[英]Invoke Secured web service in wso2esb
我已經在WSO2 ESB中創建了一個Web服務。 該安全性實現了只有特定的用戶角色才能訪問它。
現在,當我使用SOAP-UI來訪問此服務時,通過提供用戶名,密碼和密碼類型,我就可以訪問該服務。
現在,我想創建一個可訪問此安全Web服務的StandAlone Java項目。
我正試圖為此目的實現apache-rampart,但是我所擁有的信息是分散的。
任何人都可以幫助我如何訪問此安全服務。
謝謝並恭祝安康。
以這種方式訪問安全的Web服務,我假設您使用UT方案:
String trustStore = null;
ConfigurationContext ctx = null;
String policyFilePath = "[file_system_path]/secure_sample_policy.xml";
trustStore = "[file_system_path]/wso2carbon.jks";
System.setProperty("javax.net.ssl.trustStore",trustStore);
System.setProperty("javax.net.ssl.trustStorePassword","pass_store");
ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(null,
null);
this.stub = new ProxyStub(ctx);
stub._getServiceClient().engageModule("rampart");
stub._getServiceClient().engageModule("addressing");
Options options = this.stub._getServiceClient().getOptions();
options.setUserName("user");
options.setPassword("pass");
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(policyFilePath));
this.stub._getServiceClient().setOptions(options);
方法loadPolicy:
private static Policy loadPolicy(String xmlPath) throws Exception {
StAXOMBuilder builder = new StAXOMBuilder(xmlPath);
return PolicyEngine.getPolicy(builder.getDocumentElement());
}
還有一個示例策略文件:
<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"/>
</wsp:Policy>
</sp:SignedSupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.