WCF服务器和WS-Security到Java客户端(SoapUI)
我正在尝试将WS-Security添加到现有的服务中,其中所述服务通过TLS进行访问,并且我已经成功地使用SoapUI对其进行了测试 然而,我有一个问题的反应回来;尽管响应看起来很完整,但SoapUI报告:WCF服务器和WS-Security到Java客户端(SoapUI),wcf,soap,soapui,ws-security,Wcf,Soap,Soapui,Ws Security,我正在尝试将WS-Security添加到现有的服务中,其中所述服务通过TLS进行访问,并且我已经成功地使用SoapUI对其进行了测试 然而,我有一个问题的反应回来;尽管响应看起来很完整,但SoapUI报告: ERROR:org.apache.ws.security.WSSecurityException: An invalid security token was provided (Bad TokenType "") org.apache.ws.security.WSSecurityEx
ERROR:org.apache.ws.security.WSSecurityException: An invalid security token was provided (Bad TokenType "")
org.apache.ws.security.WSSecurityException: An invalid security token was provided (Bad TokenType "")
at org.apache.ws.security.str.BSPEnforcer.checkEncryptedKeyBSPCompliance(BSPEnforcer.java:113)
at org.apache.ws.security.str.SecurityTokenRefSTRParser.processPreviousResult(SecurityTokenRefSTRParser.java:313)
at org.apache.ws.security.str.SecurityTokenRefSTRParser.parseSecurityTokenReference(SecurityTokenRefSTRParser.java:101)
at org.apache.ws.security.processor.ReferenceListProcessor.decryptDataRefEmbedded(ReferenceListProcessor.java:169)
at org.apache.ws.security.processor.ReferenceListProcessor.handleReferenceList(ReferenceListProcessor.java:104)
at org.apache.ws.security.processor.ReferenceListProcessor.handleToken(ReferenceListProcessor.java:64)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:402)
<e:EncryptedKey Id="_0" xmlns:e="http://www.w3.org/2001/04/xmlenc#">
<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
</e:EncryptionMethod>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<o:SecurityTokenReference>
<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">K6Ag94AG3hQuQ+rqQcBvb88Vl+Y=</o:KeyIdentifier>
</o:SecurityTokenReference>
</KeyInfo>
<e:CipherData>
<e:CipherValue>FQ58hAfisez2D8J9A49xFRQjfTSFhrWP9wJDnWq0MctAyLhoAynzu3/Z0jYK91uE4DVCgkFo9QGH6O/kR1icQxkpv/xb5gcB1mJTbIpbCOzw6ZtMEfbY0r9ML2fDcChGFPM/nh70Daqi4P9IO8dIZ5EAUcERvDMFvj4fhwwVycSNFUX40/8ywQALQksPb+1j2B3pzHntcyb6CJ0qD10xjbyyQoT0BgR/HeDQEJDQNvx41eqoDSy2/ImkNNfFCXQ47/k1sN48tWur6GEzDuwUBbiAJxVrCgzc6a7F9CrhWiE6DAublBzM8/EBKP5UD5p2WTcjDQxI4cBhqRwIGYcfhQ==</e:CipherValue>
</e:CipherData>
</e:EncryptedKey>
<customBinding>
<binding name="NewBinding0">
<security
authenticationMode="MutualCertificate"
allowSerializedSigningTokenOnReply="true"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
securityHeaderLayout="Lax"
requireSignatureConfirmation="false"
messageProtectionOrder="EncryptBeforeSign"
includeTimestamp="false"
>
<localServiceSettings detectReplays="false" />
</security>
<textMessageEncoding messageVersion="Soap11" />
<httpsTransport />
</binding>
</customBinding>
K6Ag94AG3hQuQ+rqQcBvb88Vl+Y=
2.中国政府在2008年8月8日发布了一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于一份关于两份关于两份关于两份关于两份关于两份关于两份关于两份关于DQXI4CBHQRWIGYCFHQ==
<e:EncryptedKey Id="_0" xmlns:e="http://www.w3.org/2001/04/xmlenc#">
<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
</e:EncryptionMethod>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<o:SecurityTokenReference>
<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">K6Ag94AG3hQuQ+rqQcBvb88Vl+Y=</o:KeyIdentifier>
</o:SecurityTokenReference>
</KeyInfo>
<e:CipherData>
<e:CipherValue>FQ58hAfisez2D8J9A49xFRQjfTSFhrWP9wJDnWq0MctAyLhoAynzu3/Z0jYK91uE4DVCgkFo9QGH6O/kR1icQxkpv/xb5gcB1mJTbIpbCOzw6ZtMEfbY0r9ML2fDcChGFPM/nh70Daqi4P9IO8dIZ5EAUcERvDMFvj4fhwwVycSNFUX40/8ywQALQksPb+1j2B3pzHntcyb6CJ0qD10xjbyyQoT0BgR/HeDQEJDQNvx41eqoDSy2/ImkNNfFCXQ47/k1sN48tWur6GEzDuwUBbiAJxVrCgzc6a7F9CrhWiE6DAublBzM8/EBKP5UD5p2WTcjDQxI4cBhqRwIGYcfhQ==</e:CipherValue>
</e:CipherData>
</e:EncryptedKey>
<customBinding>
<binding name="NewBinding0">
<security
authenticationMode="MutualCertificate"
allowSerializedSigningTokenOnReply="true"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
securityHeaderLayout="Lax"
requireSignatureConfirmation="false"
messageProtectionOrder="EncryptBeforeSign"
includeTimestamp="false"
>
<localServiceSettings detectReplays="false" />
</security>
<textMessageEncoding messageVersion="Soap11" />
<httpsTransport />
</binding>
</customBinding>