap:Body>\n"
+ "</soap:Envelope>";
byte[] buffer;
buffer = xmlInput.getBytes();
bout.write(buffer);
byte[] b = bout.toByteArray();
String SOAPAction = "http://CIS/BIR/PUBL/2014/07/IUslugaBIRzewnPubl/Zaloguj";
httpConn.setRequestProperty("Content-Length", String.valueOf(b.length));
httpConn.setRequestProperty("Content-Type", "application/soap+xml; charset=utf-8");
httpConn.setRequestProperty("SOAPAction", SOAPAction);
httpConn.setRequestProperty("sid", sessionKey);
httpConn.setRequestMethod("POST");
httpConn.setDoOutput(true);
httpConn.setDoInput(true);
OutputStream out = httpConn.getOutputStream();
//Write the content of the request to the outputstream of the HTTP Connection.
out.write(b);
out.close();
//Ready with sending the request.
//Read the response.
InputStreamReader inputStreamReader = new InputStreamReader(httpConn.getInputStream(), "UTF-8");
BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
//
String responseString = "";
//Write the SOAP message response to a String.
while ((responseString = bufferedReader.readLine()) != null) {
if (StringUtils.contains(responseString, "<")) {
String unescapedString = StringEscapeUtils.unescapeXml(responseString);
String remove = StringUtils.remove(unescapedString, "\r");
outputString = outputString + remove;
}
}
} catch (IOException e){
log.error("Get customer data from gus failed",e.getStackTrace());
}
return outputString;
}
}
public BlnInitBookData initTrans(String ccode, String license) {
BlnInitBookData initBookData = null;
try {
BlnInitBook request = new BlnInitBook();
request.setLicenseType(license);
request.setStrCinemaCode(ccode);
initBookData = ((BlnInitBookResponse) getWebServiceTemplate().marshalSendAndReceive(hosted_server_URL, request,
new SoapActionCallback("URL_of_SOAP_api"))).getServiceResponse1()
.getBlnInitBookData();
} catch (final Exception e) {
logger.error(this.getClass().getName() + e.getMessage);
}
return initBookData;}
In Java, use the WebServiceGatewaySupport class, It worked for me. I generated SOAP requests, response classes.
I was able to create a Container in Storage Account and upload a blob to it through the Client Side Code.
I was able to make the blob available for Public access as well , such that when I hit the following query from my browser, I am able to see the image which I uploaded.
https://MYACCOUNT.blob.core.windows.net/MYCONTAINER/MYBLOB
I now have a requirement to use the rest service to retrieve the contents of the blob. I wrote down the following java code.
package main;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.TimeZone;
public class GetBlob {
public static void main(String[] args) {
String url="https://MYACCOUNT.blob.core.windows.net/MYCONTAINER/MYBLOB";
try {
System.out.println("RUNNIGN");
HttpURLConnection connection = (HttpURLConnection) new URL(url).openConnection();
connection.setRequestProperty("Authorization", createQuery());
connection.setRequestProperty("x-ms-version", "2009-09-19");
InputStream response = connection.getInputStream();
System.out.println("SUCCESSS");
String line;
BufferedReader reader = new BufferedReader(new InputStreamReader(response));
while ((line = reader.readLine()) != null) {
System.out.println(line);
}
} catch (IOException e) {
e.printStackTrace();
}
}
public static String createQuery()
{
String dateFormat="EEE, dd MMM yyyy hh:mm:ss zzz";
SimpleDateFormat dateFormatGmt = new SimpleDateFormat(dateFormat);
dateFormatGmt.setTimeZone(TimeZone.getTimeZone("UTC"));
String date=dateFormatGmt.format(new Date());
String Signature="GET\n\n\n\n\n\n\n\n\n\n\n\n" +
"x-ms-date:" +date+
"\nx-ms-version:2009-09-19" ;
// I do not know CANOCALIZED RESOURCE
//WHAT ARE THEY??
// +"\n/myaccount/myaccount/mycontainer\ncomp:metadata\nrestype:container\ntimeout:20";
String SharedKey="SharedKey";
String AccountName="MYACCOUNT";
String encryptedSignature=(encrypt(Signature));
String auth=""+SharedKey+" "+AccountName+":"+encryptedSignature;
return auth;
}
public static String encrypt(String clearTextPassword) {
try {
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(clearTextPassword.getBytes());
return new sun.misc.BASE64Encoder().encode(md.digest());
} catch (NoSuchAlgorithmException e) {
}
return "";
}
}
However , I get the following error when I run this main class...
RUNNIGN
java.io.IOException: Server returned HTTP response code: 403 for URL: https://klabs.blob.core.windows.net/delete/Blob_1
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at main.MainClass.main(MainClass.java:61)
Question1: Why this error, did I miss any header/parameter?
Question2: Do I need to add headers in the first place, because I am able to hit the request from the browser without any issues.
Question3: Can it be an SSL issue? What is the concept of certificates, and how and where to add them? Do I really need them? Will I need them later, when I do bigger operations on my blob storage(I want to manage a thousand blobs)?
Will be thankful for any reference as well, within Azure and otherwise that could help me understand better.
:D
AFTER A FEW DAYS
Below is my new code for PutBlob I azure. I believe I have fully resolved all header and parameter issues and my request is perfect. However I am still getting the same 403. I do not know what the issue is. Azure is proving to be pretty difficult.
A thing to note is that the containers name is delete, and I want to create a blob inside it, say newBlob. I tried to initialize the urlPath in the code below with both "delete" and "delete/newBlob".
Does not work..
package main;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.TimeZone;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
public class Internet {
static String key="password";
static String account="klabs";
private static Base64 base64 ;
private static String createAuthorizationHeader(String canonicalizedString) throws InvalidKeyException, Base64DecodingException, NoSuchAlgorithmException, IllegalStateException, UnsupportedEncodingException {
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(base64.decode(key), "HmacSHA256"));
String authKey = new String(base64.encode(mac.doFinal(canonicalizedString.getBytes("UTF-8"))));
String authStr = "SharedKey " + account + ":" + authKey;
return authStr;
}
public static void main(String[] args) {
System.out.println("INTERNET");
String key="password";
String account="klabs";
long blobLength="Dipanshu Verma wrote this".getBytes().length;
File f = new File("C:\\Users\\Dipanshu\\Desktop\\abc.txt");
String requestMethod = "PUT";
String urlPath = "delete";
String storageServiceVersion = "2009-09-19";
SimpleDateFormat fmt = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:sss");
fmt.setTimeZone(TimeZone.getTimeZone("UTC"));
String date = fmt.format(Calendar.getInstance().getTime()) + " UTC";
String blobType = "BlockBlob";
String canonicalizedHeaders = "x-ms-blob-type:"+blobType+"\nx-ms-date:"+date+"\nx-ms-version:"+storageServiceVersion;
String canonicalizedResource = "/"+account+"/"+urlPath;
String stringToSign = requestMethod+"\n\n\n"+blobLength+"\n\n\n\n\n\n\n\n\n"+canonicalizedHeaders+"\n"+canonicalizedResource;
try {
String authorizationHeader = createAuthorizationHeader(stringToSign);
URL myUrl = new URL("https://klabs.blob.core.windows.net/" + urlPath);
HttpURLConnection connection=(HttpURLConnection)myUrl.openConnection();
connection.setRequestProperty("x-ms-blob-type", blobType);
connection.setRequestProperty("Content-Length", String.valueOf(blobLength));
connection.setRequestProperty("x-ms-date", date);
connection.setRequestProperty("x-ms-version", storageServiceVersion);
connection.setRequestProperty("Authorization", authorizationHeader);
connection.setDoOutput(true);
connection.setRequestMethod("POST");
System.out.println(String.valueOf(blobLength));
System.out.println(date);
System.out.println(storageServiceVersion);
System.out.println(stringToSign);
System.out.println(authorizationHeader);
System.out.println(connection.getDoOutput());
DataOutputStream outStream = new DataOutputStream(connection.getOutputStream());
// Send request
outStream.writeBytes("Dipanshu Verma wrote this");
outStream.flush();
outStream.close();
DataInputStream inStream = new DataInputStream(connection.getInputStream());
System.out.println("BULLA");
String buffer;
while((buffer = inStream.readLine()) != null) {
System.out.println(buffer);
}
// Close I/O streams
inStream.close();
outStream.close();
} catch (InvalidKeyException | Base64DecodingException | NoSuchAlgorithmException | IllegalStateException | UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
I know only a proper code reviewer might be able to help me, please do it if you can.
Thanks
Question1: Why this error, did I miss any header/parameter?
Most likely you're getting this error is because of incorrect signature. Please refer to MSDN documentation for creating correct signature: http://msdn.microsoft.com/en-us/library/azure/dd179428.aspx. Unless your signature is correct you'll not be able to perform operations using REST API.
Question2: Do I need to add headers in the first place, because I am
able to hit the request from the browser without any issues.
In your current scenario, because you can access the blob directly (which in turn means the container in which the blob exist has Public or Blob ACL) you don't really need to use REST API. You can simply make a HTTP request using Java and read the response stream which will have blob contents. You would need to go down this route if the container ACL is Private because in this case your requests need to be authenticated and the code above creates an authenticated request.
Question3: Can it be an SSL issue? What is the concept of
certificates, and how and where to add them? Do I really need them?
Will I need them later, when I do bigger operations on my blob
storage(I want to manage a thousand blobs)?
No, it is not an SSL issue. Its an issue with incorrect signature.
Finally found the mistake!!
In the code above , I was using a String "password" as key for my SHA2
base64.decode(key)
It should have been the key associated with my account with AZURE.
Silly One!! Took me 2 weeks to find.
We wish to buy a wild-card SSL certificate as we have a lot of sub-domains. However I don't know if Java trusts wild-card certificates. As people connect into our API via SSL it will not be sufficient for us to force all third parties we communicate with to add our SSL certificate into their local truststore.
At the moment I'm facing a dilemma to buy a wildcard certificate from a java trusted issuer or buy multiple certs one per sub-domain.
Do other languages also have a truststore? If so does anyone know if wildcard certificates work with them also.
The default implementation in Sun's JSSE doesn't support wildcard. You need to write your own X509TrustManager to handle wildcard.
However, Java supports SAN (Subject Alternative Names) since Java 5. If you have less than 20 names, you can get one certificate for all of them. It may be cheaper than a wildcard cert.
I've attempted this with java 6.
It appears to work correctly. I've succesfully read headers and body content from a file that had a wildcard SSL certificate.
package com.example.test;
import java.io.DataInputStream;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
public class SSLTEST {
public static void main(String[] args) {
try {
URL url = new URL("https://test.example.com/robots.txt");
URLConnection connection = null;
try {
connection = url.openConnection();
} catch (IOException e) {
e.printStackTrace();
}
Map<String, List<String>> fields = connection.getHeaderFields();
Iterator<Entry<String, List<String>>> headerIterator = fields.entrySet().iterator();
System.out.println("HEADERS");
System.out.println("-------------------------------");
while (headerIterator.hasNext()){
Entry<String, List<String>> header = headerIterator.next();
System.out.println(header.getKey()+" :");
Iterator<String> valueIterator = header.getValue().iterator();
while (valueIterator.hasNext()){
System.out.println("\t"+valueIterator.next());
}
}
String inputLine;
DataInputStream input = new DataInputStream(connection.getInputStream());
System.out.println("BODY CONTENT");
System.out.println("-------------------------------");
while ((inputLine = input.readLine()) != null) {
System.out.println(inputLine);
}
} catch (MalformedURLException e) {
System.err.println(e);
} catch (IOException e) {
e.printStackTrace();
}
}
}
EDIT I've just recieved confirmation that this works on java 1.5