Web services WS-Security-用户名令牌配置文件
我有一个wsdl文件,我正在WAS8.0中为此编写一个客户端 我在ApplicationResources.properties中保留了soap请求所需的用户名/密码 我正在使用“wss-username-token-profile-1.0” 我无法找到如何实现这一点Web services WS-Security-用户名令牌配置文件,web-services,websphere,ws-security,Web Services,Websphere,Ws Security,我有一个wsdl文件,我正在WAS8.0中为此编写一个客户端 我在ApplicationResources.properties中保留了soap请求所需的用户名/密码 我正在使用“wss-username-token-profile-1.0” 我无法找到如何实现这一点 我需要知道如何编写policy.xml以及如何在Webservice clienr中使用。Soap请求必须包含用户名令牌wss配置文件的相应头元素。如果使用Java,您可以使用Soap处理程序或SAAJ手动创建元素。在Websph
我需要知道如何编写policy.xml以及如何在Webservice clienr中使用。Soap请求必须包含用户名令牌wss配置文件的相应头元素。如果使用Java,您可以使用Soap处理程序或SAAJ手动创建元素。在Websphere中,您可以使用名为“策略集”的功能,通过配置各种策略集和绑定对该支持进行元编程 下面是一篇很好的文章,介绍了如何使用配置方法实现这一点: 下面是一个使用SAAJ以编程方式添加此标题的示例:
public class WssHandler implements SOAPHandler<SOAPMessageContext> {
private static final Logger cTRACE = Logger.getLogger(WssHandler.class.getName());
// SOAP
private static final String cWSSE = "wsse";
private static final String cURL = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
private static final String cNODE_SECURITY = "Security";
private static final String cNODE_USRTOKEN = "UsernameToken";
private static final String cNODE_USERNAME = "Username";
private static final String cNODE_PASSWORD = "Password";
private String iUsername;
private String iPassword;
/**
* Constructor for SOAP handler with specific wss credentials.
* @param aUsername wss username
* @param aPassword wss password
*/
public WssHandler(String username, String passwd) {
super();
iUsername = username;
iPassword = passwd;
}
@Override
public boolean handleMessage(SOAPMessageContext context) {
if (cTRACE.isLoggable(Level.FINEST)) {
cTRACE.logp(Level.FINEST,
WssHandler.class.getName(),
"handleMessage", "add WSS credentials for user "+iUsername);
}
try {
SOAPMessage tMessage = context.getMessage();
SOAPEnvelope tSoapEnvelope = tMessage.getSOAPPart().getEnvelope();
// header
SOAPHeader tHeader = tSoapEnvelope.getHeader();
if (tHeader==null) {
// no header yet, create one
tHeader = tSoapEnvelope.addHeader();
}
// security node
Name tWsseHeaderName = tSoapEnvelope.createName(cNODE_SECURITY, cWSSE, cURL);
SOAPHeaderElement tSecurityElement = tHeader.addHeaderElement(tWsseHeaderName);
tSecurityElement.setMustUnderstand(true);
Name tUserTokenElementName = tSoapEnvelope.createName(cNODE_USRTOKEN, cWSSE, cURL);
SOAPElement tUserTokenElement = tSecurityElement.addChildElement(tUserTokenElementName);
tUserTokenElement.removeNamespaceDeclaration(cWSSE);
tUserTokenElement.addNamespaceDeclaration("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
// user name child
Name tUsernameElementName = tSoapEnvelope.createName(cNODE_USERNAME, cWSSE, cURL);
SOAPElement tUsernameElement = tUserTokenElement.addChildElement(tUsernameElementName);
tUsernameElement.removeNamespaceDeclaration(cWSSE);
tUsernameElement.addTextNode(iUsername);
// password child
Name tPasswordElementName = tSoapEnvelope.createName(cNODE_PASSWORD, cWSSE, cURL);
SOAPElement tPasswordElement = tUserTokenElement.addChildElement(tPasswordElementName);
tPasswordElement.removeNamespaceDeclaration(cWSSE);
tPasswordElement.addTextNode(iPassword);
tPasswordElement.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
} catch (SOAPException e) {
if (cTRACE.isLoggable(Level.SEVERE)) {
cTRACE.logp(Level.SEVERE,
WssHandler.class.getName(),
"handleMessage", "Unable to add WSS credentials", e);
}
// stop processing
return false;
}
// continue processing
return true;
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return true;
}
@Override
public void close(MessageContext context) {
// nothing to do
}
@Override
public Set<QName> getHeaders() {
return null;
}
}
公共类WssHandler实现SOAPHandler{
私有静态最终记录器cTRACE=Logger.getLogger(WssHandler.class.getName());
//肥皂
私有静态最终字符串cwse=“wsse”;
私有静态最终字符串cURL=”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
私有静态最终字符串cNODE_SECURITY=“SECURITY”;
私有静态最终字符串cNODE_USRTOKEN=“UsernameToken”;
私有静态最终字符串cNODE_USERNAME=“USERNAME”;
私有静态最终字符串cNODE_PASSWORD=“PASSWORD”;
私有字符串iUsername;
私有字符串iPassword;
/**
*具有特定wss凭据的SOAP处理程序的构造函数。
*@param aUsername wss username
*@param aPassword wss密码
*/
公共WssHandler(字符串用户名、字符串密码){
超级();
iUsername=用户名;
iPassword=passwd;
}
@凌驾
公共布尔handleMessage(SOAPMessageContext上下文){
if(cTRACE.isLoggable(Level.FINEST)){
cTRACE.logp(等级:,
WssHandler.class.getName(),
“handleMessage”、“为用户添加WSS凭据”+iUsername);
}
试一试{
SOAPMessage tMessage=context.getMessage();
SOAPEnvelope tsoapendevelope=tMessage.getSOAPPart().getEnvelope();
//标题
SOAPHeader tHeader=tsoapendevelope.getHeader();
if(tHeader==null){
//还没有标题,请创建一个
tHeader=tsoapendevelope.addHeader();
}
//安全节点
名称tWsseHeaderName=tsoapendevelope.createName(cNODE_SECURITY,cwse,cURL);
SOAPHeaderElement tSecurityElement=tHeader.addHeaderElement(tWsseHeaderName);
tSecurityElement.setMustUnderstand(true);
Name tUserTokenElementName=tsoapendevelope.createName(cNODE_USRTOKEN,cwse,cURL);
SOAPElement-tUserTokenElement=tSecurityElement.addChildElement(tUserTokenElementName);
tUserTokenElement.removeNamespaceDeclaration(cWSSE);
tUserTokenElement.addNamespaceDeclaration(“wsu”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
//用户名子项
Name tUsernameElementName=tsoapendevelope.createName(cNODE_用户名,cWSSE,cURL);
SOAPElement-tUsernameElement=tUserTokenElement.addChildElement(tUsernameElementName);
tUsernameElement.removeNamespaceDeclaration(cWSSE);
tUsernameElement.addTextNode(iUsername);
//密码子项
名称tPasswordElementName=tsoapendevelope.createName(cNODE_密码,cwse,cURL);
SOAPElement tPasswordElement=tUserTokenElement.addChildElement(tPasswordElementName);
tPasswordElement.removeNamespaceDeclaration(cWSSE);
tPasswordElement.addTextNode(iPassword);
tPasswordElement.setAttribute(“类型”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
}捕获(SOAPE例外){
如果(cTRACE.Islogable(严重级别)){
cTRACE.logp(严重等级,
WssHandler.class.getName(),
“handleMessage”,“无法添加WSS凭据”,e);
}
//停止处理
返回false;
}
//继续处理
返回true;
}
@凌驾
公共布尔handleFault(SOAPMessageContext上下文){
返回true;
}
@凌驾
公共无效关闭(MessageContext上下文){
//无事可做
}
@凌驾
公共集getHeaders(){
返回null;
}
}
public class WssHandler implements SOAPHandler<SOAPMessageContext> {
private static final Logger cTRACE = Logger.getLogger(WssHandler.class.getName());
// SOAP
private static final String cWSSE = "wsse";
private static final String cURL = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
private static final String cNODE_SECURITY = "Security";
private static final String cNODE_USRTOKEN = "UsernameToken";
private static final String cNODE_USERNAME = "Username";
private static final String cNODE_PASSWORD = "Password";
private String iUsername;
private String iPassword;
/**
* Constructor for SOAP handler with specific wss credentials.
* @param aUsername wss username
* @param aPassword wss password
*/
public WssHandler(String username, String passwd) {
super();
iUsername = username;
iPassword = passwd;
}
@Override
public boolean handleMessage(SOAPMessageContext context) {
if (cTRACE.isLoggable(Level.FINEST)) {
cTRACE.logp(Level.FINEST,
WssHandler.class.getName(),
"handleMessage", "add WSS credentials for user "+iUsername);
}
try {
SOAPMessage tMessage = context.getMessage();
SOAPEnvelope tSoapEnvelope = tMessage.getSOAPPart().getEnvelope();
// header
SOAPHeader tHeader = tSoapEnvelope.getHeader();
if (tHeader==null) {
// no header yet, create one
tHeader = tSoapEnvelope.addHeader();
}
// security node
Name tWsseHeaderName = tSoapEnvelope.createName(cNODE_SECURITY, cWSSE, cURL);
SOAPHeaderElement tSecurityElement = tHeader.addHeaderElement(tWsseHeaderName);
tSecurityElement.setMustUnderstand(true);
Name tUserTokenElementName = tSoapEnvelope.createName(cNODE_USRTOKEN, cWSSE, cURL);
SOAPElement tUserTokenElement = tSecurityElement.addChildElement(tUserTokenElementName);
tUserTokenElement.removeNamespaceDeclaration(cWSSE);
tUserTokenElement.addNamespaceDeclaration("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
// user name child
Name tUsernameElementName = tSoapEnvelope.createName(cNODE_USERNAME, cWSSE, cURL);
SOAPElement tUsernameElement = tUserTokenElement.addChildElement(tUsernameElementName);
tUsernameElement.removeNamespaceDeclaration(cWSSE);
tUsernameElement.addTextNode(iUsername);
// password child
Name tPasswordElementName = tSoapEnvelope.createName(cNODE_PASSWORD, cWSSE, cURL);
SOAPElement tPasswordElement = tUserTokenElement.addChildElement(tPasswordElementName);
tPasswordElement.removeNamespaceDeclaration(cWSSE);
tPasswordElement.addTextNode(iPassword);
tPasswordElement.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
} catch (SOAPException e) {
if (cTRACE.isLoggable(Level.SEVERE)) {
cTRACE.logp(Level.SEVERE,
WssHandler.class.getName(),
"handleMessage", "Unable to add WSS credentials", e);
}
// stop processing
return false;
}
// continue processing
return true;
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return true;
}
@Override
public void close(MessageContext context) {
// nothing to do
}
@Override
public Set<QName> getHeaders() {
return null;
}
}
公共类WssHandler实现SOAPHandler{
私有静态最终记录器cTRACE=Logger.getLogger(WssHandler.class.getName());
//肥皂
私有静态最终字符串cwse=“wsse”;
私有静态最终字符串cURL=”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
私有静态最终字符串cNODE_SECURITY=“SECURITY”;
私有静态最终字符串cNODE_USRTOKEN=“UsernameToken”;
私有静态最终字符串cNODE_USERNAME=“USERNAME”;
私有静态最终字符串cNODE_PASSWORD=“PASSWORD”;
私有字符串iUsername;
私有字符串iPassword;
/**
*具有特定wss凭据的SOAP处理程序的构造函数。
*@param aUsername wss username
*@param aPassword wss密码
*/
公众的