带有PingFederate的WS-STS,用于使用Axis 1.7.2构建的Web服务
[英]WS-STS with PingFederate for webservices built using Axis 1.7.2
问题描述
I have a war which publishes webservices. 
我有一场发布网络服务的战争。 Webservices are built and deployed using Axis 1.7.2. Web服务是使用Axis 1.7.2构建和部署的。 I have developed the code where in the webservices can be protected using WS-STS. 我已经开发了可以使用WS-STS保护Web服务中的代码。 This works with WSO2 Identity Server's Secure Token Server. 这可以与WSO2 Identity Server的安全令牌服务器一起使用。
I am facing problems while securing webservices by PingFederate's STS. 我在通过PingFederate的STS保护Web服务时遇到问题。 One of the configuration step is to add the policy in the connecting database. 配置步骤之一是将策略添加到连接数据库中。 The java code will pickup the policy XML and add it to the 'services.xml' for all the webservices. Java代码将提取策略XML,并将其添加到所有Web服务的“ services.xml”中。
I got the WS-Trust policy from the following PingFederate URL : 我从以下PingFederate URL获得了WS-Trust策略:
https://localhost:9031/pf/ws-trust_sts_metadata.ping PartnerSpId=CONNECTIONNAME&type=mex
The policy content looks like this : 政策内容如下:
<wsp:Policy wsu:Id="username">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedEncryptedSupportingTokens>
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedEncryptedSupportingTokens>
<sp:EndorsingSupportingTokens>
<wsp:Policy>
<sp:KeyValueToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never" wsp:Optional="true"/>
<sp:SignedParts>
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
</sp:SignedParts>
</wsp:Policy>
</sp:EndorsingSupportingTokens>
<sp:Wss11>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
<sp:MustSupportRefThumbprint/>
<sp:MustSupportRefEncryptedKey/>
</wsp:Policy>
</sp:Wss11>
<sp:Trust13>
<wsp:Policy>
<sp:MustSupportIssuedTokens/>
<sp:RequireClientEntropy/>
<sp:RequireServerEntropy/>
</wsp:Policy>
</sp:Trust13>
<wsaw:UsingAddressing/>
</wsp:All>
</wsp:ExactlyOne>
The services are failing to deploy with the following exception :
Caused by: com.ctc.wstx.exc.WstxParsingException: Undeclared namespace prefix "wsaw"
at [row,col {unknown-source}]: [58,29]
at com.ctc.wstx.sr.StreamScanner.constructWfcException(StreamScanner.java:606)
at com.ctc.wstx.sr.StreamScanner.throwParseError(StreamScanner.java:479)
at com.ctc.wstx.sr.InputElementStack.resolveAndValidateElement(InputElementStack.java:507)
at com.ctc.wstx.sr.BasicStreamReader.handleStartElem(BasicStreamReader.java:2977)
at com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2837)
at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1072)
at org.apache.axiom.util.stax.wrapper.XMLStreamReaderWrapper.next(XMLStreamReaderWrapper.java:225)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.parserNext(StAXOMBuilder.java:666)
... 62 more
If somebody can point to a STS kit or tutorial for PingFederate, its will be greate help. 如果有人可以指向PingFederate的STS套件或教程,将对您有很大帮助。
1 个解决方案
解决方案1
0 2017-10-31 18:22:04
Since it's just complaining about the namespace, did you try to load the http://www.w3.org/2006/05/addressing/wsdl namespace? 由于它只是在抱怨命名空间,您是否尝试加载http://www.w3.org/2006/05/addressing/wsdl命名空间?
Source: https://www.w3.org/TR/2006/CR-ws-addr-wsdl-20060529/ 资料来源: https : //www.w3.org/TR/2006/CR-ws-addr-wsdl-20060529/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.