[英]getting exception while invoking a SOAP service on HTTPS with web security
Please help me in resolving this issue. 请帮助我解决此问题。
I'm writing a java SOAP client to hit a SOAP service of some third party that is working on HTPPS & accepts web-security in header. 我正在编写一个Java SOAP客户端来访问正在HTPPS上运行的某些第三方的SOAP服务,并接受标头中的Web安全。 The soap service called-operation in turn returns a class object.
肥皂服务称为-operation,然后返回一个类对象。 I have written a class, while invoking the service, I'm getting below exception.
我编写了一个类,在调用服务时遇到了异常。 I tried to get SOAP Envelop that is sent to the service & executed it with SOAP UI tool & got successful response.
我试图获取发送到服务的SOAP Envelop并使用SOAP UI工具执行它并获得成功的响应。 I'm a bit confused whats wrong as in , when I send SOAP envelop with my JAVA SOAP Client I get below exception while running same SOAP envelop with SOAP UI tool , I get successful response.
我有些困惑,因为当我使用JAVA SOAP客户端发送SOAP信封时,当我使用SOAP UI工具运行相同的SOAP信封时,出现以下异常,我得到了成功的响应。
Exception in thread "main" AxisFault
线程“主” AxisFault中的异常
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}MustUnderstandfaultCode:{http://schemas.xmlsoap.org/soap/envelope/}必须了解
faultSubcode: faultString: Did not understand "MustUnderstand" header(s):faultSubcode:faultString: 无法理解“ MustUnderstand”标头:
faultActor:faultActor:
faultNode:faultNode:
faultDetail:faultDetail:
{http://xml.apache.org/axis/}stackTrace:{http://xml.apache.org/axis/}stackTrace:
at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:96)在org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:96)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)在org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)在org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)在org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:1910)在org.apache.axis.client.Call.invoke(Call.java:1910)
at fibonacci.testing.TestService.main(TestService.java:92)在fibonacci.testing.TestService.main(TestService.java:92)
{http://xml.apache.org/axis/}hostname:localhost
Did not understand "MustUnderstand" header(s):
不了解“ MustUnderstand”标头:
at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:96)在org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:96)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)在org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)在org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)在org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:1910)在org.apache.axis.client.Call.invoke(Call.java:1910)
at fibonacci.testing.TestService.main(TestService.java:92)在fibonacci.testing.TestService.main(TestService.java:92)
i faced this problem and i have solved it in my job... this type of message is set when there is no handler for security on you server.xsdd 我遇到了这个问题,我已经在工作中解决了它。当您的服务器上没有用于安全性的处理程序时,将设置此类型的消息。
in my case the xsdd implementation was built on axis 1.4, using java.rmi and javax.xml.rpc.Service 在我的情况下,xsdd实现是使用java.rmi和javax.xml.rpc.Service在轴1.4上构建的
if that is your case, you will have 2 xsdd one for the server (ns declaration of your service) and a deploy.xsdd for other settings of your call. 如果是这种情况,您将在服务器上使用2个xsdd(服务的ns声明),并在调用的其他设置中使用deploy.xsdd。
first i add to my ns:operation this references to oasis security, after that i added to my service a requestflow 首先,我将其添加到ns:operation中以引用绿洲安全性,之后我将其请求流添加至我的服务
it should be something like this 应该是这样的
<ns1:service name="YOUR SERVICE"> <!-- wss_username_token_over_ssl --> <requestFlow> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="passwordCallbackClass" value=" YOUR PASSWORD HANDLER JAVA PATH LOCATION"/> <parameter name="action" value="UsernameToken"/> </handler> </requestFlow>
<ns1:operation name="YOUR OPERATION NAME"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
.... other declarations ... />
depending of your security levels to create, in your passwordCallbackClassHandler, you must/or not validate the user and the password the handler should be something like this 根据要创建的安全级别,在passwordCallbackClassHandler中,您必须/或者不验证用户和处理程序的密码,该密码应类似于以下内容
public class PWCallback implements CallbackHandler {
公共类PWCallback实现CallbackHandler {
private static final byte[] key = {
(byte)0x31, (byte)0xfd, (byte)0xcb, (byte)0xda,
(byte)0xfb, (byte)0xcd, (byte)0x6b, (byte)0xa8,
(byte)0xe6, (byte)0x19, (byte)0xa7, (byte)0xbf,
(byte)0x51, (byte)0xf7, (byte)0xc7, (byte)0x3e,
(byte)0x80, (byte)0xae, (byte)0x98, (byte)0x51,
(byte)0xc8, (byte)0x51, (byte)0x34, (byte)0x04,
};
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
System.out.println("DENTROOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO");
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
/*
* here call a function/method to lookup the password for
* the given identifier (e.g. a user name or keystore alias)
* e.g.: pc.setPassword(passStore.getPassword(pc.getIdentfifier))
* for testing we supply a fixed name/fixed key here.
*/
if (pc.getUsage() == WSPasswordCallback.KEY_NAME) {
pc.setKey(key);
}
else {
pc.setPassword("security");
}
} else {
throw new UnsupportedCallbackException(
callbacks[i], "Unrecognized Callback");
}
}
}
} }
hope this helps you regards 希望这可以帮助您
You probably have checked the below link discussing the mustUnderstand error specifically in the context of Axis http://wso2.org/library/tutorials/understand-famous-did-not-understand-mustunderstand-header-s-error 您可能已经检查了下面的链接,特别是在Axis的上下文中讨论了mustUnderstand错误:http://wso2.org/library/tutorials/understand-famous-did-not-understand-mustunderstand-header-s-error
Have you confirmed the entire SOAP envelope from your code and the one used by SOAP is the same? 您是否已从代码中确认了整个SOAP信封,并且SOAP使用的信封是相同的? is mustUnderstand set to 1 in both the cases?
在两种情况下都必须将mustUnderstand设置为1吗?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.