Fatal编程技术网
  • java/
  • Java cxf merlindevice配置

Java cxf merlindevice配置

java

Java cxf merlindevice配置,java,cxf,Java,Cxf,我需要通过智能卡对web服务soap消息体和时间戳进行签名 org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11 org.apache.ws.security.crypto.merlin.keystore.type=PKCS1

我需要通过智能卡对web服务soap消息体和时间戳进行签名

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
我正在使用cxf 2.7.12。在cxf丑陋的文档中,他们说“MerlinDevice:基于Merlin,允许使用空输入流加载密钥库-例如在智能卡设备上”。但没有提供任何示例或文档

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
是否有人可以提供merlindevice的联合配置?

请参阅此处以获取一些文档:

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
实际的属性文件看起来与用于“Merlin”的标准文件几乎相同,只是提供程序将被称为“MerlinDevice”:

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx


org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
Colm.

以下是我如何解决这个问题的

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
  • 创建一个类,例如PKCS11设备扩展Merlin
  • 在其中复制MerlinDevice源
  • 复制其中的Merlin加载方法
  • 将加载方法的第一行更改为

    public KeyStore load(InputStream input, String storepass, String provider, 
String type) 
throws CredentialException {

KeyStore ks = null;

SunPKCS11 akisProvider = new SunPKCS11("pkcs.properties");
Security.addProvider(akisProvider);

try {
    if (provider == null || provider.length() == 0) {
        ks = KeyStore.getInstance(type);
    } else {
        //ks = KeyStore.getInstance(type, provider);
        ks = KeyStore.getInstance("PKCS11",akisProvider);
    }

    org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx


    • org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
  • 重新打包wss4j.jar

    • org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
  • 用cxf lib文件夹中的旧jar替换新jar

    org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
    -----在您的项目中

    • org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
  • 创建卡特定的pkcs.properties
    • 我的是

    name = AKIS
library = C:/windows/system32/akisp11.dll
disabledMechanisms={ CKM_SHA1_RSA_PKCS }

    org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
  • 将wss4j.properties文件设置为

    org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx
    • 而且它有效

    嗨,科尔姆。您的继任者在web上很常见,包括wss4j和cxf文档。当您使用org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.MerlinDevice更改行时,会显示错误java.lang.NoSuchMethodException:org.apache.ws.security.components.crypto.MerlinDevice。来。实际上,Merlin有获取私钥的方法,但您无法从智能卡获取私钥。我想这就是问题所在。在配置中,必须通过本机智能卡库。到设备,但没有如何进行的示例。您看到的完整堆栈跟踪是什么?还有,WSS4J的哪个版本?我正在使用WSS4J的v1.6.16。堆栈跟踪是:由:org.apache.ws.security.WSSecurityException:class org.apache.ws.security.components.crypto.MerlinDevice无法在org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:242)在org.apache.ws.security.components.CryptoFactory.getInstance(CryptoFactory.java:135)创建实例位于org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor.loadCryptoFromPropertiesFile(AbstractWSS4JInterceptor.java:224)处的org.apache.ws.security.handler.WSHandler.loadCryptoFromPropertiesFile(AbstractWSS4JInterceptor.java:224)处org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(WSHandler.java:823)org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:143)org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52)位于org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:265)。。。10原因:java.lang.NoSuchMethodException:org.apache.ws.security.components.crypto.MerlinDevice.(java.util.Properties,java.lang.ClassLoader)位于java.lang.Class.getConstructor0(Class.java:3069)位于java.lang.Class.getConstructor(Class.java:1812)位于org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:236)。。。还有18个 
    org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.PKCS11Device      
org.apache.ws.security.crypto.merlin.keystore.provider=SunPKCS11
org.apache.ws.security.crypto.merlin.keystore.type=PKCS11
org.apache.ws.security.crypto.merlin.keystore.password=xxxxx