[英]Getting a Security Token for Azure Pack in Java Using Apache CXF
我正在嘗試用Java編寫代碼,以從Azure Pack的STS獲取安全令牌,然后將其用於驗證對Azure Pack API的調用。 這是Microsoft提供的 (適用於)在C#中獲取此令牌的示例代碼 :
string windowsAuthSiteEndPoint = EnvironmentToUse + ":30072";
var identityProviderEndpoint = new EndpointAddress(new Uri(windowsAuthSiteEndPoint + "/wstrust/issue/windowstransport"));
var identityProviderBinding = new WS2007HttpBinding(SecurityMode.Transport);
identityProviderBinding.Security.Message.EstablishSecurityContext = false;
identityProviderBinding.Security.Message.ClientCredentialType = MessageCredentialType.None;
identityProviderBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
var trustChannelFactory = new WSTrustChannelFactory(identityProviderBinding, identityProviderEndpoint)
{
TrustVersion = TrustVersion.WSTrust13,
};
var channel = trustChannelFactory.CreateChannel();
var rst = new RequestSecurityToken(RequestTypes.Issue)
{
AppliesTo = new EndpointReference("http://azureservices/AdminSite"),
KeyType = KeyTypes.Bearer,
};
RequestSecurityTokenResponse rstr = null;
SecurityToken token = null;
token = channel.Issue(rst, out rstr);
這是我目前在Java中嘗試做的相同事情的地方:
import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.sts.STSConstants;
import org.apache.cxf.ws.security.SecurityConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.trust.STSClient;
SpringBusFactory springBusFactory = new SpringBusFactory();
Bus bus = springBusFactory.createBus();
STSClient stsClient = new STSClient(bus);
stsClient.setLocation("https://" + endpoint + ":30072/wstrust/issue/windowstransport");
stsClient.setServiceName("{http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice}SecurityTokenService");
stsClient.setEndpointName("{http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice}WS2007HttpBinding_IWSTrust13Sync");
stsClient.setKeyType(STSConstants.BEARER_KEY_KEYTYPE);
stsClient.isEnableAppliesTo();
bus.setProperty(SecurityConstants.STS_CLIENT, stsClient);
bus.setProperty(SecurityConstants.STS_APPLIES_TO, "http://azureservices/AdminSite");
SecurityToken securityToken = stsClient.requestSecurityToken();
運行Java測試代碼時,我收到401未經授權的HTTP響應:
Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' when communicating with https://endpoint:30072/wstrust/issue/windowstransport
嘗試重新創建C#代碼的功能時,似乎缺少以下功能,但是我無法弄清楚Java /使用Apache CXF庫中的以下代碼等效於什么:
1)identityProviderBinding.Security.Message.EstablishSecurityContext = false;
2)identityProviderBinding.Security.Message.ClientCredentialType = MessageCredentialType.None;
3)identityProviderBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
我也可能在做其他錯誤的事情。 有什么想法或建議嗎?
您是否嘗試過使用管理證書而不是安全令牌來認證您的請求。 https://msdn.microsoft.com/zh-cn/library/azure/ee460782.aspx#bk_cert包含有關如何在Azure中執行此操作的信息,但對於Azure Pack來說應該沒有太大區別。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.