保险丝WS-Trust服务忽略保护
[英]Fuse WS-Trust service ignores protection
问题描述
I'm trying to develop a fuse CXF service protected by the WS-Trust "IssuedToken" policy, as explained in the official docs for the Security Token Service. 
我正在尝试开发受WS-Trust“ IssuedToken”策略保护的融合CXF服务,如“安全性令牌服务”的官方文档中所述。 I did everything as explained in the docs, cross-checking with some of the fuse and CXF official examples. 我按照文档中的说明做了所有工作,并与一些保险丝和CXF官方示例进行了交叉核对。
All seems to be working fine, but when I call the service with SoapUI and no token, instead of receiving an error (because of the missing token) the call goes through and returns the result, as if no protection was implemented at all. 一切似乎都工作正常,但是当我使用SoapUI并且没有令牌调用该服务时,不会收到错误(由于缺少令牌),而是继续执行并返回结果,好像根本没有实现保护。
I tried running the same code in "standalone mode" (outside fuse) as done in the CXF "sts" example, and the protection works. 我尝试在“独立模式”(外部保险丝)中运行相同的代码,就像在CXF“ sts”示例中所做的那样,并且保护有效。 Of course in this case I used a different pom file and one more class (Server.java) plus a spring file (wssec-server.xml) to bootstrap the service, but everything else is the same. 当然,在这种情况下,我使用了一个不同的pom文件和另一个类(Server.java)以及一个spring文件(wssec-server.xml)来引导服务,但是其他所有操作都是相同的。
So what could be preventing the security setup to work in fuse? 那么,什么会阻止安全设置在保险丝中工作呢?
Fuse version: 6.2.1.084 on Ubuntu 14.04.5 LTS 保险丝版本:Ubuntu 14.04.5 LTS上的6.2.1.084
Sources follow. 消息来源如下。 Keep in mind that the whole attempt is a collage from the many examples which I don't fully understand yet, so some instructions might be misplaced here. 请记住,整个尝试只是我尚不完全了解的许多示例的拼贴画,因此某些说明可能会在此处放错地方。
pom.xml pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>rst-abc</groupId>
<artifactId>mock-fuse-service-secure-b</artifactId>
<version>2</version>
<packaging>bundle</packaging>
<name>MockFuseServiceSecureB</name>
<repositories>
<repository>
<id>fuse-public-repository</id>
<name>FuseSource Community Release Repository</name>
<url>https://repo.fusesource.com/nexus/content/groups/public</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
</releases>
</repository>
<repository>
<id>fusesource.ea</id>
<name>JBoss Community Early Access Release Repository</name>
<url>https://repo.fusesource.com/nexus/content/groups/ea</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
</releases>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>fuse-public-repository</id>
<name>FuseSource Community Release Repository</name>
<url>https://repo.fusesource.com/nexus/content/groups/public</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
</releases>
</pluginRepository>
</pluginRepositories>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.target>1.7</maven.compiler.target>
<maven.compiler.source>1.7</maven.compiler.source>
<cxf-version>3.0.4.redhat-621084</cxf-version>
<version.maven-surefire-plugin>2.15</version.maven-surefire-plugin>
<version.maven-bundle-plugin>2.3.7</version.maven-bundle-plugin>
<skipTests>true</skipTests>
<!-- the version of the BOM, defining all the dependency versions -->
<fabric.version>1.2.0-SNAPSHOT</fabric.version>
<!-- fabric8 deploy profile configuration -->
<fabric8.profile>quickstarts-cxf-soap</fabric8.profile>
<fabric8.parentProfiles>feature-cxf</fabric8.parentProfiles>
<fabric8.features>fabric-cxf cxf-jaxws</fabric8.features>
<!-- the version of the JBoss Fuse BOM, defining all the dependency versions -->
<jboss.fuse.bom.version>6.2.1.redhat-084</jboss.fuse.bom.version>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.jboss.fuse.bom</groupId>
<artifactId>jboss-fuse-parent</artifactId>
<version>${jboss.fuse.bom.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-policy</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
</dependencies>
<build>
<finalName>shared</finalName>
<plugins>
<!-- Skip Test by default and enable them only in Test profile -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>${version.maven-surefire-plugin}</version>
<configuration>
<skipTests>true</skipTests>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<version>${version.maven-bundle-plugin}</version>
<extensions>true</extensions>
<configuration>
<instructions>
<Import-Package>
javax.jws,
javax.xml.bind,
javax.xml.bind.annotation,
javax.xml.namespace, javax.xml.ws,
javax.wsdl,
org.osgi.service.blueprint,
io.fabric8.cxf.endpoint,
javax.security.auth.callback,
org.apache.cxf.interceptor.security,
org.apache.cxf.transport.http,
io.fabric8.cxf,
org.apache.cxf, org.apache.cxf.endpoint, org.apache.cxf.frontend, org.apache.cxf.interceptor,
org.apache.cxf.jaxws, org.apache.cxf.message, org.apache.cxf.phase
</Import-Package>
<Import-Service>org.apache.aries.blueprint.NamespaceHandler;
osgi.service.blueprint.namespace=http://cxf.apache.org/transports/http/configuration
</Import-Service>
<Export-Package>it.rst.abc</Export-Package>
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-codegen-plugin</artifactId>
<version>3.0.4.redhat-621084</version>
<executions>
<execution>
<id>generate-sources</id>
<phase>generate-sources</phase>
<configuration>
<sourceRoot>target/generated/src/main/java</sourceRoot>
<wsdlOptions>
<wsdlOption>
<wsdl>src/main/resources/wsdl/hello_world.wsdl</wsdl>
<wsdlLocation>classpath:wsdl/hello_world.wsdl</wsdlLocation>
<frontEnd>jaxws21</frontEnd>
<extraargs>
<extraarg>-impl</extraarg>
</extraargs>
</wsdlOption>
</wsdlOptions>
<additionalJvmArgs>-Djavax.xml.accessExternalSchema=jar:file,file</additionalJvmArgs>
</configuration>
<goals>
<goal>wsdl2java</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>io.fabric8</groupId>
<artifactId>fabric8-maven-plugin</artifactId>
<version>1.2.0.redhat-621084</version>
</plugin>
</plugins>
</build>
</project>
hello_world.wsdl hello_world.wsdl
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:tns="http://abc.rst.it/hello_world"
xmlns:x1="http://abc.rst.it/hello_world/types"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wsaw="http://www.w3.org/2005/08/addressing"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
name="HelloWorld"
targetNamespace="http://abc.rst.it/hello_world">
<wsdl:types>
<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://abc.rst.it/hello_world/types" targetNamespace="http://abc.rst.it/hello_world/types" elementFormDefault="qualified">
<simpleType name="MyStringType">
<restriction base="string">
<maxLength value="30"/>
</restriction>
</simpleType>
<element name="greetMe">
<complexType>
<sequence>
<element name="requestType" type="tns:MyStringType"/>
</sequence>
</complexType>
</element>
<element name="greetMeResponse">
<complexType>
<sequence>
<element name="responseType" type="string"/>
</sequence>
</complexType>
</element>
</schema>
</wsdl:types>
<wsdl:message name="greetMeRequest">
<wsdl:part element="x1:greetMe" name="in"/>
</wsdl:message>
<wsdl:message name="greetMeResponse">
<wsdl:part element="x1:greetMeResponse" name="out"/>
</wsdl:message>
<wsdl:portType name="Greeter">
<wsdl:operation name="greetMe">
<wsdl:input message="tns:greetMeRequest" name="greetMeRequest"/>
<wsdl:output message="tns:greetMeResponse" name="greetMeResponse"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="Greeter_SOAPBinding" type="tns:Greeter">
<wsp:PolicyReference URI="#AsymmetricSAML2Policy"/>
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="greetMe">
<soap:operation soapAction="" style="document"/>
<wsdl:input name="greetMeRequest">
<soap:body use="literal"/>
<wsp:PolicyReference URI="#Input_Policy"/>
</wsdl:input>
<wsdl:output name="greetMeResponse">
<soap:body use="literal"/>
<wsp:PolicyReference URI="#Output_Policy"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="MockSecureService">
<wsdl:port binding="tns:Greeter_SOAPBinding" name="MockPort">
<soap:address location="http://0.0.0.0:9001/cxf/HelloWorldSecure"/>
</wsdl:port>
</wsdl:service>
<wsp:Policy wsu:Id="AsymmetricSAML2Policy">
<wsp:ExactlyOne>
<wsp:All>
<wsam:Addressing wsp:Optional="false">
<wsp:Policy/>
</wsam:Addressing>
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:IssuedToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<sp:RequestSecurityTokenTemplate>
<t:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</t:TokenType>
<t:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</t:KeyType>
</sp:RequestSecurityTokenTemplate>
<wsp:Policy>
<sp:RequireInternalReference/>
</wsp:Policy>
<sp:Issuer>
<wsaw:Address>http://localhost:8080/SecurityTokenService/
</wsaw:Address>
</sp:Issuer>
</sp:IssuedToken>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
<sp:RequireIssuerSerialReference/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss11>
<wsp:Policy>
<sp:MustSupportRefIssuerSerial/>
<sp:MustSupportRefThumbprint/>
<sp:MustSupportRefEncryptedKey/>
</wsp:Policy>
</sp:Wss11>
<sp:Trust13>
<wsp:Policy>
<sp:MustSupportIssuedTokens/>
<sp:RequireClientEntropy/>
<sp:RequireServerEntropy/>
</wsp:Policy>
</sp:Trust13>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="Input_Policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body/>
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body/>
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="Output_Policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body/>
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body/>
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsdl:definitions>
blueprint.xml blueprint.xml
<?xml version="1.0" encoding="UTF-8"?>
<blueprint
xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/blueprint/jaxws"
xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
http://cxf.apache.org/blueprint/jaxws http://cxf.apache.org/schemas/blueprint/jaxws.xsd">
<jaxws:endpoint
xmlns:s="http://abc.rst.it/hello_world"
id="server"
implementor="it.rst.abc.GreeterImpl"
endpointName="s:MockPort"
serviceName="s:MockSecureService"
wsdlLocation="classpath:wsdl/hello_world.wsdl"
address="http://0.0.0.0:9001/cxf/HelloWorldSecure">
<jaxws:properties>
<entry key="ws-security.username" value="myservicekey"/>
<entry key="ws-security.password" value="skpass"/>
<entry key="ws-security.signature.properties" value="serviceKeystore.properties"/>
<entry key="ws-security.encryption.properties" value="serviceKeystore.properties"/>
<entry key="ws-security.signature.username" value="myservicekey"/>
</jaxws:properties>
</jaxws:endpoint>
</blueprint>
serviceKeystore.properties serviceKeystore.properties
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=sspass
org.apache.ws.security.crypto.merlin.keystore.alias=myservicekey
org.apache.ws.security.crypto.merlin.keystore.file=keys/servicestore.jks
GreeterImpl.java GreeterImpl.java
package it.rst.abc;
import it.rst.abc.hello_world.Greeter;
import java.util.logging.Logger;
@javax.jws.WebService(name = "Greeter", serviceName = "MockSecureService",
targetNamespace = "http://abc.rst.it/hello_world",
wsdlLocation = "classpath:wsdl/hello_world.wsdl")
public class GreeterImpl implements Greeter {
private static final Logger LOG =
Logger.getLogger(GreeterImpl.class.getPackage().getName());
public String greetMe(String me) {
LOG.info("Executing operation greetMe");
System.out.println("Executing operation greetMe");
System.out.println("Message received: " + me + "\n");
return "Hello " + me;
}
}
For the "standalone" example (which works as expected) I used the following (I removed some characters to keep this post within the SO limit): 对于“独立”示例(按预期工作),我使用以下命令(删除了一些字符以使该帖子保持在SO限制内):
pom-standalone.xml pom-standalone.xml
<?xml ... ?>
<project xmlns=...>
<modelVersion...
<properties>
<cxf.version>${project.version}</cxf.version>
</properties>
<build>
<plugins>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.6</source>
<target>1.6</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-codegen-plugin</artifactId>
<version>${project.version}</version>
<executions>
<execution>
<id>generate-sources</id>
<phase>generate-sources</phase>
<configuration>
<wsdlOptions>
<wsdlOption>
<wsdl>src/main/resources/wsdl/hello_world.wsdl</wsdl>
<frontEnd>jaxws21</frontEnd>
</wsdlOption>
</wsdlOptions>
</configuration>
<goals>
<goal>wsdl2java</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>server</id>
<build>
<defaultGoal>test</defaultGoal>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<executions>
<execution>
<phase>test</phase>
<goals>
<goal>java</goal>
</goals>
<configuration>
<mainClass>demo.wssec.server.Server</mainClass>
<arguments>
<argument>${basedir}/src/main/resources/wssec-server.xml</argument>
</arguments>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
<dependencies>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http-jetty</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-policy</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>3.2.14.RELEASE</version>
<exclusions>
<exclusion>
<artifactId>log4j</artifactId>
<groupId>log4j</groupId>
</exclusion>
<exclusion>
<artifactId>servlet-api</artifactId>
<groupId>javax.servlet</groupId>
</exclusion>
<exclusion>
<artifactId>logkit</artifactId>
<groupId>logkit</groupId>
</exclusion>
<exclusion>
<artifactId>avalon-framework</artifactId>
<groupId>avalon-framework</groupId>
</exclusion>
<exclusion>
<artifactId>commons-logging</artifactId>
<groupId>commons-logging</groupId>
</exclusion>
</exclusions>
</dependency>
...other log4j dependencies here...
</dependencies>
</project>
Server.java 服务器.java
package demo.wssec.server;
import java.io.File;
import java.net.URL;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
public class Server {
protected Server(URL busURL) throws Exception {
SpringBusFactory bf = new SpringBusFactory();
Bus bus = bf.createBus(busURL.toString());
BusFactory.setDefaultBus(bus);
}
public static void main(String args[]) throws Exception {
URL busURL;
File busFile = new File(args[0]);
if (busFile.exists()) {
busURL = busFile.toURI().toURL();
} else {
busURL = new URL(args[0]);
}
new Server(busURL);
System.out.println("Server ready...");
Thread.sleep(5 * 60 * 1000);
}
}
wssec-server.xml wssec-server.xml
<?xml ... ?>
<beans xmlns=...>
<cxf:bus>
<cxf:features>
<cxf:logging/>
</cxf:features>
</cxf:bus>
<jaxws:endpoint
xmlns:s="http://abc.rst.it/hello_world"
id="server"
implementor="it.rst.abc.GreeterImpl"
endpointName="s:MockPort"
serviceName="s:MockSecureService"
wsdlLocation="classpath:wsdl/hello_world.wsdl"
address="http://0.0.0.0:9001/SoapcxContext/HelloWorldSecure">
<jaxws:properties>
<entry key="ws-security.signature.username" value="myservicekey"/>
<entry key="ws-security.username" value="myservicekey"/>
<entry key="ws-security.password" value="skpass"/>
<entry key="ws-security.signature.properties" value="serviceKeystore.properties"/>
<entry key="ws-security.encryption.properties" value="serviceKeystore.properties"/>
</jaxws:properties>
</jaxws:endpoint>
</beans>
The server is then started with 然后启动服务器
mvn -f pom-standalone.xml -Pserver
and when I connect with SoapUI I get the following (expected) error: 当我与SoapUI连接时,出现以下(预期)错误:
MessageAddressingHeaderRequired: A required header representing a Message Addressing Property is not present
1 个解决方案
解决方案1
0 已采纳 2016-11-16 13:15:40
The code is correct. 代码正确。 What is missing is the proper configuration of karaf. 缺少的是karaf的正确配置。 By issuing a 通过发出
features:list | grep cxf-ws-security
you can check if the feature is installed. 您可以检查该功能是否已安装。 To install it, just type 要安装它,只需键入
features:install cxf-ws-security
I found the solution in the README.md of the cxf/secure-soap fuse quickstart. 我在cxf / secure-soap保险丝快速入门的README.md中找到了解决方案。 The whole fuse cxf security guide doesn't mention it! 整个保险丝cxf安全指南均未提及! Also, it's quite weird that a protected service works unprotected when its protection library is missing, with no messages in the log whatsoever. 同样,很奇怪的是,当缺少保护库时,受保护的服务会在不受保护的情况下不受保护地工作,日志中没有任何消息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
CXF WS-Trust服务证书配置 - CXF WS-Trust service certificate configuration
通过代码为STS / WS-Trust配置CXF - Configure CXF for STS/WS-Trust by code
picketlink-sts ws-trust必须了解标头 - picketlink-sts ws-trust mustunderstand header
更改保险丝OSGI中用于Web服务的默认地址 - Changing default address in fuse osgi for web service
在jboss fuse中使用cxf的web服务端点 - web service endpoint using cxf in jboss fuse
使用 LDAP 用户的基本身份验证在 Fuse 中保护 CXF 服务 - Protect CXF Service in Fuse with Basic Authentication on LDAP Users
在CXF Web服务中检索WS请求 - Retrieve WS request in CXF Web service
运行CXF JAX WS服务时出现问题 - Issue running CXF JAX WS Service
在JAX-WS服务中未检测到Spring Bean - Spring beans are not detected in JAX-WS service
WSDL在JAX-WS Web服务中不可用 - WSDL not available in JAX-WS Web Service
相关标签