Java 在Mule 4中使用具有相互身份验证(加密和签名)的SOAP RPC WSDL?
我目前正在尝试与一个服务器集成,该服务器提供了一个rpcsdl,并且需要使用加密进行相互身份验证,并使用密钥和证书进行签名。这显然会导致一些陷阱Java 在Mule 4中使用具有相互身份验证(加密和签名)的SOAP RPC WSDL?,java,xml,encryption,soap,mule,Java,Xml,Encryption,Soap,Mule,我目前正在尝试与一个服务器集成,该服务器提供了一个rpcsdl,并且需要使用加密进行相互身份验证,并使用密钥和证书进行签名。这显然会导致一些陷阱 Mule 4中的Web服务使用者不支持RPC样式的WSDL Mule 4不支持CXF连接器进行加密/签名 策略 我的第一个直觉是使用Crypto模块的Xml加密和Xml签名函数,但即使它们似乎也不像我希望的那样工作 我已经验证了我可以使用我尝试过的端点在SOAPUI中连接服务器并向服务器发出请求,因此我相当确信我的密钥库及其包含的证书/密钥是有
- Mule 4中的Web服务使用者不支持RPC样式的WSDL
- Mule 4不支持CXF连接器进行加密/签名 策略
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns:java="http://www.mulesoft.org/schema/mule/java"
xmlns:ee="http://www.mulesoft.org/schema/mule/ee/core" xmlns:crypto="http://www.mulesoft.org/schema/mule/crypto"
xmlns:xml-module="http://www.mulesoft.org/schema/mule/xml-module"
xmlns:http="http://www.mulesoft.org/schema/mule/http"
xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:wsc="http://www.mulesoft.org/schema/mule/wsc" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/wsc http://www.mulesoft.org/schema/mule/wsc/current/mule-wsc.xsd
http://www.mulesoft.org/schema/mule/xml-module http://www.mulesoft.org/schema/mule/xml-module/current/mule-xml-module.xsd
http://www.mulesoft.org/schema/mule/crypto http://www.mulesoft.org/schema/mule/crypto/current/mule-crypto.xsd
http://www.mulesoft.org/schema/mule/ee/core http://www.mulesoft.org/schema/mule/ee/core/current/mule-ee.xsd
http://www.mulesoft.org/schema/mule/java http://www.mulesoft.org/schema/mule/java/current/mule-java.xsd">
<flow name="findByEntityID" doc:id="acf92d9b-6b4c-4c78-b635-0e5c1d13c934" >
<ee:transform doc:name="Transform Message" doc:id="337ca43e-e1ec-40ae-aded-aae493aa12da" >
<ee:message >
<ee:set-payload ><![CDATA[%dw 2.0
output application/xml
ns ns0 http://schemas.xmlsoap.org/soap/envelope/
ns ns01 urn:SearchService
---
{
ns0#Envelope: {
ns0#Header: null,
ns0#Body: {
ns01#findByEntityID: {
entityID: vars.entityId
}
}
}
}]]></ee:set-payload>
</ee:message>
</ee:transform>
<crypto:xml-encrypt doc:name="Xml encrypt" doc:id="a709005e-7748-4fb7-8ea7-7b8fbe5d4385" config-ref="Crypto_Jce" keyId="dbpr"/>
<crypto:xml-sign doc:name="Xml sign" doc:id="cc41fbde-07c0-496c-8747-77870c72703e" config-ref="Crypto_Jce" keyId="dbpr"/>
<http:request method="GET" doc:name="Request" doc:id="f39066b8-1b57-4165-8623-acae63701b54" config-ref="Request_Config" path="/payitservicedev/SearchService"/>
<logger level="DEBUG" doc:name="Logger" doc:id="6fe7e2b6-a7ee-42a1-83c4-1100cccacb41" message="#[payload]"/>
</flow>
</mule>
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns:apikit-soap="http://www.mulesoft.org/schema/mule/apikit-soap" xmlns:wsc="http://www.mulesoft.org/schema/mule/wsc"
xmlns:tls="http://www.mulesoft.org/schema/mule/tls" xmlns:crypto="http://www.mulesoft.org/schema/mule/crypto"
xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/tls http://www.mulesoft.org/schema/mule/tls/current/mule-tls.xsd
http://www.mulesoft.org/schema/mule/wsc http://www.mulesoft.org/schema/mule/wsc/current/mule-wsc.xsd
http://www.mulesoft.org/schema/mule/crypto http://www.mulesoft.org/schema/mule/crypto/current/mule-crypto.xsd">
<tls:context name="TLS_Context" doc:name="TLS Context" doc:id="ffe423b2-3655-4ad6-a2d8-aa607d1051cc" >
<tls:trust-store path="clientKeystore.jks" password="cspass" type="pkcs12" insecure="true" />
<tls:key-store type="pkcs12" path="clientKeystore.jks" alias="clientkey" keyPassword="password" password="password"/>
</tls:context>
<http:request-config name="Request_Config" doc:name="HTTP Request configuration" doc:id="c3d773e0-538a-4d8a-bbec-d928339235c0">
<http:request-connection host="payit.dbpr.state.fl.us" protocol="HTTPS" port="443" tlsContext="TLS_Context"/>
</http:request-config>
<http:listener-config name="TestListener" doc:name="HTTP Listener config" doc:id="6c0d875d-2dcd-4f05-85c0-306852628d4e" basePath="/api" >
<http:listener-connection host="0.0.0.0" port="8081" />
</http:listener-config>
<crypto:jce-config name="Crypto_Jce" doc:name="Crypto Jce" doc:id="824a4e64-701e-4f57-a9d7-378ff8310aa8" keystore=".../src/main/resources/clientKeystore.jks" type="PKCS12" password="cspass" >
<crypto:jce-key-infos >
<crypto:jce-symmetric-key-info keyId="clientkey" alias="clientkey" password="password" />
</crypto:jce-key-infos>
</crypto:jce-config>
</mule>
global.xml
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns:java="http://www.mulesoft.org/schema/mule/java"
xmlns:ee="http://www.mulesoft.org/schema/mule/ee/core" xmlns:crypto="http://www.mulesoft.org/schema/mule/crypto"
xmlns:xml-module="http://www.mulesoft.org/schema/mule/xml-module"
xmlns:http="http://www.mulesoft.org/schema/mule/http"
xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:wsc="http://www.mulesoft.org/schema/mule/wsc" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/wsc http://www.mulesoft.org/schema/mule/wsc/current/mule-wsc.xsd
http://www.mulesoft.org/schema/mule/xml-module http://www.mulesoft.org/schema/mule/xml-module/current/mule-xml-module.xsd
http://www.mulesoft.org/schema/mule/crypto http://www.mulesoft.org/schema/mule/crypto/current/mule-crypto.xsd
http://www.mulesoft.org/schema/mule/ee/core http://www.mulesoft.org/schema/mule/ee/core/current/mule-ee.xsd
http://www.mulesoft.org/schema/mule/java http://www.mulesoft.org/schema/mule/java/current/mule-java.xsd">
<flow name="findByEntityID" doc:id="acf92d9b-6b4c-4c78-b635-0e5c1d13c934" >
<ee:transform doc:name="Transform Message" doc:id="337ca43e-e1ec-40ae-aded-aae493aa12da" >
<ee:message >
<ee:set-payload ><![CDATA[%dw 2.0
output application/xml
ns ns0 http://schemas.xmlsoap.org/soap/envelope/
ns ns01 urn:SearchService
---
{
ns0#Envelope: {
ns0#Header: null,
ns0#Body: {
ns01#findByEntityID: {
entityID: vars.entityId
}
}
}
}]]></ee:set-payload>
</ee:message>
</ee:transform>
<crypto:xml-encrypt doc:name="Xml encrypt" doc:id="a709005e-7748-4fb7-8ea7-7b8fbe5d4385" config-ref="Crypto_Jce" keyId="dbpr"/>
<crypto:xml-sign doc:name="Xml sign" doc:id="cc41fbde-07c0-496c-8747-77870c72703e" config-ref="Crypto_Jce" keyId="dbpr"/>
<http:request method="GET" doc:name="Request" doc:id="f39066b8-1b57-4165-8623-acae63701b54" config-ref="Request_Config" path="/payitservicedev/SearchService"/>
<logger level="DEBUG" doc:name="Logger" doc:id="6fe7e2b6-a7ee-42a1-83c4-1100cccacb41" message="#[payload]"/>
</flow>
</mule>
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns:apikit-soap="http://www.mulesoft.org/schema/mule/apikit-soap" xmlns:wsc="http://www.mulesoft.org/schema/mule/wsc"
xmlns:tls="http://www.mulesoft.org/schema/mule/tls" xmlns:crypto="http://www.mulesoft.org/schema/mule/crypto"
xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/tls http://www.mulesoft.org/schema/mule/tls/current/mule-tls.xsd
http://www.mulesoft.org/schema/mule/wsc http://www.mulesoft.org/schema/mule/wsc/current/mule-wsc.xsd
http://www.mulesoft.org/schema/mule/crypto http://www.mulesoft.org/schema/mule/crypto/current/mule-crypto.xsd">
<tls:context name="TLS_Context" doc:name="TLS Context" doc:id="ffe423b2-3655-4ad6-a2d8-aa607d1051cc" >
<tls:trust-store path="clientKeystore.jks" password="cspass" type="pkcs12" insecure="true" />
<tls:key-store type="pkcs12" path="clientKeystore.jks" alias="clientkey" keyPassword="password" password="password"/>
</tls:context>
<http:request-config name="Request_Config" doc:name="HTTP Request configuration" doc:id="c3d773e0-538a-4d8a-bbec-d928339235c0">
<http:request-connection host="payit.dbpr.state.fl.us" protocol="HTTPS" port="443" tlsContext="TLS_Context"/>
</http:request-config>
<http:listener-config name="TestListener" doc:name="HTTP Listener config" doc:id="6c0d875d-2dcd-4f05-85c0-306852628d4e" basePath="/api" >
<http:listener-connection host="0.0.0.0" port="8081" />
</http:listener-config>
<crypto:jce-config name="Crypto_Jce" doc:name="Crypto Jce" doc:id="824a4e64-701e-4f57-a9d7-378ff8310aa8" keystore=".../src/main/resources/clientKeystore.jks" type="PKCS12" password="cspass" >
<crypto:jce-key-infos >
<crypto:jce-symmetric-key-info keyId="clientkey" alias="clientkey" password="password" />
</crypto:jce-key-infos>
</crypto:jce-config>
</mule>
Hi@Alex。这是一个有充分记录的问题。我认为您应该编辑它以删除TLS相互身份验证部分。我知道您已经解决了它,如果它正在通信,您的问题的焦点是RPC和内容的加密/签名(可能使用WSS或XML加密标准?),这与TLS相互身份验证和加密是分开的。