Java 对';的Wss4jSecurityInterceptor签名响应的验证失败;ec:InclusiveNamespaces';
我在Spring中编写了SOAP服务,并在Java15上运行。 当我们收到请求时,我们会做出如下回应:Java 对';的Wss4jSecurityInterceptor签名响应的验证失败;ec:InclusiveNamespaces';,java,xsd,xsd-validation,spring-ws,wss4j,Java,Xsd,Xsd Validation,Spring Ws,Wss4j,我在Spring中编写了SOAP服务,并在Java15上运行。 当我们收到请求时,我们会做出如下回应: <?xml version="1.0"?> <env:Envelope xmlns:product="http://www.product.net/ws/communication/product/2020/12/" xmlns:env="http://www.w3.org/2003/05/soa
<?xml version="1.0"?>
<env:Envelope xmlns:product="http://www.product.net/ws/communication/product/2020/12/"
xmlns:env="http://www.w3.org/2003/05/soap-envelope"
xmlns:sndich="http://www.product.net/ws/communication/sendinterchange/2020/12/">
<env:Header>
<sndich:sessionResponse>
<product:sessionID>210505a02EhN</product:sessionID>
<product:sessionResponseTime>2021-05-05T11:19:11.681+02:00</product:sessionResponseTime>
<product:sessionTotals>
<product:totals product:type="ACCEPTED">
<product:totalNo>1</product:totalNo>
<product:totalSize>868</product:totalSize>
</product:totals>
<product:totals product:type="REJECTED">
<product:totalNo>0</product:totalNo>
<product:totalSize>0</product:totalSize>
</product:totals>
</product:sessionTotals>
</sndich:sessionResponse>
</env:Header>
<env:Body>
<sndich:sendInterchangeResponse>
<sndich:interchangesResponse>
<sndich:interchangeResponse>
<product:productInterchangeID>210505a02EhO</product:productInterchangeID>
<product:dataFormat>EDI</product:dataFormat>
<product:senderID>RETAILER</product:senderID>
<product:recipientID>SUPPLIER</product:recipientID>
<product:interchangeControlReference>12345553</product:interchangeControlReference>
<product:testMessage>true</product:testMessage>
<product:messageType>ORDERS</product:messageType>
<product:messageSize>868</product:messageSize>
<product:sendingTime>2021-05-05T11:19:11.272+02:00</product:sendingTime>
<product:gatewayTransmission>true</product:gatewayTransmission>
</sndich:interchangeResponse>
</sndich:interchangesResponse>
</sndich:sendInterchangeResponse>
</env:Body>
</env:Envelope>
@Bean(name = "securityInterceptorSend")
public Wss4jSecurityInterceptor securityInterceptorSend() throws Exception
{
var securityInterceptor = securityInterceptorBase();
securityInterceptor.setSecurementSignatureParts(SECUREMENT_ELEMENTS_SEND);
return securityInterceptor;
}
private Wss4jSecurityInterceptor securityInterceptorBase() throws Exception
{
Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor();
CryptoFactoryBean crypto = new CryptoFactoryBean();
crypto.setKeyStoreLocation(new ClassPathResource(keyStoreLocation));
crypto.setKeyStorePassword(keyStorePassword);
crypto.setKeyStoreType("JKS");
crypto.afterPropertiesSet();
securityInterceptor.setSecurementActions(WSHandlerConstants.SIGNATURE);
securityInterceptor.setSecurementSignatureKeyIdentifier("DirectReference");
securityInterceptor.setSecurementSignatureCrypto(crypto.getObject());
securityInterceptor.setSecurementUsername(keyStorePK);
securityInterceptor.setSecurementPassword(keyStorePkPassword);
securityInterceptor.setSecurementSignatureAlgorithm(WSS4JConstants.RSA_SHA256);
securityInterceptor.setSecurementSignatureDigestAlgorithm(WSS4JConstants.SHA256);
return securityInterceptor;
}
<?xml version="1.0"?>
<env:Envelope xmlns:product="http://www.product.net/ws/communication/product/2020/12/"
xmlns:env="http://www.w3.org/2003/05/soap-envelope"
xmlns:sndich="http://www.product.net/ws/communication/sendinterchange/2020/12/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="true">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-9ef69771-4b8f-4062-8725-62db93a9729e">MIID6z---shortened---42HmAB5EoE/p2unM=</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-73eb278c-799c-4f22-af21-8f1bc4d8203c">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="product env sndich wsu"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#id-1e0171da-3fcb-4a04-8385-dddd1df2d933">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="product sndich"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>CIqrq8MQxhJbHcseKKRsjb2KCLdMpB9b7FI/UzvWeIg=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-7f62968d-54e3-4525-9924-e0055a93668b">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="product env"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>1yMj+dzkex5FE3N9/Pd9c8QeaeUmzkTRTSDM83ZhrFQ=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>WezK--shortened--rwQ==</ds:SignatureValue>
<ds:KeyInfo Id="KI-0d696b3d-ea31-4202-be5e-00a9198e8bdc">
<wsse:SecurityTokenReference wsu:Id="STR-0ff8ab07-4da4-4b47-b820-f2e8e5edc03d">
<wsse:Reference URI="#X509-9ef69771-4b8f-4062-8725-62db93a9729e" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<sndich:sessionResponse wsu:Id="id-7f62968d-54e3-4525-9924-e0055a93668b">
<product:sessionID>210505a02EhP</product:sessionID>
<product:sessionResponseTime>2021-05-05T11:19:14.420+02:00</product:sessionResponseTime>
<product:sessionTotals>
<product:totals product:type="ACCEPTED">
<product:totalNo>1</product:totalNo>
<product:totalSize>868</product:totalSize>
</product:totals>
<product:totals product:type="REJECTED">
<product:totalNo>0</product:totalNo>
<product:totalSize>0</product:totalSize>
</product:totals>
</product:sessionTotals>
</sndich:sessionResponse>
</env:Header>
<env:Body wsu:Id="id-1e0171da-3fcb-4a04-8385-dddd1df2d933">
<sndich:sendInterchangeResponse>
<sndich:interchangesResponse>
<sndich:interchangeResponse>
<product:productInterchangeID>210505a02EhQ</product:productInterchangeID>
<product:dataFormat>EDI</product:dataFormat>
<product:senderID>RETAILER</product:senderID>
<product:recipientID>SUPPLIER</product:recipientID>
<product:interchangeControlReference>12345553</product:interchangeControlReference>
<product:testMessage>true</product:testMessage>
<product:messageType>ORDERS</product:messageType>
<product:messageSize>868</product:messageSize>
<product:sendingTime>2021-05-05T11:19:14.309+02:00</product:sendingTime>
<product:gatewayTransmission>true</product:gatewayTransmission>
</sndich:interchangeResponse>
</sndich:interchangesResponse>
</sndich:sendInterchangeResponse>
</env:Body>
</env:Envelope>
SOAP web service response 'sendInterchangeResponse' schema validation error: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'ec:InclusiveNamespaces'
<xs:import namespace="http://www.w3.org/2001/10/xml-exc-c14n#" schemaLocation="./exc-c14n.xsd"/>
java.lang.ArrayIndexOutOfBoundsException: Index -1 out of bounds for length 16
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorReporter.mergeContext(XMLSchemaValidator.java:493) ~[?:?]
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.endElementPSVI(XMLSchemaValidator.java:2560) ~[?:?]
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleEndElement(XMLSchemaValidator.java:2476) ~[?:?]
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.endElement(XMLSchemaValidator.java:943) ~[?:?]
at com.sun.org.apache.xerces.internal.jaxp.validation.DOMValidatorHelper.finishNode(DOMValidatorHelper.java:341) ~[?:?]
at com.sun.org.apache.xerces.internal.jaxp.validation.DOMValidatorHelper.validate(DOMValidatorHelper.java:246) ~[?:?]
at com.sun.org.apache.xerces.internal.jaxp.validation.DOMValidatorHelper.validate(DOMValidatorHelper.java:189) ~[?:?]
at com.sun.org.apache.xerces.internal.jaxp.validation.ValidatorImpl.validate(ValidatorImpl.java:108) ~[?:?]
at javax.xml.validation.Validator.validate(Validator.java:124) ~[?:?]
at at.company.product.soap.ws.soap.message.SoapMessageService.validateSchema(SoapMessageService.java:268) ~[classes/:?]
at at.company.product.soap.ws.soap.endpoint.SoapWsEndpointBase.validateSchemaResponse(SoapWsEndpointBase.java:106) ~[classes/:?]
at at.company.product.soap.ws.soap.endpoint.SoapWsEndpointBase.signAndValidateResponse(SoapWsEndpointBase.java:91) ~[classes/:?]
at at.company.product.soap.ws.soap.endpoint.SoapWsSendInterchangeEndpoint.handleSendInterchangeTransmissionIdStandard(SoapWsSendInterchangeEndpoint.java:185) ~[classes/:?]
at at.company.product.soap.ws.soap.endpoint.SoapWsSendInterchangeEndpoint.handleSendInterchange(SoapWsSendInterchangeEndpoint.java:105) ~[classes/:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64) ~[?:?]
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
at java.lang.reflect.Method.invoke(Method.java:564) ~[?:?]
at org.springframework.ws.server.endpoint.MethodEndpoint.invoke(MethodEndpoint.java:134) ~[spring-ws-core-3.0.10.RELEASE.jar:?]
at org.springframework.ws.server.endpoint.adapter.DefaultMethodEndpointAdapter.invokeInternal(DefaultMethodEndpointAdapter.java:291) ~[spring-ws-core-3.0.10.RELEASE.jar:?]
at org.springframework.ws.server.endpoint.adapter.AbstractMethodEndpointAdapter.invoke(AbstractMethodEndpointAdapter.java:55) ~[spring-ws-core-3.0.10.RELEASE.jar:?]
at org.springframework.ws.server.MessageDispatcher.dispatch(MessageDispatcher.java:236) [spring-ws-core-3.0.10.RELEASE.jar:?]
at org.springframework.ws.server.MessageDispatcher.receive(MessageDispatcher.java:176) [spring-ws-core-3.0.10.RELEASE.jar:?]
at at.company.product.soap.ws.soap.SoapWsWebServiceMessageReceiverHandlerAdapter.handleConnectionInSession(SoapWsWebServiceMessageReceiverHandlerAdapter.java:217) [classes/:?]
at at.company.product.soap.ws.soap.SoapWsWebServiceMessageReceiverHandlerAdapter.handle(SoapWsWebServiceMessageReceiverHandlerAdapter.java:87) [classes/:?]
at org.springframework.ws.transport.http.MessageDispatcherServlet.doService(MessageDispatcherServlet.java:293) [spring-ws-core-3.0.10.RELEASE.jar:?]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) [spring-webmvc-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909) [spring-webmvc-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:652) [servlet-api.jar:4.0.FR]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) [spring-webmvc-5.2.12.RELEASE.jar:5.2.12.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:733) [servlet-api.jar:4.0.FR]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) [catalina.jar:9.0.41]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.41]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) [tomcat-websocket.jar:9.0.41]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.41]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.41]
at at.company.product.soap.ws.util.SoapWsRequestSizeFilter.doFilter(SoapWsRequestSizeFilter.java:87) [classes/:?]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.41]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.41]
at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) [log4j-web-2.14.0.jar:2.14.0]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.41]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.41]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) [catalina.jar:9.0.41]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) [catalina.jar:9.0.41]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542) [catalina.jar:9.0.41]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) [catalina.jar:9.0.41]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [catalina.jar:9.0.41]
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690) [catalina.jar:9.0.41]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) [catalina.jar:9.0.41]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) [catalina.jar:9.0.41]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) [tomcat-coyote.jar:9.0.41]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) [tomcat-coyote.jar:9.0.41]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:888) [tomcat-coyote.jar:9.0.41]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1597) [tomcat-coyote.jar:9.0.41]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:9.0.41]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630) [?:?]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:9.0.41]
at java.lang.Thread.run(Thread.java:832) [?:?]