如何将SOAP安全头(UsernameToken)信息添加到代码优先的Webservice生成的WSDL中
[英]How to add SOAP Security Header (UsernameToken) information to code-first Webservice Generated WSDL
问题描述
I'm developing a code-first WebService with Apache CXF + Spring. 
我正在使用Apache CXF + Spring开发代码优先的WebService。 My web service expects the UsernameToken to be present in SOAP request header in order to authenticate the calling client. 我的Web服务期望UsernameToken存在于SOAP请求标头中,以便对调用客户端进行身份验证。 My question is, is there any way to add SOAP security header (UsernameToken) definition somewhere in the Java code or configuration file, so the generated WSDL will have the security (UsernameToken) included? 我的问题是,有没有办法在Java代码或配置文件中的某处添加SOAP安全头(UsernameToken)定义,因此生成的WSDL将包含安全性(UsernameToken)? Please advice. 请指教。
Many thanks :) 非常感谢 :)
1 个解决方案
解决方案1
3 已采纳 2013-11-01 11:58:51
Information about required tokens can be published in WSDL using WS-Policies. 可以使用WS-Policies在WSDL中发布有关所需令牌的信息。 For username token I use the following policy: 对于用户名令牌,我使用以下策略:
<wsp:Policy wsu:Id="UP_policy" xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<sp:SupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken11 />
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>
It requires UT only for request message ( AlwaysToRecipient ). 它仅需要UT用于请求消息( AlwaysToRecipient )。 To include such policy in your generated WSDL: 要在生成的WSDL中包含此类策略:
- save it to file available in classpath, eg
ut.policy.xml将其保存到类路径中可用的文件,例如ut.policy.xml - add
@Policies({ @Policy(uri = "ut.policy.xml") })annotations to your service class or interface将@Policies({ @Policy(uri = "ut.policy.xml") })注释添加到服务类或接口
I modified example CXF project. 我修改了示例CXF项目。 It shows how to do that. 它显示了如何做到这一点。 You can find it here . 你可以在这里找到它。
As a result your WSDL will have appropriate instance of WS-SecurityPolicy attached, telling clients that Username token is expected: 因此,您的WSDL将附加适当的WS-SecurityPolicy实例,告诉客户端需要Username令牌:
<wsdl:definitions ...>
...
<wsdl:service name="GreeterService">
<wsdl:port binding="tns:GreeterServiceSoapBinding" name="GreeterPort">
<soap:address location="http://localhost:9000/SoapContext/GreeterPort"/>
</wsdl:port>
<wsp:PolicyReference URI="#UP_policy"/>
</wsdl:service>
<wsp:Policy xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://www.w3.org/ns/ws-policy" wsu:Id="UP_policy">
<sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken11/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>
</wsdl:definitions>
More about configuring WS-SecurityPolicy with CXF can be found here and how to handle any WS-Policy here . 更多关于CXF配置WS-安全策略,可以发现在这里 ,以及如何处理任何的WS-Policy 这里 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.