Soap picketlink sts ws-trust mustunderstand标头

有没有办法将picketLink sts配置为接受带有mustUnderstand头的soap请求

我正在使用：

我发送的请求是：

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tns="urn:picketlink:identity-federation:sts" xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/v1.4/cd/ws-trust.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <soap:Header>
      <Action xmlns="http://www.w3.org/2005/08/addressing">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew</Action>
      <MessageID xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:9cfedcee-2ebf-47e0-a24a-45281d785136</MessageID>
      <To xmlns="http://www.w3.org/2005/08/addressing">https://namsb.blr.novell.com:443/nidp/wstrust/sts</To>
      <ReplyTo xmlns="http://www.w3.org/2005/08/addressing">
         <Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
      </ReplyTo>
      <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <wsu:Timestamp wsu:Id="TS-1">
            <wsu:Created>2014-02-10T23:36:42Z</wsu:Created>
            <wsu:Expires>2014-02-10T24:36:42Z</wsu:Expires>
         </wsu:Timestamp>
         <wsse:UsernameToken wsu:Id="UsernameToken-2">
            <wsse:Username>admin</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">novell</wsse:Password>
         </wsse:UsernameToken>
      </wsse:Security>
   </soap:Header>
   <soap:Body>
      <wst:RequestSecurityToken Context="context">
         <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
         <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
      </wst:RequestSecurityToken>
   </soap:Body>
</soap:Envelope>

---

我找到了答案，我把它贴在这里，它可以帮助别人

您需要定义一个新的SOAPHandler并将其链接到您的webService端点

这是通过使用@HandlerChain（file=“soap handler.xml”）注释端点来完成的

例如：

package org.picketlink.identity.federation.app.sts;
/**
 * imports...
 */

    @WebServiceProvider(serviceName = "PicketLinkSTS", portName = "PicketLinkSTSPort", targetNamespace = "urn:picketlink:identity-federation:sts", wsdlLocation = "WEB-INF/wsdl/PicketLinkSTS.wsdl")
    @ServiceMode(value = Service.Mode.MESSAGE)
    @Addressing(enabled = true, required = true)
    @HandlerChain(file = "soap-handler.xml")
    public class PicketLinkSTService extends PicketLinkSTS {
        private static Logger log = Logger.getLogger(PicketLinkSTService.class);

        @Resource
        public void setWSC(WebServiceContext wctx) {
            log.info("Setting WebServiceContext = " + wctx);
            this.context = wctx;
        }
    }

创建处理程序SOAPHandlerMustUnderstand.java

包org.picketlink.identity.federation.app.sts； /** *进口。。。 */ 公共类SOAPHandlerMustUnderstand实现了SOAPHandler{ 私有静态记录器log=Logger.getLogger（SOAPHandlerMustUnderstand.class）

@覆盖
公共集getHeaders（）{
final HashSet headers=new HashSet（）；
add（getWssSecurityHeader（））；
//通知运行时已处理此问题
返回标题；
}
私有QName getWssSecurityHeader（）{
返回新的QName（“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
“担保”、“wsse”）；
}
@凌驾
公共布尔handleMessage（SOAPMessageContext上下文）{
返回true；
}
@凌驾
公共布尔handleFault（SOAPMessageContext上下文）{
返回false；
}
@凌驾
公共无效关闭（MessageContext上下文）{
}

}

该类定义它理解的头

然后在handleMessage（）方法中，我只返回true以继续处理程序链，但这是要检查用户名和密码的地方

创建soap handler.xml文件

在resources文件夹中，创建与webservice包匹配的文件夹

如果您的包是：org.picketlink.identity.federation.app.sts，则需要在resources文件夹下创建以下路径：org/picketlink/identity/federation/app/sts

然后在created resources文件夹中创建一个名为：soap handler.xml的文件

最后，您得到了如下内容：src/main/resources/org/picketlink/identity/federation/app/sts/soap-handler.xml

soap handler.xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<javaee:handler-chains
        xmlns:javaee="http://java.sun.com/xml/ns/javaee">
    <javaee:handler-chain>
        <javaee:handler>
            <javaee:handler-class>org.picketlink.identity.federation.app.sts.SOAPHandlerMustUnderstand
            </javaee:handler-class>
        </javaee:handler>
    </javaee:handler-chain>
</javaee:handler-chains>

org.picketlink.identity.federation.app.sts.SOAPHandlerMustUnderstand

Soap-handler.xml定义处理程序链调用的类

package org.picketlink.identity.federation.app.sts;
/**
 * imports...
 */

    @WebServiceProvider(serviceName = "PicketLinkSTS", portName = "PicketLinkSTSPort", targetNamespace = "urn:picketlink:identity-federation:sts", wsdlLocation = "WEB-INF/wsdl/PicketLinkSTS.wsdl")
    @ServiceMode(value = Service.Mode.MESSAGE)
    @Addressing(enabled = true, required = true)
    @HandlerChain(file = "soap-handler.xml")
    public class PicketLinkSTService extends PicketLinkSTS {
        private static Logger log = Logger.getLogger(PicketLinkSTService.class);

        @Resource
        public void setWSC(WebServiceContext wctx) {
            log.info("Setting WebServiceContext = " + wctx);
            this.context = wctx;
        }
    }

@Override
public Set<QName> getHeaders() {
    final HashSet<QName> headers = new HashSet<QName>();
    headers.add(getWssSecurityHeader());

    // notify the runtime that this is handled
    return headers;
}

private QName getWssSecurityHeader() {
    return new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
            "Security", "wsse");
}

@Override
public boolean handleMessage(SOAPMessageContext context) {
    return true;
}

@Override
public boolean handleFault(SOAPMessageContext context) {
    return false;
}

@Override
public void close(MessageContext context) {

}

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<javaee:handler-chains
        xmlns:javaee="http://java.sun.com/xml/ns/javaee">
    <javaee:handler-chain>
        <javaee:handler>
            <javaee:handler-class>org.picketlink.identity.federation.app.sts.SOAPHandlerMustUnderstand
            </javaee:handler-class>
        </javaee:handler>
    </javaee:handler-chain>
</javaee:handler-chains>