为wsse:UserToken构造SOAP安全标头
[英]Constructing SOAP Security Header for wsse:UserToken
问题描述
I'm trying to manually construct a SOAP request to an Address Validation webservice that requires a SOAP <Security> header to be set. 
我正在尝试手动构造对需要设置SOAP <Security>标头的地址验证Web服务的SOAP请求。 But I can't seem to get it right. 但我似乎无法正确解决。 The technology stack I'm using (Salesforce) necessitates me forming the XML myself. 我正在使用的技术堆栈(Salesforce)需要我自己形成XML。
From the WSDL: 从WSDL:
<s0:Policy s1:Id="derm.service.common.esb.wspolicy.UNT.1">
<wssp:Identity xmlns:wssp="http://www.bea.com/wls90/security/policy">
<wssp:SupportedTokens>
<wssp:SecurityToken TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wssusername-token-profile-1.0#UsernameToken">
<wssp:UsePassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-usernametoken-profile-1.0#PasswordText" />
</wssp:SecurityToken>
</wssp:SupportedTokens>
</wssp:Identity>
</s0:Policy>
Full WSDL: http://pastebin.com/Z5VswYNF 完整的WSDL: http : //pastebin.com/Z5VswYNF
From the documentation linked from the WSDL ( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf ) I retrieved this example: 从WSDL链接的文档( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf )中,我检索了此示例:
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>REDACTED_PLAINTEXT_USERNAME</wsse:Username>
<wsse:Password>REDACTED_PLAINTEXT_PASSWORD</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
Replacing the values with the Username / Password I've been supplied and firing off the sample request from the documentation doesn't work. 用已提供的用户名/密码替换值,并且无法从文档中触发示例请求。
Sample request with Security header: 具有Security标头的示例请求:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soap="information.qld.gov.au/service/Addressing/ValidationService/2/soap">
<soapenv:Header>
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>REDACTED_PLAINTEXT_USERNAME</wsse:Username>
<wsse:Password>REDACTED_PLAINTEXT_PASSWORD</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<soap:ParseValidAddress>
<soap:addressString>867 Main Street Woolloongabba Queensland</soap:addressString>
<soap:postcodeOption>Include</soap:postcodeOption>
<soap:meshblockOption>Exclude</soap:meshblockOption>
</soap:ParseValidAddress>
</soapenv:Body>
</soapenv:Envelope>
Everything I try gets a generic error message 我尝试的所有操作都会收到一般错误消息
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Client</faultcode>
<faultstring>The requested operation was rejected. Please consult with your administrator.Your support ID is: REDACTED_SUPPORT_ID</faultstring>
<detail/>
</soap:Fault>
</soap:Body>
</soap:Envelope>
I've also tried the following from elsewhere on stackexchange: 我还在stackexchange上的其他地方尝试了以下方法:
<wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:SOAP-ENV="SOAP-ENV">
<wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>oneview</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">oneview123</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
What am I doing wrong? 我究竟做错了什么?
1 个解决方案
解决方案1
0 2016-03-11 14:35:26
I am missing the wsse namespace specification in your SOAP message. 我在您的SOAP消息中缺少wsse命名空间规范。 You can find it in the link from your text: "From the documentation linked from the WSDL ( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf )" The value is http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd 您可以在文本链接中找到它:“从WSDL链接的文档中( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile- 1.0.pdf )“的值是http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.