下载后解压,可以看到local_policy.jar和US_export_policy.jar以及readme.txt。如果安装了JRE,将两个jar文件放到%JRE_HOME% \lib\security目录下覆盖原来的文件,如果安装了JDK,将两个jar文件放到%JDK_HOME%\jre\lib\security目录下覆盖原来文件
可以用框架,可以用其方式,看自己喜好~
我的应用架构图:
核心配置、核心代码:
public class CoreServlet extends HttpServlet{
private String token = "xxxxxxx"; //可用户自动生成、可自定义,需应用与后台一致
private String encodingAESKey = "xxxxxxx"; //自动生成密钥
private String corpId = "xxxxxxx"; //企业号ID
/**
*
*/
private static final long serialVersionUID = 4440739483644821986L;
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 微信加密签名
String msg_signature = request.getParameter("msg_signature");
// 时间戳
String timestamp = request.getParameter("timestamp");
// 随机数
String nonce = request.getParameter("nonce");
// 随机字符串
String echostr = request.getParameter("echostr");
System.out.println("request=" + request.getRequestURL());
PrintWriter out = response.getWriter();
// 通过检验signature对请求进行校验,若校验成功则原样返回echostr,表示接入成功,否则接入失败
String result = null;
try {
WXBizMsgCrypt wxcpt = new WXBizMsgCrypt(token,encodingAESKey,corpId);
result = wxcpt.VerifyURL(msg_signature, timestamp, nonce, echostr);
} catch (AesException e) {
e.printStackTrace();
}
if (result == null) {
result = token;
}
// else{
// result = token;
String str = msg_signature+" "+timestamp+" "+nonce+" "+echostr;
System.out.println("Exception:"+result+" "+ request.getRequestURL()+" "+"FourParames:"+str);
// }
out.print(result);
out.close();
out = null;
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 调用核心业务类接收消息、处理消息
String respMessage = CoreService.processRequest(request);
System.out.println("respMessage=" + respMessage);
// 响应消息
PrintWriter out = response.getWriter();
out.print(respMessage);
out.close();
}
}
回调配置结果: