diff --git a/src/main/java/com/hisense/monitormanage/controller/FordController.java b/src/main/java/com/hisense/monitormanage/controller/FordController.java index b618e49f..e3f8e12 100644 --- a/src/main/java/com/hisense/monitormanage/controller/FordController.java +++ b/src/main/java/com/hisense/monitormanage/controller/FordController.java @@ -2,35 +2,93 @@ package com.hisense.monitormanage.controller; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; +import lombok.extern.log4j.Log4j2; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; +import javax.net.ssl.*; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.InputStream; import java.net.URL; import java.net.URLConnection; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; @Controller @Api(tags = "转发") +@Log4j2 public class FordController { + /** + * 覆盖java默认的证书验证 + */ + private static final TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return new java.security.cert.X509Certificate[]{}; + } + + public void checkClientTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + } + + public void checkServerTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + } + }}; + + /** + * 设置不验证主机 + */ + private static final HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() { + public boolean verify(String hostname, SSLSession session) { + return true; + } + }; + + /** + * 信任所有 + * + * @param connection + * @return + */ + private static SSLSocketFactory trustAllHosts(HttpsURLConnection connection) { + SSLSocketFactory oldFactory = connection.getSSLSocketFactory(); + try { + SSLContext sc = SSLContext.getInstance("TLS"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + SSLSocketFactory newFactory = sc.getSocketFactory(); + connection.setSSLSocketFactory(newFactory); + } catch (Exception e) { + e.printStackTrace(); + } + return oldFactory; + } @GetMapping("components/**") @ApiOperation("前端访问图片请求转发") public void ford(HttpServletRequest request, HttpServletResponse response) { - String imageDomain = "http://10.132.191.48:30080"; + String imageDomain = "https://10.132.191.47:30443"; String uri = request.getRequestURI(); - String fordUrl = imageDomain + uri; + String fordUrl = imageDomain + uri + "?" + request.getQueryString(); URLConnection con = null; + log.info("图片地址:" + fordUrl); try { URL url = new URL(fordUrl); con = url.openConnection(); + if (imageDomain.startsWith("https")) { + HttpsURLConnection https = (HttpsURLConnection) con; + trustAllHosts(https); + https.setHostnameVerifier(DO_NOT_VERIFY); + con = https; + } + + //允许写出 con.setDoOutput(true); //允许读入