堆栈内存溢出
  简体   繁体   English

Axis2:无法使用Rampart模块

[英]Axis2 : Unable to engage Rampart module

 原文  2013-04-30 08:24:12       java/ web-services/ axis2/ ws-security/ rampart

问题描述

I am getting the following error while trying to implement WS-Security using Rampart in Axis2. 尝试在Axis2中使用Rampart实现WS-Security时,我收到以下错误。 

org.apache.axis2.AxisFault: Unable to engage module : rampart
at org.apache.axis2.client.ServiceClient.engageModule(ServiceClient.java:358)

I am using axis in embedded mode (inside my ear). 我在嵌入模式下使用轴(在我耳中)。 Service is working fine without the security implementation. 没有安全实现,服务正常工作。 I have included the policy in services.xml and also in the WSDL. 我已将该策略包含在services.xml中以及WSDL中。 Using Jboss and JDK6 Please find the files below. 使用Jboss和JDK6请查看下面的文件。

Axis2.xml Axis2.xml 

<wsdl:definitions xmlns:ns1="http://org.apache.axis2/xsd" xmlns:ns="http://service" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" targetNamespace="http://service">
<wsdl:types>
<xs:schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://service">
<xs:element name="echo">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" name="args0" nillable="true" type="xs:string"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="echoResponse">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" name="return" nillable="true" type="xs:string"/>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:schema>
</wsdl:types>
<wsdl:message name="echoRequest">
<wsdl:part name="parameters" element="ns:echo"></wsdl:part>
</wsdl:message>
<wsdl:message name="echoResponse">
<wsdl:part name="parameters" element="ns:echoResponse"></wsdl:part>
</wsdl:message>
<wsdl:portType name="SimpleServicePortType">
<wsdl:operation name="echo">
<wsdl:input message="ns:echoRequest" wsaw:Action="urn:echo"></wsdl:input>
<wsdl:output message="ns:echoResponse" wsaw:Action="urn:echoResponse"></wsdl:output>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="SimpleServiceSoap11Binding" type="ns:SimpleServicePortType">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="echo">
<soap:operation soapAction="urn:echo" style="document"/>
<wsdl:input>
<soap:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:binding name="SimpleServiceSoap12Binding" type="ns:SimpleServicePortType">
<soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="echo">
<soap12:operation soapAction="urn:echo" style="document"/>
<wsdl:input>
<soap12:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap12:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:binding name="SimpleServiceHttpBinding" type="ns:SimpleServicePortType">
<http:binding verb="POST"/>
<wsdl:operation name="echo">
<http:operation location="SimpleService/echo"/>
<wsdl:input>
<mime:content part="echo" type="text/xml"/>
</wsdl:input>
<wsdl:output>
<mime:content part="echo" type="text/xml"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="SimpleService">
<wsdl:port name="SimpleServiceHttpEndpoint" binding="ns:SimpleServiceHttpBinding">
<http:address location="http://sbswsvm1426:9091/axis2/services/SimpleService.SimpleServiceHttpEndpoint/"/>
</wsdl:port>
<wsdl:port name="SimpleServiceHttpSoap11Endpoint" binding="ns:SimpleServiceSoap11Binding">
<soap:address location="http://sbswsvm1426:9091/axis2/services/SimpleService.SimpleServiceHttpSoap11Endpoint/"/>
</wsdl:port>
<wsdl:port name="SimpleServiceHttpSoap12Endpoint" binding="ns:SimpleServiceSoap12Binding">
<soap12:address location="http://sbswsvm1426:9091/axis2/services/SimpleService.SimpleServiceHttpSoap12Endpoint/"/>
</wsdl:port>
</wsdl:service>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SigOnly">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:TripleDesRsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</sp:Policy>
</sp:Wss10>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsdl:definitions>

Services.XML 的services.xml 

<?xml version="1.0" encoding="UTF-8"?>
<!-- This file was auto-generated from WSDL -->
<!-- by the Apache Axis2 version: 1.5.6  Built on : Aug 30, 2011 (10:00:16 CEST) -->
<serviceGroup>
    <service name="SimpleService">
        <messageReceivers>
            <messageReceiver mep="http://www.w3.org/ns/wsdl/in-out" class="service.SimpleServiceMessageReceiverInOut"/>
        </messageReceivers>
        <parameter name="ServiceClass">service.SimpleServiceSkeleton</parameter>
        <parameter name="useOriginalwsdl">true</parameter>
        <parameter name="modifyUserWSDLPortAddress">true</parameter>
        <operation name="echo" mep="http://www.w3.org/ns/wsdl/in-out" namespace="http://service">
            <actionMapping>urn:echo</actionMapping>
            <outputActionMapping>urn:echoResponse</outputActionMapping>
        </operation>
    <module ref="rampart"/>
    <module ref="addressing"/>

    <wsp:Policy wsu:Id="SigOnly"
                xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
                xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
        <wsp:ExactlyOne>
            <wsp:All>
                <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <wsp:Policy>
                        <sp:InitiatorToken>
                            <wsp:Policy>
                                <sp:X509Token
                                        sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                                    <wsp:Policy>
                                        <sp:RequireThumbprintReference/>
                                        <sp:WssX509V3Token10/>
                                    </wsp:Policy>
                                </sp:X509Token>
                            </wsp:Policy>
                        </sp:InitiatorToken>
                        <sp:RecipientToken>
                            <wsp:Policy>
                                <sp:X509Token
                                        sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
                                    <wsp:Policy>
                                        <sp:RequireThumbprintReference/>
                                        <sp:WssX509V3Token10/>
                                    </wsp:Policy>
                                </sp:X509Token>
                            </wsp:Policy>
                        </sp:RecipientToken>
                        <sp:AlgorithmSuite>
                            <wsp:Policy>
                                <sp:TripleDesRsa15/>
                            </wsp:Policy>
                        </sp:AlgorithmSuite>
                        <sp:Layout>
                            <wsp:Policy>
                                <sp:Strict/>
                            </wsp:Policy>
                        </sp:Layout>
                        <sp:IncludeTimestamp/>
                        <sp:OnlySignEntireHeadersAndBody/>
                    </wsp:Policy>
                </sp:AsymmetricBinding>
                <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <wsp:Policy>
                        <sp:MustSupportRefKeyIdentifier/>
                        <sp:MustSupportRefIssuerSerial/>
                    </wsp:Policy>
                </sp:Wss10>
                <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <sp:Body/>
                </sp:SignedParts>

                <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
                    <ramp:user>service</ramp:user>
                    <ramp:encryptionUser>client</ramp:encryptionUser>
                    <ramp:passwordCallbackClass>service.PWCBHandler
                    </ramp:passwordCallbackClass>

                    <ramp:signatureCrypto>
                        <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
                            <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
                            <ramp:property name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property>
                            <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache
                            </ramp:property>
                        </ramp:crypto>
                    </ramp:signatureCrypto>
                </ramp:RampartConfig>

            </wsp:All>
        </wsp:ExactlyOne>
    </wsp:Policy>
    </service>
</serviceGroup>

Client Stub 客户端存根 

SimpleServiceStub stub = new SimpleServiceStub("http://sbswsvm1426:9091/axis2/services/SimpleService?wsdl");
            stub._getServiceClient().engageModule("rampart");
            stub._getServiceClient().engageModule("addressing");
            Options options = stub._getServiceClient().getOptions();
            options.setUserName("apache");
            options.setPassword("password");
            Echo oSreq=new Echo();
            oSreq.setArgs0("Echoed!!");


            EchoResponse response = stub.echo(oSreq);
            System.out.println(response.get_return());

2 个解决方案

解决方案1
 8 已采纳  2014-04-16 04:57:36

Try following. 试试以下。 You have to give the path of the client repository. 您必须提供客户端存储库的路径。 In the repository folder there has to be a folder named 'modules' and the rampart mar should be inside this folder. 在存储库文件夹中,必须有一个名为“modules”的文件夹,而rampart mar应位于此文件夹中。 

ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("path/to/client/repo", null);
SimpleServiceStub stub = new SimpleServiceStub(ctx, "http://sbswsvm1426ou:9091/axis2/services/SimpleService?wsdl");

I think you will get a new error message again. 我想你会再次收到一条新的错误消息。 Something like "PKIX path building failed". 像“PKIX路径构建失败”之类的东西。 If you get that you need to add the server certificate to your keystore and need to import it. 如果你得到了,你需要将服务器证书添加到你的密钥库并需要导入它。 You can do it like this 你可以这样做 

 System.setProperty("javax.net.ssl.trustStore", "/path/to/server.jks");
 System.setProperty("javax.net.ssl.trustStorePassword", "password");

You can read more on this here. 你可以在这里阅读更多相关内容。 http://wso2.com/library/3190/ http://wso2.com/library/3190/

解决方案2
 0  2013-07-15 08:25:24

您必须将rampart.mar部署到modules目录下的客户端存储库。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 引起:org.apache.axis2.AxisFault:无法参与模块:城墙 - Caused by: org.apache.axis2.AxisFault: Unable to engage module : rampart 无法将Rampart部署到Axis2中 - Unable to deploying Rampart into Axis2 java Axis clint side错误无法参与模块城墙 - java Axis clint side Error unable to engage modules rampart 无法使用城墙模块。 WSO2 IS示例客户端 - Unable to engage rampart module. WSO2 IS example client 无法在Axis2客户端项目中加载Rampart模块 - Cannot load Rampart module within Axis2 client project Axis2 Rampart:rampart配置中没有用户值 - Axis2 Rampart: No user value in the rampart configuratio 轴错误无法进行模块寻址 - Axis Error unable to engage module addressing Apache Axis2 / Rampart + Maven - Apache Axis2/Rampart + Maven org.apache.axis2.AxisFault:系统正在尝试使用一个不可用的模块: - org.apache.axis2.AxisFault: The system is attempting to engage a module that is not available: rampart 签名签名的Axis2 / rampart加密问题 - Axis2/rampart cryptography problem with signaturePropFile
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM