Web services SSL上的Web服务出站网关(.cert+;用户/密码)
我正在使用Spring集成,我想知道是否有可能以任何方式保护通过MarshallingWebServiceOutboundGateway生成的输入/输出 我的结构: 请求通道-->网关-->响应通道Web services SSL上的Web服务出站网关(.cert+;用户/密码),web-services,certificate,spring-integration,keystore,ws-security,Web Services,Certificate,Spring Integration,Keystore,Ws Security,我正在使用Spring集成,我想知道是否有可能以任何方式保护通过MarshallingWebServiceOutboundGateway生成的输入/输出 我的结构: 请求通道-->网关-->响应通道 更新III 安全性是HTTPS用户/密码 用证书验证 现在,我简化了我的逻辑。我试图以其他方式配置Wss4jSecurityInterceptor。从Spring WS文档中,我看到了以下示例: <bean id="wsSecurityInterceptor" class="org.sp
更新III
- 安全性是HTTPS用户/密码
- 用证书验证
<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
<property name="securementActions" value="UsernameToken"/>
<property name="securementUsername" value="Ernie"/>
<property name="securementPassword" value="Bert"/>
<property name="validationActions" value="Signature"/>
<property name="validationSignatureCrypto">
<bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
<property name="keyStorePassword" value="123456"/>
<property name="keyStoreLocation" value="classpath:/keystore.jks"/>
</bean>
</property>
</bean>
这很令人沮丧,但我遇到了一个新的错误:
Caused by: java.lang.IllegalArgumentException: validationSignatureCrypto is required
at org.springframework.util.Assert.notNull(Assert.java:112)
at org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor.afterPropertiesSet(Wss4jSecurityInterceptor.java:515)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1625)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1562)
... 58 more
更新II 在第二种方法中,我将配置更改为@Bean方法。此时,我刚刚配置了用户/密码,但未成功,但我需要使用.cert文件连接到服务器
@Bean
public CallbackHandler passwordCallbackHandler(){
SimplePasswordValidationCallbackHandler handler = new SimplePasswordValidationCallbackHandler();
Properties users = new Properties();
users.setProperty("user1", "pass1");
users.setProperty("user2", "pass2");
handler.setUsers(users);
return handler;
}
@Bean
public ClientInterceptor wsSecurityInterceptor(){
XwsSecurityInterceptor xws = new XwsSecurityInterceptor();
xws.setPolicyConfiguration(new ClassPathResource("securityPolicy.xml"));
xws.setCallbackHandlers(new CallbackHandler[]{
passwordCallbackHandler()
});
return xws;
}
My securityPolicy.xml:
<xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
<xwss:RequireUsernameToken passwordDigestRequired="false" nonceRequired="false"/>
</xwss:SecurityConfiguration>
更新I 一、综合:
- spring集成ws
- spring ws-security
@Configuration @EnableWs @EnableIntegration public class ConfigWS { @Bean public MessageHandler wsOutboundGateway() throws Exception { MarshallingWebServiceOutboundGateway gw =new MarshallingWebServiceOutboundGateway(myprovider, jaxb2Marshaller(), jaxb2Marshaller()); gw.setOutputChannelName("responseChannel"); SimplePasswordValidationCallbackHandler spvch = new SimplePasswordValidationCallbackHandler(); Properties users = new Properties(); users.setProperty("user", "pass"); spvch.setUsers( users ); XwsSecurityInterceptor xws = new XwsSecurityInterceptor(); xws.setSecureRequest(true); xws.setSecureResponse(true); xws.setPolicyConfiguration( new ClassPathResource("securityPolicy.xml")); xws.setCallbackHandler( spvch ); gw.setInterceptors( xws ); gw.afterPropertiesSet(); return gw; } .... }
Caused by: java.lang.ClassNotFoundException: com.sun.xml.wss.impl.callback.PasswordValidationCallback$PasswordValidator
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1702)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1547)
... 50 more
- 如何配置securityPolicy.xml以 根据服务器证书进行身份验证
- SimplePasswordValidationCallbackHandler是解决此问题所需的解决方案吗 使用服务器证书?也许我得用别的处理器
- 我的证书提供商给了我一个.cert文件。因此,我产生了 .keystore和Oracle的keytool,但我不知道如何 在我的配置中包括此证书
- Spring集成Web服务模块完全基于。因此,只需跟随它的giudeline如何在上配置WSS
只需将
XwsSecurityInterceptor
或Wss4jSecurityInterceptor
注入即可,谢谢Artem。我试图让它工作,但我做不到。我编辑了我的问题以澄清我的新方案。但如果我只想发送用户/密码并为我的客户安装.cert,我需要和拦截器吗?如何配置此身份验证?
@Configuration
@EnableWs
@EnableIntegration
public class ConfigWS {
@Bean
public MessageHandler wsOutboundGateway() throws Exception {
MarshallingWebServiceOutboundGateway gw =new MarshallingWebServiceOutboundGateway(myprovider,
jaxb2Marshaller(),
jaxb2Marshaller());
gw.setOutputChannelName("responseChannel");
SimplePasswordValidationCallbackHandler spvch = new SimplePasswordValidationCallbackHandler();
Properties users = new Properties();
users.setProperty("user", "pass");
spvch.setUsers( users );
XwsSecurityInterceptor xws = new XwsSecurityInterceptor();
xws.setSecureRequest(true);
xws.setSecureResponse(true);
xws.setPolicyConfiguration( new ClassPathResource("securityPolicy.xml"));
xws.setCallbackHandler( spvch );
gw.setInterceptors( xws );
gw.afterPropertiesSet();
return gw;
}
....
}
Caused by: java.lang.ClassNotFoundException: com.sun.xml.wss.impl.callback.PasswordValidationCallback$PasswordValidator
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1702)
at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1547)
... 50 more