Java Reference
In-Depth Information
return
return new
new
PasswordAuthentication
(
username
.
get
(),
password
.
get
().
toCharArray
());
}
}
The
ThreadLocal
class is a standard class that comes with the JDK. When you call
set()
on it, the value will be stored and associated with the calling thread. Each thread can have its
own value.
ThreadLocal.get()
returns the thread's current stored value. So, using this class
would look like this:
Authenticator
.
setDefault
(
new
new
MultiThreadedAuthenticator
());
MultiThreadedAuthenticator
.
setThreadUsername
(
"bill"
);
MultiThreadedAuthenticator
.
setThreadPassword
(
"geheim"
);
Client Certificate Authentication
Client Certificate Authentication is a little different. First, you must generate a client certific-
ate using the
keytool
command-line utility that comes with the JDK:
$ <JAVA_HOME>/bin/keytool -genkey -alias client-alias -keyalg RSA
-keypass changeit -storepass changeit -keystore keystore.jks
Next, you must export the certificate into a file so it can be imported into a truststore:
$ <JAVA_HOME>/bin/keytool -export -alias client-alias
-storepass changeit -file client.cer -keystore keystore.jks
Finally, you create a truststore and import the created client certificate:
$ <JAVA_HOME>\bin\keytool -import -v -trustcacerts
-alias client-alias -file client.cer
-keystore cacerts.jks
-keypass changeit -storepass changeit
Now that you have a truststore, use it to create a
javax.net.ssl.SSLSocketFactory
within
your client code:
import
import
javax.net.ssl.SSLContext
javax.net.ssl.SSLContext
;
import
import
javax.net.ssl.KeyManagerFactory
javax.net.ssl.KeyManagerFactory
;
import
import
javax.net.ssl.SSLSocketFactory
javax.net.ssl.SSLSocketFactory
;
import
import
java.security.SecureRandom
java.security.SecureRandom
;
import
import
java.security.KeyStore
java.security.KeyStore
;
import
import
java.io.FileInputStream
java.io.FileInputStream
;
import
import
java.io.InputStream
java.io.InputStream
;
import
import
java.io.File
java.io.File
;
public
public class
class
MyClient
MyClient
{
