[英]Adding ws-security to SOAP axis 1.4 web service built with Eclipse?
[英]WS-STS with PingFederate for webservices built using Axis 1.7.2
我有一場發布網絡服務的戰爭。 Web服務是使用Axis 1.7.2構建和部署的。 我已經開發了可以使用WS-STS保護Web服務中的代碼。 這可以與WSO2 Identity Server的安全令牌服務器一起使用。
我在通過PingFederate的STS保護Web服務時遇到問題。 配置步驟之一是將策略添加到連接數據庫中。 Java代碼將提取策略XML,並將其添加到所有Web服務的“ services.xml”中。
我從以下PingFederate URL獲得了WS-Trust策略:
https://localhost:9031/pf/ws-trust_sts_metadata.ping PartnerSpId=CONNECTIONNAME&type=mex
政策內容如下:
<wsp:Policy wsu:Id="username">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedEncryptedSupportingTokens>
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedEncryptedSupportingTokens>
<sp:EndorsingSupportingTokens>
<wsp:Policy>
<sp:KeyValueToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never" wsp:Optional="true"/>
<sp:SignedParts>
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
</sp:SignedParts>
</wsp:Policy>
</sp:EndorsingSupportingTokens>
<sp:Wss11>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
<sp:MustSupportRefThumbprint/>
<sp:MustSupportRefEncryptedKey/>
</wsp:Policy>
</sp:Wss11>
<sp:Trust13>
<wsp:Policy>
<sp:MustSupportIssuedTokens/>
<sp:RequireClientEntropy/>
<sp:RequireServerEntropy/>
</wsp:Policy>
</sp:Trust13>
<wsaw:UsingAddressing/>
</wsp:All>
</wsp:ExactlyOne>
The services are failing to deploy with the following exception :
Caused by: com.ctc.wstx.exc.WstxParsingException: Undeclared namespace prefix "wsaw"
at [row,col {unknown-source}]: [58,29]
at com.ctc.wstx.sr.StreamScanner.constructWfcException(StreamScanner.java:606)
at com.ctc.wstx.sr.StreamScanner.throwParseError(StreamScanner.java:479)
at com.ctc.wstx.sr.InputElementStack.resolveAndValidateElement(InputElementStack.java:507)
at com.ctc.wstx.sr.BasicStreamReader.handleStartElem(BasicStreamReader.java:2977)
at com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2837)
at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1072)
at org.apache.axiom.util.stax.wrapper.XMLStreamReaderWrapper.next(XMLStreamReaderWrapper.java:225)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.parserNext(StAXOMBuilder.java:666)
... 62 more
如果有人可以指向PingFederate的STS套件或教程,將對您有很大幫助。
由於它只是在抱怨命名空間,您是否嘗試加載http://www.w3.org/2006/05/addressing/wsdl命名空間?
資料來源: https : //www.w3.org/TR/2006/CR-ws-addr-wsdl-20060529/
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.