Question

我可以使用具有此要求的CXF框架实现Web服务：

的UsernameToken
AES加密

系统可能会在调用它之前将密钥传递给WS。我尝试配置如下，但不工作。

<bean id="logInBound" class="org.apache.cxf.interceptor.LoggingInInterceptor" />
<bean id="logOutBound" class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
<jaxws:client id="helloClient" serviceClass="com.itiboss.facade.HelloWorld"        address="http://localhost:18080/spring-jpa/ws/HelloWorld">
    <jaxws:properties>
        <entry key="mtom-enabled" value="true"/>
    </jaxws:properties>
    <jaxws:inInterceptors>
        <ref bean="logInBound" />
    </jaxws:inInterceptors>
    <jaxws:outInterceptors>
        <ref bean="logOutBound" />
        <ref bean="outbound-security" />
    </jaxws:outInterceptors>
</jaxws:client>
<!-- WSS4JOutInterceptor for incorporating a UsernameToken in a SOAP --> 
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" id="outbound-security">
    <constructor-arg>
        <map>
            <entry key="action" value="UsernameToken Encrypt"/>  
            <entry key="user" value="dummy"/>  
            <entry key="allowMTOM" value="true"/>  
            <entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
            <!--entry key="passwordType" value="PasswordText"/-->                
            <entry key="passwordCallbackClass" value="com.itiboss.facade.ClientPasswordCallback"/>               
        </map>
    </constructor-arg>
</bean>

采用AES加密的CXF-WS-Security

0 个答案: