Fatal编程技术网
  • java/
  • 来自Java的soap中的UserNameToken

来自Java的soap中的UserNameToken

java xml soap

来自Java的soap中的UserNameToken,java,xml,soap,ws-security,usernametoken,Java,Xml,Soap,Ws Security,Usernametoken,我试图使用从Netbeans生成的gSoap wsdl。webservice要求传入UserNameToken。当我使用SoapUI中的wsdl时(可以使用),它会发送以下消息: <wsse:Username>myname</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#Pas

我试图使用从Netbeans生成的gSoap wsdl。webservice要求传入UserNameToken。当我使用SoapUI中的wsdl时(可以使用),它会发送以下消息:

<wsse:Username>myname</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">mypass</wsse:Password>
它生成如下的soap头:

            String prefix = "wsse";
            String uri = "http://...wsssecurity...";

            SOAPElement securityElem = factory.createElement("Security",prefix,uri);

                SOAPElement UserNametokenElem = factory.createElement("UserNameToken",prefix,uri);

                    SOAPElement UsernameElem = factory.createElement("wsse:Username");
                    UsernameElem.addTextNode("myname");
                    SOAPElement PasswordElem = factory.createElement("Password");
                    PasswordElem.addTextNode("mypass");

                    UserNametokenElem.addChildElement(UsernameElem);
                    UserNametokenElem.addChildElement(PasswordElem);

                    securityElem.addChildElement(UserNametokenElem);
            SOAPHeader header = envelope.addHeader();
            header.addChildElement(securityElem);

    <wsse:Security xmlns:wsse="http://...wsssecurity...">
    <wsse:UserNameToken xmlns:wsse="http://...wsssecurity...">
    <Username xmlns="">myname</Username>
    <Password xmlns="">mypass</Password>
    </wsse:UserNameToken>
    </wsse:Security>

            SOAPPart soappart = message.getSOAPPart();
            SOAPEnvelope envelope = soappart.getEnvelope();
            SOAPHeader header = envelope.getHeader();
            WSSecHeader wsheader = new WSSecHeader();
            wsheader.insertSecurityHeader(soappart);
            WSSecUsernameToken token = new WSSecUsernameToken();
            token.setPasswordType(WSConstants.PASSWORD_DIGEST);
            token.setUserInfo("myuser", "mypass");
            token.build(soappart, wsheader);


我的名字
我的通行证
这会导致webservice以身份验证错误进行回复

因此,我的问题是:

  • 如何以正确的方式生成UserNameToken(就像SoapUi那样)
  • 使用处理程序还是使用外部WSSE库(如ApacheWSS4J)更好(有人能给我看一些示例代码吗)
    • 我最终成功地使用了wss4j,并做了如下工作:

                String prefix = "wsse";
            String uri = "http://...wsssecurity...";

            SOAPElement securityElem = factory.createElement("Security",prefix,uri);

                SOAPElement UserNametokenElem = factory.createElement("UserNameToken",prefix,uri);

                    SOAPElement UsernameElem = factory.createElement("wsse:Username");
                    UsernameElem.addTextNode("myname");
                    SOAPElement PasswordElem = factory.createElement("Password");
                    PasswordElem.addTextNode("mypass");

                    UserNametokenElem.addChildElement(UsernameElem);
                    UserNametokenElem.addChildElement(PasswordElem);

                    securityElem.addChildElement(UserNametokenElem);
            SOAPHeader header = envelope.addHeader();
            header.addChildElement(securityElem);

        <wsse:Security xmlns:wsse="http://...wsssecurity...">
    <wsse:UserNameToken xmlns:wsse="http://...wsssecurity...">
    <Username xmlns="">myname</Username>
    <Password xmlns="">mypass</Password>
    </wsse:UserNameToken>
    </wsse:Security>

                SOAPPart soappart = message.getSOAPPart();
            SOAPEnvelope envelope = soappart.getEnvelope();
            SOAPHeader header = envelope.getHeader();
            WSSecHeader wsheader = new WSSecHeader();
            wsheader.insertSecurityHeader(soappart);
            WSSecUsernameToken token = new WSSecUsernameToken();
            token.setPasswordType(WSConstants.PASSWORD_DIGEST);
            token.setUserInfo("myuser", "mypass");
            token.build(soappart, wsheader);
    wss4j有一些嵌套的依赖项,所以请注意这一点。

    我最终成功地使用了wss4j,并做了如下操作:

                String prefix = "wsse";
            String uri = "http://...wsssecurity...";

            SOAPElement securityElem = factory.createElement("Security",prefix,uri);

                SOAPElement UserNametokenElem = factory.createElement("UserNameToken",prefix,uri);

                    SOAPElement UsernameElem = factory.createElement("wsse:Username");
                    UsernameElem.addTextNode("myname");
                    SOAPElement PasswordElem = factory.createElement("Password");
                    PasswordElem.addTextNode("mypass");

                    UserNametokenElem.addChildElement(UsernameElem);
                    UserNametokenElem.addChildElement(PasswordElem);

                    securityElem.addChildElement(UserNametokenElem);
            SOAPHeader header = envelope.addHeader();
            header.addChildElement(securityElem);

        <wsse:Security xmlns:wsse="http://...wsssecurity...">
    <wsse:UserNameToken xmlns:wsse="http://...wsssecurity...">
    <Username xmlns="">myname</Username>
    <Password xmlns="">mypass</Password>
    </wsse:UserNameToken>
    </wsse:Security>

                SOAPPart soappart = message.getSOAPPart();
            SOAPEnvelope envelope = soappart.getEnvelope();
            SOAPHeader header = envelope.getHeader();
            WSSecHeader wsheader = new WSSecHeader();
            wsheader.insertSecurityHeader(soappart);
            WSSecUsernameToken token = new WSSecUsernameToken();
            token.setPasswordType(WSConstants.PASSWORD_DIGEST);
            token.setUserInfo("myuser", "mypass");
            token.build(soappart, wsheader);
    wss4j有一些嵌套的依赖项,所以要注意这一点。

    很好的例子。谢谢你为我节省了很多时间!很好的例子。谢谢你为我节省了很多时间!