我正在尝试使用HttpClientlib 进行HTTPS连接,但问题在于,由于证书未由Verisign,GlobalSIgn等公认的证书颁发机构(CA)签署,并列在Android受信任证书集上,我一直在javax.net.ssl.SSLException: Not trusted server certificate.
我已经看到了你只接受所有证书的解决方案,但如果我想询问用户该怎么办?
我想得到一个类似于浏览器的对话框,让用户决定是否继续.我最好使用与浏览器相同的证书库.有任何想法吗?
我正在将工作XML配置迁移到Spring Security OAuth2的Java配置,并使用Google作为OAuth提供程序.
这是我的java配置的外观:
@Configuration
@EnableWebMvcSecurity
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
private static final List<String> scope;
static {
// Permissions to access email and profile
scope = new ArrayList<>(3);
scope.add("openid");
scope.add("email");
scope.add("profile");
}
@Autowired(required = true)
private UserService userService;
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.
authorizeRequests()
.antMatchers(HttpMethod.GET, "/","/public/**", "/resources/**","/resources/public/**").permitAll()
//.antMatchers("/google_oauth2_login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/")
.loginProcessingUrl("/login")
.defaultSuccessUrl("/home")
.and()
.csrf().disable() …