我正在使用WSS4J 1.6和Axis 1.4。
我正在使用org.apache.ws.security.message.WSSecUsernameToken创建UsernameToken。
我不明白的是 wsu:Id 属性。 根据网络服务规范,它必须采用“SecurityToken-24ada6f8-4626-4269-b786-a22361bfde78”的形式。
无论我做什么, wsu:Id 属性都包含“UsernameToken-123”,但根据网络服务规范,它必须位于“SecurityToken-24ada6f8-4626-4269-”表格中b786-a22361bfde78" 。
我完全不知道如何实现这一点,谷歌已经枯竭了 那么,谁能告诉我我需要做什么?
现在是UsernameToken xml。
<wsse:UsernameToken wsu:Id="UsernameToken-133"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>stan</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">secrit</wsse:Password>
</wsse:UsernameToken>
我希望它出来的UsernameToken xml。
<wsse:UsernameToken wsu:Id="SecurityToken-24ada6f8-4626-4269-b786-a22361bfde78"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>stan</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">secrit</wsse:Password>
</wsse:UsernameToken>
以下是我用来创建soap消息的代码。
public String soapTest() throws Exception {
MessageFactoryImpl messageFactory = new MessageFactoryImpl();
SOAPMessage soapMessage = null;
soapMessage = messageFactory.createMessage();
Message message = (Message)soapMessage;
SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
unsignedEnvelope.addNamespaceDeclaration( "xsd", "http://www.w3.org/2001/XMLSchema" );
unsignedEnvelope.addNamespaceDeclaration( "xsi", "http://www.w3.org/2001/XMLSchema-instance" );
unsignedEnvelope.addNamespaceDeclaration( "enc", "http://schemas.xmlsoap.org/soap/encoding/" );
unsignedEnvelope.addNamespaceDeclaration( "env", "http://schemas.xmlsoap.org/soap/envelop/" );
unsignedEnvelope.addNamespaceDeclaration( "wsa", "http://schemas.xmlsoap.org/ws/2004/03/addressing" );
unsignedEnvelope.addNamespaceDeclaration( "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" );
unsignedEnvelope.addNamespaceDeclaration( "wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" );
unsignedEnvelope.addNamespaceDeclaration( "ws", "http://ws.stupidsoap.com" );
SOAPBody soapMsgBody = (SOAPBody)soapMessage.getSOAPBody();
org.apache.axis.message.SOAPEnvelope soapMsgEnvelope = ((Message)soapMessage).getSOAPEnvelope();
SOAPBodyElement be = (SOAPBodyElement)soapMsgBody.addChildElement( soapMsgEnvelope.createName( "addTwoNumbers", "", "http://ws.stupidsoap.com" ) );
be.addChildElement( "number1" ).addTextNode( "5" );
be.addChildElement( "number2" ).addTextNode( "10" );
org.w3c.dom.Document doc = (org.w3c.dom.Document)soapMsgEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader( doc );
WSSecUsernameToken utBuilder = new WSSecUsernameToken();
utBuilder.setPasswordType( WSConstants.PASSWORD_TEXT );
utBuilder.setUserInfo( "stan", "secrit" );
utBuilder.addNonce();
utBuilder.addCreated();
utBuilder.build( doc, secHeader );
return org.apache.ws.security.util.XMLUtils.PrettyDocumentToString( doc );
}
答案 0 :(得分:0)
试试这个:
WsuIdAllocator idAllocator = new WsuIdAllocator() {
public String createId(String prefix, Object o) {
return "SecurityToken-" + UUIDGenerator.getUUID();
}
public String createSecureId(String prefix, Object o) {
return "SecurityToken-" + UUIDGenerator.getUUID();
}
};
WSSecUsernameToken utBuilder = new WSSecUsernameToken();
WSSConfig wsConfig = new WSSConfig();
wsConfig.setIdAllocator(idAllocator);
utBuilder.setWsConfig(wsConfig);
utBuilder.setPasswordType( WSConstants.PASSWORD_TEXT );
utBuilder.setUserInfo( "stan", "secrit" );