[英]Error with soap requests on tomcat
我有一个简单的SOAP客户端应用程序,可以完美运行。 但是,当我将其代码片段放入其他Web项目(tomcat 8.5)时,它不起作用。 它引发异常:
2017年10月19日11:10:48.019严重[http-nio-8080-exec-10] com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post SAAJ0008:错误的响应; 禁止使用SOAP-серверу:com.sun.xml.messaging.saaj.SOAPExceptionImpl:com.sun.xml.messaging.saaj.SOAPExceptionImpl:错误的响应:(在com.sun.client。上有403。位于ls.common.objects.SOAPMessageSender.callSoapWebService(SOAPMessageSender.java:72)位于ls.webSite.common.servlets.cli_GetMKBClientByIIN.processRequests(cli_GetMKBClientByIIN.java:49)的.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:164)位于commonx.servlets.prototypes.AbstractServlet.doPost(AbstractServlet.java:503)的common.servlets.prototypes.AbstractServlet.processRequest(AbstractServlet.java:369)来自javax.servlet.http.HttpServlet.service(HttpServlet.java:661)在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)在javax.servlet.http.HttpServlet.service(HttpServlet.java:742)在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain .java:166),网址为org.apache.tomcat.websoc 位于org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)的ket.server.WsFilter.doFilter(WsFilter.java:52)位于org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166)在org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)在org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)在org.apache.catalina.authenticator.AuthenticatorBase org.org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)的org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80)的.invoke(AuthenticatorBase.java:java) org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)处的apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)在org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter。 java:342),位于org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799)a t org.apache.tomcat.util.net.NioEndpoint $ SocketProcessor上的org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)在org.apache.coyote.AbstractProtocol $ ConnectionHandler.process(AbstractProtocol.java:868)在org.apache.tomcat.util.net.NioEndpoint $ SocketProcessor Java的org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)的.doRun(NioEndpoint.java:1457),java的java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)的.doRun(NioEndpoint.java:1457) org.apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61)中的util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:624)在java.lang.Thread.run(Thread。 java:748)由以下原因引起:com.sun.xml.messaging.saaj.SOAPExceptionImpl:错误响应:(403在com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:276)处被禁止com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:160)...还有28个
为什么在Web项目上不起作用? 密钥库有问题吗? 这是我的代码示例:
public class InsuranceSOAPMessageCreator {
public static SOAPMessage createSOAPMessageFromXML(String soapActionFull, String sourceXmlFile, Map<String, String> params)
throws IOException, SOAPException {
Path path = Paths.get(sourceXmlFile);
String xml = new String(Files.readAllBytes(path));
MessageFactory mf = MessageFactory.newInstance();
if(params != null){
for(Map.Entry entry : params.entrySet()){
xml = xml.replace("##$[" + entry.getKey().toString() + "]$##", entry.getValue().toString());
}
}
SOAPMessage msg = mf.createMessage(new MimeHeaders(),
new ByteArrayInputStream(xml.getBytes(Charset.forName("UTF-8"))));
msg.getMimeHeaders().addHeader("SOAPAction", soapActionFull);
return msg;
}
}
public class SOAPMessageSender {
private String nameSpaceURI;
private String endpointUrl;
private String trustStore;
private String trustStorePassword;
private String keyStore;
private String keyStorePassword;
private SOAPMessage soapResponse;
public SOAPMessageSender(){
}
public SOAPMessageSender(String endpointUrl, String nameSpaceURI, String trustStore, String trustStorePassword,
String keyStore, String keyStorePassword){
this.nameSpaceURI = nameSpaceURI;
this.keyStorePassword = keyStorePassword;
this.keyStore = keyStore;
this.trustStorePassword = trustStorePassword;
this.trustStore = trustStore;
this.endpointUrl = endpointUrl;
setSystemProperties();
}
public void setSystemProperties(){
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
System.setProperty("com.ibm.ssl.performURLHostNameVerification", "true");
System.setProperty("javax.net.ssl.trustStore", trustStore);
System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
System.setProperty("javax.net.ssl.keyStore", keyStore);
System.setProperty("javax.net.ssl.keyStorePassword",keyStorePassword);
System.setProperty("javax.net.ssl.keyStoreType", "jks");
}
public String callSoapWebService(String soapAction, String sourceXml, Map<String, String> params) {
try {
SOAPConnectionFactory scf = SOAPConnectionFactory.newInstance();
SOAPConnection sc = scf.createConnection();
/*SOAPMessage requestMsg = createSOAPMessageFromXML(nameSpaceURI + "/" + soapAction,
sourceXml, params);*/
//doTrustToCertificates();
soapResponse = sc.call(InsuranceSOAPMessageCreator.createSOAPMessageFromXML(soapAction,
sourceXml, params), endpointUrl);
ByteArrayOutputStream out = new ByteArrayOutputStream();
soapResponse.writeTo(out);
sc.close();
return out.toString();
} catch (Exception e) {
System.err.println("Ошибка при отправке сообщения SOAP-серверу:" + endpointUrl);
e.printStackTrace();
}
return null;
}
...
public static void main(String[] args){
//works fine here (on local run main method)
Map <String, String> authenticationData = new HashMap<>();
authenticationData.put("login", "user");
authenticationData.put("password", "pass");
SOAPMessageSender me = new SOAPMessageSender("https://somehost/someservice.asmx",
"https://someuri",
"/usr/lib/jvm/java-8-oracle/jre/lib/security/cacerts",
"password",
"/path/to/mykey.jks",
"password");
String resultXml = me.callSoapWebService("someaction",
"/path/to/AuthenticateUser.xml", authenticationData);
System.out.println(resultXml);
}
}
问题已解决。 Tomcat只是无法获取System.setProperty()中指定的jks文件,我使用java.security.KeyStore对象解决了该问题。 这是我添加的方法:
public void loadKeyStoreAndDoTrustToCertificates(String ksFile, String ksPass, String tsAlgo) throws Exception {
FileInputStream ksCert = new FileInputStream(ksFile);
KeyStore ks = KeyStore.getInstance(keyStoreType);
ks.load(ksCert, ksPass.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(tsAlgo);
kmf.init(ks, ksPass.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tsAlgo);
tmf.init(ks);
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(kmf.getKeyManagers(), null, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
if (!urlHostName.equalsIgnoreCase(session.getPeerHost())) {
System.out.println("Ошибка: URL хост '" + urlHostName + "' отличается SSL хоста'" + session.getPeerHost() + "'.");
}
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.