Java SOAP客户端基本身份验证:HTTP响应';401:未经授权';
我正在尝试创建一个SOAP客户端,它必须调用使用http基本身份验证的服务器。 我得到以下错误:Java SOAP客户端基本身份验证:HTTP响应';401:未经授权';,java,xml,authentication,soap,Java,Xml,Authentication,Soap,我正在尝试创建一个SOAP客户端,它必须调用使用http基本身份验证的服务器。 我得到以下错误: org.apache.cxf.interceptor.Fault: Could not send Message. at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64) ... C
org.apache.cxf.interceptor.Fault: Could not send Message.
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
...
Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with http://localhost:8080/SpringMVCTest/services/ContractService?wsdl=ContractService.wsdl
我的app-config.xml是:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:http auto-config="true">
<security:intercept-url pattern="/services/*"/>
<security:http-basic/>
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="wsuser1" password="pw123" authorities="wsuser" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<bean id="client" class="hu.bz.ikti.insurance.service.insurer.ContractService"
factory-bean="clientFactory" factory-method="create"/>
<bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
<property name="serviceClass" value="hu.bz.ikti.insurance.service.insurer.ContractService"/>
<property name="address" value="http://localhost:8080/SpringMVCTest/services/ContractService?wsdl=ContractService.wsdl"/>
</bean>
</beans>
http基本身份验证在servers web.xml中配置:
<security-constraint>
<web-resource-collection>
<url-pattern>/services/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>wsuser</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>webservice</role-name>
</security-role>
/服务/*
wsuser
基本的
网络服务
在tomcat-users.xml中添加用户:
<user username="wsuser1" password="pw123" roles="wsuser"/>
我可以在浏览器中打开wsdl,给出用户名/密码。
什么会导致401:客户端出现未经授权的错误?根据此处的CXF文档: (请参阅配置Spring客户端(选项2)) 设置用户名和密码的正确方法是在
clientFactory
bean配置中使用username
和password
属性
因此,在clientFactory
bean中添加以下内容:
<property name="username" value="yourUsername"/>
<property name="password" value="yourPassword"/>
没有安全性:前缀,我得到一个xml解析错误:org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException org.xml.sax.SAXParseException:cvc复杂类型。2.4.a:发现以元素“user”开头的无效内容。
我根据一个web示例添加了前缀。可能我需要一个xsi:schemaLocation来表示用户(可能用于身份验证等)元素。我根本没有说要触摸安全前缀。您需要将属性添加到clientFactory
bean。@Syon。这是一个非常有用的建议。我为此挣扎了一天,然后找到了这个答案,瞧,它就像一个符咒。谢谢