如何使用UsenameToken和PasswordDigest为JAVA中的SOAP客户端附加wsse安全标头
我正在尝试使用AXIS2在Java中构建SOAP客户机。 我尝试使用的Web服务使用带有用户名令牌和密码摘要的安全标头。 我可以构造请求头、请求体,还可以添加安全头 以下是SOAP UI中的SOAP请求工作正常:如何使用UsenameToken和PasswordDigest为JAVA中的SOAP客户端附加wsse安全标头,java,web-services,soap,soap-client,Java,Web Services,Soap,Soap Client,我正在尝试使用AXIS2在Java中构建SOAP客户机。 我尝试使用的Web服务使用带有用户名令牌和密码摘要的安全标头。 我可以构造请求头、请求体,还可以添加安全头 以下是SOAP UI中的SOAP请求工作正常: POST http://<OUR WSDL>HTTP/1.1 Accept-Encoding: gzip,deflate Content-Type: text/xml;charset=UTF-8 SOAPAction: "" Authorization: Basic c2F
POST http://<OUR WSDL>HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: ""
Authorization: Basic c2FtczpzYW1z
Content-Length: 2920
Host: hostnameqa-web.cable.com:80
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="http://xml.comcast.com/sams/tts/consumerservice/v1_2">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-42">
<wsse:Username>username1</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">pifAlJJNQAo8Tqi+F95kpz+8UvM=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">99lpCD9kwSvUd78EA3Humw==</wsse:Nonce>
<wsu:Created>2015-05-13T15:18:10.100Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<v1:create>
<!--Optional:-->
<v1:CreateConsTicketRequest>
<Header>
<Requester>requestor</Requester>
<Submitter>
<Type>Real</Type>
<Value>Submitter</Value>
</Submitter>
<TimeStamp>
<Date>2014-05-30</Date>
<Time>22:38:26</Time>
<TimeZone>UTC</TimeZone>
</TimeStamp>
<TransactionId>1</TransactionId>
</Header>
<Body>
<CTicket>
<ContactInformation>
<Name>First Name123, Last Name123</Name>
<Phone>1234567893</Phone>
<Email>email@testing.com</Email>
</ContactInformation>
<TimeStart>
<Date>2013-09-12</Date>
<Time>09:31:23</Time>
<TimeZone>UTC</TimeZone>
</TimeStart>
</CTicket>
</Body>
</v1:CreateConsTicketRequest>
</v1:create>
</soapenv:Body>
</soapenv:Envelope>
麻烦:
我能够生成请求和端点,但收到以下异常:
org.apache.axis2.AxisFault: An exception occurred in WSSecuritySOAPHandler.
com.sun.xml.wss.XWSSecurityException:
com.sun.xml.wss.XWSSecurityException:
com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException: It should be divisible by four
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
下面是来自SaopUI的UsernameToken和Java客户端之间的比较:有一些不同。这对我的例外有关系吗?请指出
来自SaopUI(工作正常):
sams
YDtfm04egjBgzWM9Mu/PAQH6LG=
KCveDnb6e59NVOlmmP2KEg==
2015-05-12T17:13:48.457Z
来自Java客户端(仅打印出来用于比较):
sams
[B@6950e31
E8C9D3BCE1FD72994E4813367CF3707AFB707B752015年5月13日星期三美国东部夏令时11:16:27
期望:
任何已经使用过密码摘要编码风格的人都可以通过指出我需要做的更改来指导我正确的方向。使用过类似请求的人可以很容易地理解并解决我的问题,使用您的密码摘要编码工作代码段
org.apache.axis2.AxisFault: An exception occurred in WSSecuritySOAPHandler.
com.sun.xml.wss.XWSSecurityException:
com.sun.xml.wss.XWSSecurityException:
com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException: It should be divisible by four
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
<wsse:UsernameToken wsu:Id="UsernameToken-14"><wsse:Username>sams</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">YDtfm04egjBgzWM9Mu/pAQqh6Lg=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">KCveDnb6e59NVOlmmP2KEg==</wsse:Nonce>
<wsu:Created>2015-05-12T17:13:48.457Z</wsu:Created></wsse:UsernameToken>
<wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:Username>sams</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">[B@6950e31</wsse:Password>
<wsse:Nonce Nonce="BinarySecurityToken">e8c9d3bce1fd72994e4813367cf3707afb707b75</wsse:Nonce><wsu:Nonce xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">Wed May 13 11:16:27 EDT 2015</wsu:Nonce></wsse:UsernameToken>