I am struggling with what seams basic but can not get my head around it. I hava a spring boot application which should expose a rest url.
I am doing it like:
@RestController
@RequestMapping(value = "/api")
public class MdmhController {
@Resource
private MdmhClient mdmhClient;
@RequestMapping(
method = RequestMethod.GET,
value = "/myEntityNames",
produces = { MediaType.APPLICATION_JSON_UTF8_VALUE }
)
ResponseEntity<Iterable<String>> getMyEntityNames() {
MyEntity[] myEntities =
mdmhClient.getMyentitis();
Set<String> myEntityNames= new HashSet<>();
for (MyEntity me : myEntities ) {
myEntityNames.add(me.getName());
}
return new ResponseEntity<Iterable<String>>(myEntityNames, HttpStatus.OK);
}
}
As you can see it consumes another service which I am trying to implement with a feign client:
@Import(FeignClientsConfiguration.class)
@Component
public class MdmhClientImpl implements MdmhClient {
private final Decoder decoder;
private final Encoder encoder;
private MdmhClient mdmhClient;
@Value("${mdmh.serviceId}") // injected by sprins yaml e.g. url-to-service.com
private String mdmhServiceId;
@Autowired
public MdmhClientImpl(
final Decoder decoder, final Encoder encoder) {
this.decoder = decoder;
this.encoder = encoder;
}
@Override
public MyEntity[] getMyEntities() {
if (mdmhClient == null) {
mdmhClient = Feign.builder()
.encoder(encoder)
.decoder(decoder)
.client(new Client.Default(TrustingSSLSocketFactory.get(), null))
.target(MdmhClient.class, "https://" + mdmhServiceId);
}
return mdmhClient.getMyEntity();
}
}
The interface looks like:
@RestController
@RequestMapping(value = "/api")
public interface MdmhClient {
@RequestLine("GET mdmh/service/v2/myentities")
@Headers({ "accept: application/json" })
MyEntity[] getMyEntities();
}
When MdmhClient does give me the exception at mdmhClient.getEntity() call:
SunCertPathBuilderException: unable to find valid certification path to requested target.
I know to solve this I need to import the certificate to the jre. I am running Intellij IDE and set the path of jdk of my project to:
C:\Program Files\Java\jdk1.8.0_65
I also accessed the webservice through firefox:
https://url-to-service.com/mdmh/service/v2/myentities
and downloaded the certificate which I imported to:
C:\Program Files\Java\jdk1.8.0_65\jre\lib\security\cacerts
But I do still get the error. Out of frustration I importet the certificate to all installed jdks, still same.
and added it to my MdmhClient like:
@Override
public MyEntity[] getMyEntities() {
if (mdmhClient == null) {
Client client = new Client.Default(
TrustingSSLSocketFactory.get(),
new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
mdmhClient = Feign.builder()
.encoder(encoder)
.decoder(decoder)
.client(new Client.Default(TrustingSSLSocketFactory.get(), null))
.target(MdmhClient.class, "https://" + mdmhServiceId);
}
return mdmhClient.getMyEntities();
}
after this I am getting an AccessDenied response from my called service.
ERROR [081-exec-3] 17.08.17 08:26:28.868 org.apache.juli.logging.DirectJDKLog@log: Servlet.service() for servlet [dispatcherServlet] in context with path [/lic] threw exception [Request processing failed; nested exception is feign.FeignException: status 403 reading MdmhClient#getFamilyVersions(); content:
<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD>
<BODY>
<FONT f...
But I am 100% sure that I do not need authentication. As I can enter the URL to the browser without modifying headers and get a result.
I hope you can help me or give me some hints how to solve this.
Thank you
It looks like your client is accessing the service thru a proxy server. The proxy server requires authentication and thus responds with 403 and uses a different certificate (chain) and thus importing the certificate you got from the web service doesn't help.