[英]How to ignore the ws-security header in my CXF web service
我使用wsdl2java工具和獨立的http服務器創建了CXF Web服務。 wsdl具有指定的ws-security。
我不想強制執行ws-security標頭,因為我並不真正在乎它們,但是客戶端將按以下方式發送ws-security標頭。 請注意,沒有密碼,只有用戶名。
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>USER</wsse:Username>
</wsse:UsernameToken>
</wsse:Security>
我有什么選擇來處理呢?
更新:好的,我現在有了這個:
EndpointImpl impl = (EndpointImpl)Endpoint.publish(address, implementor);
impl.getInInterceptors().add(new LoggingInInterceptor());
impl.getOutInterceptors().add(new LoggingOutInterceptor());
Map<String, Object> inProps = new HashMap<String, Object>();
inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN_NO_PASSWORD);
inProps.put(WSHandlerConstants.USER, "USER");
impl.getOutInterceptors().add(new WSS4JInInterceptor(inProps));
客戶端發送標頭,如下所示:
<soapenv:Header>
<wsa:To>http://www.test.com/Namespace/testb</wsa:To>
<wsa:ReplyTo>
<wsa:Address>http://www.test.com/Namespace/testa</wsa:Address>
</wsa:ReplyTo>
<wsa:Action>http://www.test.com/test</wsa:Action>
<wsa:MessageID xmlns:wsa="http://www.w3.org/2005/08/addressing"
>6158a795-46d5-4481-8467-da8ffda95664</wsa:MessageID>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>USER</wsse:Username>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
wsdl中的策略是:
<wsp:Policy wsu:Id="RequestPolicy">
<wsp:PolicyReference URI="#RequestAddressingPolicy"/>
</wsp:Policy>
<wsp:Policy wsu:Id="ResponsePolicy">
<!--<wsp:PolicyReference URI="#ResponseAddressingPolicy"/>-->
</wsp:Policy>
<wsp:Policy wsu:Id="RequestAddressingPolicy">
<wsp:All>
<sp:RequiredElements>
<!-- wsa:MessageID -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'MessageID' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
<sp:RequiredElements>
<!-- wsa:Action -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'Action' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
</wsp:All>
</wsp:Policy>
<wsp:Policy wsu:Id="ResponseAddressingPolicy">
<wsp:All>
<sp:RequiredElements>
<!-- wsa:MessageID -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'MessageID' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
<sp:RequiredElements>
<!-- wsa:Action -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'Action' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
<sp:RequiredElements>
<!-- wsa:RelatesTo -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'RelatesTo' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
</wsp:All>
</wsp:Policy>
但是我得到這個錯誤:
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.frontend.WSDLGetInterceptor@17e83562
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor@577080e9
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor@5100a0c1
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor@322346e
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor@14429e20
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor@14446563
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.jaxb.attachment.JAXBAttachmentSchemaValidationHack@47663389
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.interceptor.DocLiteralInInterceptor@8b3f859
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor@7e7fcf24
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.interceptor.OneWayProcessorInterceptor@69e03797
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.WrapperClassInInterceptor@6a0aae79
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.SwAInInterceptor@7fdcf981
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.HolderInInterceptor@4caf756f
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.ws.policy.PolicyVerificationInInterceptor@624bc1dc
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.ws.policy.PolicyVerificationInInterceptor@624bc1dc
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.jaxws.interceptors.HolderInInterceptor@4caf756f
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.jaxws.interceptors.SwAInInterceptor@7fdcf981
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.jaxws.interceptors.WrapperClassInInterceptor@6a0aae79
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.OneWayProcessorInterceptor@69e03797
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor@7e7fcf24
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.DocLiteralInInterceptor@8b3f859
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.jaxb.attachment.JAXBAttachmentSchemaValidationHack@47663389
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor@14446563
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor@14429e20
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor@322346e
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor@5100a0c1
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor@577080e9
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.frontend.WSDLGetInterceptor@17e83562
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.StaxInInterceptor@795d674
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.transport.https.CertConstraintsInterceptor@629ec714
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.AttachmentInInterceptor@1f9d24f7
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.LoggingInInterceptor@28ae3880
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.ws.policy.PolicyInInterceptor@23c405af
WARN [qtp1254651534-15 - /Identity/] (LogUtils.java:443) - Interceptor for CENSORED has thrown exception, unwinding now
org.apache.cxf.ws.policy.PolicyException: These policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequiredElements
at org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:167)
at org.apache.cxf.ws.policy.PolicyVerificationInInterceptor.handle(PolicyVerificationInInterceptor.java:101)
at org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:44)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:355)
at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:319)
at org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1074)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1010)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.Server.handle(Server.java:361)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:485)
at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:926)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:988)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:642)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:627)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:51)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
at java.lang.Thread.run(Unknown Source)
您可以在CXF中配置WSS4JInInterceptor以期望不包含密碼的UsernameToken。 此處的配置: http : //cxf.apache.org/docs/ws-security.html-您需要指定的“操作”是“ UsernameTokenNoPassword”。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.