Java JAX-WS:使用WSSE安全的Web服务
因此,我试图使用WSSE安全(usernametoken)Web服务,我创建了一个SoapHandler,但我没有看到它被调用(我实际上在处理程序中填充了断点,并且它没有停止在那里),当然还有一个事实,那就是我得到了一个Soap错误(见下文)。知道我把事情搞砸了吗Java JAX-WS:使用WSSE安全的Web服务,java,web-services,jakarta-ee,soap,jax-ws,Java,Web Services,Jakarta Ee,Soap,Jax Ws,因此,我试图使用WSSE安全(usernametoken)Web服务,我创建了一个SoapHandler,但我没有看到它被调用(我实际上在处理程序中填充了断点,并且它没有停止在那里),当然还有一个事实,那就是我得到了一个Soap错误(见下文)。知道我把事情搞砸了吗 在CommonConstants中,我刚刚从SOAPUI粘贴了整个WSSE头 在IntegrationBean中,我(理论上)将处理程序绑定到wsi生成的代理并调用安全服务 在WSSEHandler中,我正在执行所有的黑魔法。捕获S
- 在CommonConstants中,我刚刚从SOAPUI粘贴了整个WSSE头
- 在IntegrationBean中,我(理论上)将处理程序绑定到wsi生成的代理并调用安全服务
- 在WSSEHandler中,我正在执行所有的黑魔法。捕获SOAP头并附加WSSE头。这是一个充满断点的地方,断点不会被击中
javax.xml.ws.soap.SOAPFaultException: No username available
CommonConstants.java
public static String WSSE_USENAME_TOKEN_HEADER = "<wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">\n"
+ " <wsse:UsernameToken>\n"
+ " <wsse:Username>**USERNAME**</wsse:Username>\n"
+ " <wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">**PASSWORD**</wsse:Password>\n"
+ " </wsse:UsernameToken>\n"
+ "</wsse:Security>";
public String testMethod() throws Exception {
String result = "";
CisChannelPort cisChannel = new ChannelService().getCisChannelPort();
Binding binding = ((BindingProvider) cisChannel).getBinding();
List<Handler> handlerList = binding.getHandlerChain();
handlerList.add(new WSSEHandler());
binding.setHandlerChain(handlerList);
try {
List<Channel> response = cisChannel.getallChannels(null).getChannels().getChannel();
for (Channel c : response) {
result += c.getNameChannel() + " -- ";
LOG.info(PACKAGE + "Found Channel: " + c.getNameChannel());
}
} catch (Exception ex) {
LOG.info(PACKAGE + "Error consumiendo el servicio");
LOG.error(PACKAGE + ex.getMessage());
throw new Exception("Error consumiendo el servicio");
}
return result;
}
public class WSSEHandler implements SOAPHandler<SOAPMessageContext> {
private static final String PACKAGE = "[co.com.tigo.test.integration.ejb.impl.WSSEHandler] ";
public WSSEHandler() {
}
@Override
public Set<QName> getHeaders() {
return Collections.emptySet();
}
@Override
public boolean handleMessage(SOAPMessageContext context) {
CommonConstants.LOG.info(PACKAGE + "Begin HandleMessage");
Boolean outboundProperty = (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
if (outboundProperty) {
CommonConstants.LOG.info(PACKAGE + "Outbound Message Detected");
try {
addSecurityHeader(context);
} catch (Exception ex) {
CommonConstants.LOG.info(PACKAGE + "Error while setting WSSE Headers");
CommonConstants.LOG.error(PACKAGE + ex.getClass().getCanonicalName() + " - " + ex.getMessage());
return false;
}
}
return true;
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return true;
}
@Override
public void close(MessageContext context) {
}
private void addSecurityHeader(SOAPMessageContext messageContext) throws SOAPException, SAXException, IOException {
LOG.info(PACKAGE + "Adding Security Header");
SOAPHeader header = messageContext.getMessage().getSOAPPart().getEnvelope().getHeader();
if (header == null) {
header = messageContext.getMessage().getSOAPPart().getEnvelope().addHeader();
}
DOMParser parser = new DOMParser();
parser.parse(new InputSource(new java.io.StringReader(CommonConstants.WSSE_USENAME_TOKEN_HEADER)));
Node doc = (Node) parser.getDocument();
header.appendChild(doc);
}
公共静态字符串WSSE\u USENAME\u TOKEN\u HEADER=“\n”
+“\n”
+“**用户名**\n”
+“**密码**\n”
+“\n”
+ "";
IntegrationBean.java
public static String WSSE_USENAME_TOKEN_HEADER = "<wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">\n"
+ " <wsse:UsernameToken>\n"
+ " <wsse:Username>**USERNAME**</wsse:Username>\n"
+ " <wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">**PASSWORD**</wsse:Password>\n"
+ " </wsse:UsernameToken>\n"
+ "</wsse:Security>";
public String testMethod() throws Exception {
String result = "";
CisChannelPort cisChannel = new ChannelService().getCisChannelPort();
Binding binding = ((BindingProvider) cisChannel).getBinding();
List<Handler> handlerList = binding.getHandlerChain();
handlerList.add(new WSSEHandler());
binding.setHandlerChain(handlerList);
try {
List<Channel> response = cisChannel.getallChannels(null).getChannels().getChannel();
for (Channel c : response) {
result += c.getNameChannel() + " -- ";
LOG.info(PACKAGE + "Found Channel: " + c.getNameChannel());
}
} catch (Exception ex) {
LOG.info(PACKAGE + "Error consumiendo el servicio");
LOG.error(PACKAGE + ex.getMessage());
throw new Exception("Error consumiendo el servicio");
}
return result;
}
public class WSSEHandler implements SOAPHandler<SOAPMessageContext> {
private static final String PACKAGE = "[co.com.tigo.test.integration.ejb.impl.WSSEHandler] ";
public WSSEHandler() {
}
@Override
public Set<QName> getHeaders() {
return Collections.emptySet();
}
@Override
public boolean handleMessage(SOAPMessageContext context) {
CommonConstants.LOG.info(PACKAGE + "Begin HandleMessage");
Boolean outboundProperty = (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
if (outboundProperty) {
CommonConstants.LOG.info(PACKAGE + "Outbound Message Detected");
try {
addSecurityHeader(context);
} catch (Exception ex) {
CommonConstants.LOG.info(PACKAGE + "Error while setting WSSE Headers");
CommonConstants.LOG.error(PACKAGE + ex.getClass().getCanonicalName() + " - " + ex.getMessage());
return false;
}
}
return true;
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return true;
}
@Override
public void close(MessageContext context) {
}
private void addSecurityHeader(SOAPMessageContext messageContext) throws SOAPException, SAXException, IOException {
LOG.info(PACKAGE + "Adding Security Header");
SOAPHeader header = messageContext.getMessage().getSOAPPart().getEnvelope().getHeader();
if (header == null) {
header = messageContext.getMessage().getSOAPPart().getEnvelope().addHeader();
}
DOMParser parser = new DOMParser();
parser.parse(new InputSource(new java.io.StringReader(CommonConstants.WSSE_USENAME_TOKEN_HEADER)));
Node doc = (Node) parser.getDocument();
header.appendChild(doc);
}
public String testMethod()引发异常{
字符串结果=”;
CisChannelPort cisChannel=new ChannelService().getCisChannelPort();
Binding Binding=((BindingProvider)cisChannel.getBinding();
List handlerList=binding.getHandlerChain();
add(新的WSSEHandler());
绑定。setHandlerChain(handlerList);
试一试{
列表响应=cisChannel.getallChannels(null).getChannels().getChannel();
用于(通道c:响应){
结果+=c.getNameChannel()+“--”;
LOG.info(包+”找到的通道:“+c.getNameChannel());
}
}捕获(例外情况除外){
日志信息(软件包+“错误consumiendo el-servicio”);
LOG.error(包+ex.getMessage());
抛出新异常(“错误consumiendo el servicio”);
}
返回结果;
}
WSSEHandler.java
public static String WSSE_USENAME_TOKEN_HEADER = "<wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">\n"
+ " <wsse:UsernameToken>\n"
+ " <wsse:Username>**USERNAME**</wsse:Username>\n"
+ " <wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">**PASSWORD**</wsse:Password>\n"
+ " </wsse:UsernameToken>\n"
+ "</wsse:Security>";
public String testMethod() throws Exception {
String result = "";
CisChannelPort cisChannel = new ChannelService().getCisChannelPort();
Binding binding = ((BindingProvider) cisChannel).getBinding();
List<Handler> handlerList = binding.getHandlerChain();
handlerList.add(new WSSEHandler());
binding.setHandlerChain(handlerList);
try {
List<Channel> response = cisChannel.getallChannels(null).getChannels().getChannel();
for (Channel c : response) {
result += c.getNameChannel() + " -- ";
LOG.info(PACKAGE + "Found Channel: " + c.getNameChannel());
}
} catch (Exception ex) {
LOG.info(PACKAGE + "Error consumiendo el servicio");
LOG.error(PACKAGE + ex.getMessage());
throw new Exception("Error consumiendo el servicio");
}
return result;
}
public class WSSEHandler implements SOAPHandler<SOAPMessageContext> {
private static final String PACKAGE = "[co.com.tigo.test.integration.ejb.impl.WSSEHandler] ";
public WSSEHandler() {
}
@Override
public Set<QName> getHeaders() {
return Collections.emptySet();
}
@Override
public boolean handleMessage(SOAPMessageContext context) {
CommonConstants.LOG.info(PACKAGE + "Begin HandleMessage");
Boolean outboundProperty = (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
if (outboundProperty) {
CommonConstants.LOG.info(PACKAGE + "Outbound Message Detected");
try {
addSecurityHeader(context);
} catch (Exception ex) {
CommonConstants.LOG.info(PACKAGE + "Error while setting WSSE Headers");
CommonConstants.LOG.error(PACKAGE + ex.getClass().getCanonicalName() + " - " + ex.getMessage());
return false;
}
}
return true;
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return true;
}
@Override
public void close(MessageContext context) {
}
private void addSecurityHeader(SOAPMessageContext messageContext) throws SOAPException, SAXException, IOException {
LOG.info(PACKAGE + "Adding Security Header");
SOAPHeader header = messageContext.getMessage().getSOAPPart().getEnvelope().getHeader();
if (header == null) {
header = messageContext.getMessage().getSOAPPart().getEnvelope().addHeader();
}
DOMParser parser = new DOMParser();
parser.parse(new InputSource(new java.io.StringReader(CommonConstants.WSSE_USENAME_TOKEN_HEADER)));
Node doc = (Node) parser.getDocument();
header.appendChild(doc);
}
public类WSSEHandler实现SOAPHandler{
私有静态最终字符串包=“[co.com.tigo.test.integration.ejb.impl.WSSEHandler]”;
公共WSSEHandler(){
}
@凌驾
公共集getHeaders(){
返回集合;
}
@凌驾
公共布尔handleMessage(SOAPMessageContext上下文){
CommonConstants.LOG.info(包+“BeginHandleMessage”);
Boolean outboundProperty=(Boolean)context.get(MessageContext.MESSAGE\u OUTBOUND\u PROPERTY);
if(外部属性){
CommonConstants.LOG.info(包+“检测到出站消息”);
试一试{
addSecurityHeader(上下文);
}捕获(例外情况除外){
CommonConstants.LOG.info(包+“设置WSSE头时出错”);
CommonConstants.LOG.error(包+ex.getClass().getCanonicalName()+“-”+ex.getMessage());
返回false;
}
}
返回true;
}
@凌驾
公共布尔handleFault(SOAPMessageContext上下文){
返回true;
}
@凌驾
公共无效关闭(MessageContext上下文){
}
私有void addSecurityHeader(SOAPMessageContext messageContext)引发SOAPException、SAXException、IOException{
LOG.info(包+“添加安全头”);
SOAPHeader header=messageContext.getMessage().getSOAPPart().getEnvelope().getHeader();
if(头==null){
header=messageContext.getMessage().getSOAPPart().getEnvelope().addHeader();
}
DOMParser parser=新的DOMParser();
parse(新的InputSource(新的java.io.StringReader(CommonConstants.WSSE_USENAME_TOKEN_HEADER));
Node doc=(Node)parser.getDocument();
header.appendChild(doc);
}
}您如何调用此服务?@MuhammadSuleman List response=cisChannel.getallChannels(null.getChannels().getChannel();