Java Spring WS-SOAP头前缀问题
我正在从事一个Spring WS项目,我正在尝试使用某个SOAP服务,但我在请求的头标签上遇到了一些问题。Java Spring WS-SOAP头前缀问题,java,soap,soapui,spring-ws,Java,Soap,Soapui,Spring Ws,我正在从事一个Spring WS项目,我正在尝试使用某个SOAP服务,但我在请求的头标签上遇到了一些问题。 PS:我在SOAP UI上运行了相同的请求,它运行得非常好 这是我运行的代码: JAXBElement<ChangeOtherIDsRequestType> request = createRequestBody(); WebServiceTemplate template = new WebServiceTemplate(marshaller); templ
PS:我在SOAP UI上运行了相同的请求,它运行得非常好 这是我运行的代码:
JAXBElement<ChangeOtherIDsRequestType> request = createRequestBody();
WebServiceTemplate template = new WebServiceTemplate(marshaller);
template.setDefaultUri(URI);
@SuppressWarnings({ "unchecked" })
JAXBElement<ChangeOtherIDsResponseType> response = (JAXBElement<ChangeOtherIDsResponseType>) template
.marshalSendAndReceive(request, new WebServiceMessageCallback() {
@Override
public void doWithMessage(WebServiceMessage message) {
Instant instant = Instant.now();
SaajSoapMessage saajSoapMessage = (SaajSoapMessage) message;
SOAPMessage soapMessage = saajSoapMessage.getSaajMessage();
SOAPPart soapPart = soapMessage.getSOAPPart();
try {
SOAPEnvelope soapEnvelope = soapPart.getEnvelope();
SOAPHeader soapHeader = soapEnvelope.getHeader();
Name headerElementName = soapEnvelope.createName("Security", "wsse",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
// Add "Security" soapHeaderElement to soapHeader
SOAPHeaderElement soapHeaderElement = soapHeader.addHeaderElement(headerElementName);
soapHeaderElement.setMustUnderstand(true);
soapHeaderElement.addNamespaceDeclaration("wsu",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
// Add usernameToken to "Security" soapHeaderElement
SOAPElement usernameTokenSOAPElement = soapHeaderElement.addChildElement("UsernameToken",
"wsse");
// Add username to usernameToken
QName userQname = soapHeaderElement.createQName("Username", "wsse");
SOAPElement userNameSOAPElement = usernameTokenSOAPElement.addChildElement(userQname);
userNameSOAPElement.addTextNode("username");
// Add password to usernameToken
QName passwordQname = usernameTokenSOAPElement.createQName("Password", "wsse");
SOAPElement passwordSOAPElement = usernameTokenSOAPElement.addChildElement("Password");
passwordSOAPElement.setAttribute("Type",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
passwordSOAPElement.addTextNode("password");
// Add Nonce to usernameToken.
QName nonceQname = soapHeaderElement.createQName("Nonce", "wsse");
SOAPElement nonceSOAPElement = usernameTokenSOAPElement.addChildElement("Nonce");
nonceSOAPElement.setAttribute("EncodingType",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
// Add Created to usernameToken.
QName createdQname = soapHeaderElement.createQName("Created", "wsu");
SOAPElement createdElement = usernameTokenSOAPElement.addChildElement(createdQname);
createdElement.addTextNode(instant.toString());
} catch (SOAPException | UnsupportedEncodingException e) {
e.printStackTrace();
}
}
});
template.marshalSendAndReceive(URI, request);
JAXBElement请求=createRequestBody();
WebServiceTemplate模板=新的WebServiceTemplate(marshaller);
setDefaultUri(URI);
@SuppressWarnings({“unchecked”})
JAXBElement响应=(JAXBElement)模板
.MarshalSendReceive(请求,新WebServiceMessageCallback()){
@凌驾
公共无效doWithMessage(WebServiceMessage消息){
Instant-Instant=Instant.now();
SaajSoapMessage SaajSoapMessage=(SaajSoapMessage)消息;
SOAPMessage SOAPMessage=saajSoapMessage.getSaajMessage();
SOAPPart SOAPPart=soapMessage.getSOAPPart();
试一试{
SOAPEnvelope SOAPEnvelope=soapPart.getEnvelope();
SOAPHeader SOAPHeader=soapEnvelope.getHeader();
Name headerElementName=soapEnvelope.createName(“安全”、“wsse”,
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
//将“安全性”soapHeaderElement添加到soapHeader
SOAPHeaderElement SOAPHeaderElement=soapHeader.addHeaderElement(headerElementName);
soapHeaderElement.setMustUnderstand(true);
soapHeaderElement.addNamespaceDeclaration(“wsu”,
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
//将usernameToken添加到“安全”soapHeaderElement
SOAPElement usernameTokenSOAPElement=soapHeaderElement.addChildElement(“UsernameToken”,
“wsse”);
//将用户名添加到usernameToken
QName userQname=soapHeaderElement.createQName(“用户名”,“wsse”);
SOAPElement userNameSOAPElement=usernameTokenSOAPElement.addChildElement(userQname);
userNameSOAPElement.addTextNode(“用户名”);
//向usernameToken添加密码
QName passwordQname=UsernameTokeSOApElement.createQName(“密码”、“wsse”);
SOAPElement密码SOAPElement=UsernameTokeSoapElement.addChildElement(“密码”);
passwordSOAPElement.setAttribute(“类型”,
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
passwordSOAPElement.addTextNode(“密码”);
//将Nonce添加到usernameToken。
QName nonceQname=soapHeaderElement.createQName(“Nonce”、“wsse”);
SOAPElement noncesoapement=UsernameTokeSOApElement.addChildElement(“Nonce”);
NoncesoapeElement.setAttribute(“编码类型”,
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
//将已创建的添加到usernameToken。
QName createdQname=soapHeaderElement.createQName(“已创建”、“wsu”);
SOAPElement createdElement=UsernameTokeSoapElement.addChildElement(createdQname);
createdElement.addTextNode(instant.toString());
}捕获(SOAPException |不支持编码异常e){
e、 printStackTrace();
}
}
});
MarshalSendReceive(URI,请求);
此代码应在请求中添加标题标记,并用于通过“用户名”和“密码”对用户进行身份验证。我期望的结果与SOAP UI为相同请求生成的结果相同。结果是:
<SOAP-ENV:Header>
<wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-C17C5A667A3F11A8DA153735499778322">
<wsse:Username>username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">Tl6jznnHitsSE9F16FWTsw==</wsse:Nonce>
<wsu:Created>2018-09-19T11:03:17.783Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
用户名
密码
TL6JZNNHITSE9F16FWTSW==
2018-09-19T11:03:17.783Z
但我得到的结果是这样的:
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" SOAP-ENV:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>username</wsse:Username>
<Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</Password>
<Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"> </Nonce>
<wsu:Created>2018-09-19T11:02:21.918Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</SOAP-ENV:Header>
用户名
密码
2018-09-19T11:02:21.918Z
让我们看看我的结果中缺少了一些东西,例如:
- 标记“Password”和“Nonce”上的“wsse”前缀李>
- “Username”标记上的“UsernameToken”属性李>
- “Nonce”标记的值李>
提前感谢。您正试图将安全性强加于您的请求中,但有一个拦截器和默认的方法。为
WebServiceTemplate
配置
类似于下面的内容应该可以做到这一点
@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
interceptor.setSecurementUsername("username");
interceptor.setSecurementPassword("password");
interceptor.setSecurementUsernameTokenNonce(true);
interceptor.setSecurementActions("UsernameToken Timestamp");
return interceptor;
}
然后将其注入您的WebServiceTemplate
。这将添加所需的标题,而无需执行任何其他操作。理想情况下,您可以一次性配置WebServiceTemplate
,然后重用它
@Bean
public WebServiceTemplate webServiceTemplate(Marshaller marshaller) {
WebServiceTemplate wsTemplate = new WebServiceTemplate(marshaller);
wsTemplate.setInterceptors(new ClientInterceptor[]{ securityInterceptor() });
return wsTemplate;
}
然后在代码中使用预先配置的
WebServiceTemplate
。为什么要模拟它,为什么要这样做?您应该正确配置WebServiceTemplate
,并添加Wss4jSecurityInterceptor
,它将添加头,don