这似乎应该很简单,但解决方案一直在逃避我。我的流程是XML - > XSLT翻译 - >使用Web服务(IBM Web Sphere Web Service是特定的)。我有单独的工作但我无法弄清楚如何将用户/传递添加到SOAP标头。我认为我应该能够将它们添加到Mule SOAP组件的安全选项卡中的键(我将操作设置为Proxy Client)。不幸的是,我无法弄清楚有效密钥是什么。也许我甚至试图使用安全选项卡离开基地。所以最终我需要传出的XML包含:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>
myUserName
</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
myPa33W0rd
</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
目前我的Mule流程正在推出:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
我是否需要手动添加安全信息(可能在XSLT翻译中)?这感觉不对,但我无法弄清楚如何添加它。
以下是我的流程中的相关行:
<mulexml:xslt-transformer maxIdleTransformers="2" maxActiveTransformers="5" xsl-file="src\main\resources\MappingMapToChangeCatalogEntry.xslt" outputEncoding="US-ASCII" doc:name="XSLT"/>
<cxf:proxy-client payload="body" enableMuleSoapHeaders="true" doc:name="SOAP"/>
<byte-array-to-string-transformer doc:name="Byte Array to String"/>
答案 0 :(得分:5)
为了添加WS-Sec,您需要配置CXF WSS4J拦截器并将其注入Mule的CXF消息处理器。
前3.3 =
<spring:bean name="wss4jOutConfiguration"
class="org.springframework.beans.factory.config.MapFactoryBean">
<spring:property name="sourceMap">
<spring:map>
<spring:entry key="action" value="Signature" />
<spring:entry key="user" value="joe" />
<spring:entry key="signaturePropFile" value="org/mule/module/cxf/wssec/wssecurity.properties" />
<spring:entry key="passwordCallbackClass" value="org.mule.module.cxf.wssec.ClientPasswordCallback" />
</spring:map>
</spring:property>
</spring:bean>
...
<cxf:proxy-client payload="body" enableMuleSoapHeaders="true" doc:name="SOAP">
<cxf:outInterceptors>
<spring:bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<spring:property name="properties" ref="wss4jOutConfiguration"/>
</spring:bean>
</cxf:outInterceptors>
</cxf:proxy-client>
粗略样本密码回调类:
public class ClientPasswordCallback implements CallbackHandler{
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback callback = (WSPasswordCallback) callbacks[0];
if(callback.getIdentifier().equals("joe")){
callback.setPassword("pass");
}
}
在此处查看更多内容:http://www.mulesoft.org/documentation/display/current/WS-Security+Usability+Improvement
3.3。+: 在3.3+中有一个新的cxf:ws-security元素。这里有一个示例流程:https://svn.codehaus.org/mule/tags/mule-3.4-M2/modules/cxf/src/test/resources/org/mule/module/cxf/wssec/cxf-secure-proxy-flow.xml
<cxf:proxy-client payload="body"
enableMuleSoapHeaders="true" doc:name="SOAP">
<cxf:ws-security>
<cxf:ws-config>
<cxf:property key="action"
value="UsernameToken
Timestamp" />
<cxf:property key="user" value="joe" />
<cxf:property key="passwordCallbackClass"
value="com.mulesoft.mule.example.security.PasswordCallback" />
<cxf:property key="mustUnderstand" value="false" />
</cxf:ws-config>
</cxf:ws-security>
</cxf:proxy-client>
以前我在使用XSLT时也只是自己处理了整个信封。然后我传递了用户并通过上下文参数传递到XSLT
<xm:xslt-transformer xsl-file="xslt/ToSomethingSOAPY.xsl">
<xm:context-property key="user" value="${my.user}" />
<xm:context-property key="password" value="${my.pass}" />
</xm:xslt-transformer>
然后通过xsl params重新发送它们,如下所示:
<xsl:param name="user" />
....
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1018444980">
<wsse:Username><xsl:value-of select="$user" /></wsse:Username>