[英]How to add security header parameters to SOAP Request in java
Default header is empty and I have to add security header to Soap request as below:默认标头为空,我必须向 Soap 请求添加安全标头,如下所示:
<soapenv:Envelope xmlns:end="http://endpoint.soap.esb.steg.com.tn/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-633D8322A7C327A0D5153295320052614">
<wsse:Username>website</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">7MyXmdbbBuyiHQwGCAY2+NxYRH8=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">sdc+Kcgj/aghCxpUCACCxQ==</wsse:Nonce>
<wsu:Created>2018-07-30T12:20:00.526Z</wsu:Created>
</wsse:UsernameToken></wsse:Security>
</soapenv:Header>
<soapenv:Body>
<end:consultInfoAboBT>
<reference>00095013</reference>
</end:consultInfoAboBT>
</soapenv:Body>
</soapenv:Envelope>
This is my code这是我的代码
request = "<soapenv:Envelope xmlns:soapenv='http://schemas.xmlsoap.org/soap/envelope/' xmlns:end='http://endpoint.soap.esb.steg.com.tn/'>"+ "<soapenv:Header/>"+"<soapenv:Body>" + "<end:consultInfoAboBT>"
+ "<reference>"+reference+"</reference>" + "</end:consultInfoAboBT>" + "</soapenv:Body>"+ "</soapenv:Envelope>";
StringEntity param = new StringEntity(request);
response = json.makeHttpRequestSteg(URLSWSTEG1, "POST", param, message);
Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(new StringReader(response)));
getHeader will return you complete header with usernametoken, You need to pass UserName,Password and created(date and time) in string format. getHeader 将返回带有 usernametoken 的完整标头,您需要以字符串格式传递 UserName、Password 和 created(date and time)。
Like below像下面
request = "<soapenv:Envelope xmlns:soapenv='http://schemas.xmlsoap.org/soap/envelope/' xmlns:end='http://endpoint.soap.esb.steg.com.tn/'>"
+ getHeader("website", "7MyXmdbbBuyiHQwGCAY2+NxYRH8=", "2018-07-30T12:20:00.526Z") +
"<soapenv:Body>" + "<end:consultInfoAboBT>"
+ "<reference>"+reference+"</reference>" + "</end:consultInfoAboBT>" + "</soapenv:Body>"+ "</soapenv:Envelope>";
StringEntity param = new StringEntity(request);
response = json.makeHttpRequestSteg(URLSWSTEG1, "POST", param, message);
Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(new StringReader(response)));
GetHeader() Function which will return Header token. GetHeader() 函数将返回 Header 标记。
public String getHeader(String Username, String Password, String Created)
{
String Nonce;
String authID = "";
String nonceLocal = "";
Random randGen = new Random();
nonceLocal = "" + randGen.nextInt();
authID = nonceLocal + Created + Password;
MessageDigest mDigest = null;
try {
mDigest = MessageDigest.getInstance("SHA1");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
mDigest.reset();
byte[] digestResult = mDigest.digest(authID.getBytes());
Password = Base64.getEncoder().encodeToString(digestResult);
Nonce = Base64.getEncoder().encodeToString(nonceLocal.getBytes());
return "<soapenv:Header>\n" +
"<wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">\n" +
"<wsse:UsernameToken wsu:Id=\"UsernameToken-633D8322A7C327A0D5153295320052614\">\n" +
"<wsse:Username> + Username + </wsse:Username>\n" +
"<wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest\">" + Password + "</wsse:Password>\n" +
"<wsse:Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\">"+Nonce +"</wsse:Nonce>\n" +
"<wsu:Created>" + Created +"</wsu:Created>\n" +
"</wsse:UsernameToken></wsse:Security>\n" +
"</soapenv:Header>";
}
Please refer following example.请参考以下示例。
HeaderHandlerResolver header class : HeaderHandlerResolver头类:
public class HeaderHandlerResolver implements HandlerResolver {
@Override
public List<Handler> getHandlerChain(PortInfo portInfo) {
List handlerChain = new ArrayList();
HeaderHandler hh = new HeaderHandler();
handlerChain.add(hh);
return handlerChain;
}
}
HeaderHandler class : HeaderHandler类:
public class HeaderHandler implements SOAPHandler<SOAPMessageContext> {
public Set<QName> getHeaders() {
return null;
}
public boolean handleMessage(SOAPMessageContext smc) {
Boolean outboundProperty = (Boolean) smc.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
if (outboundProperty.booleanValue()) {
SOAPMessage message = smc.getMessage();
try {
SOAPEnvelope envelope = smc.getMessage().getSOAPPart().getEnvelope();
SOAPHeader header = envelope.getHeader();
if (header == null) {
header = envelope.addHeader();
}
SOAPElement security = header.addChildElement("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
SOAPElement usernameToken = security.addChildElement("UsernameToken", "wsse");
usernameToken.addAttribute(new QName("xmlns:wsu"), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
usernameToken.addAttribute(QName.valueOf("wsu:Id"), "UsernameToken-1");
SOAPElement username = usernameToken.addChildElement("Username", "wsse");
username.addTextNode("username");
SOAPElement password = usernameToken.addChildElement("Password", "wsse");
password.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
password.addTextNode("password");
SOAPFactory soapFactory = SOAPFactory.newInstance();
security.addAttribute(soapFactory.createName("SOAP-ENV:mustUnderstand"), "1");
message.saveChanges();
message.writeTo(System.out);
System.out.println("");
} catch (Exception e) {
e.printStackTrace();
}
} else {
try {
SOAPMessage message = smc.getMessage();
message.writeTo(System.out);
System.out.println("");
} catch (Exception ex) {
ex.printStackTrace();
}
}
return outboundProperty;
}
public boolean handleFault(SOAPMessageContext context) {
return true;
}
public void close(MessageContext context) {
}
}
Implement following under SOAP web service client method.在 SOAP web 服务客户端方法下实现以下。
HeaderHandlerResolver handlerResolver = new HeaderHandlerResolver(); HeaderHandlerResolver handlerResolver = new HeaderHandlerResolver(); service.setHandlerResolver(handlerResolver);
service.setHandlerResolver(handlerResolver);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.