使用kso​​ap2在Android中使用摘要(SOAP)的WSSE安全标头

时间:2013-06-19 06:29:31

标签: android soap ksoap2 android-ksoap2 soapheader

在Android编程中,我尝试使用kso​​ap2生成以下soap Header(WSSE Security with Password Digest Header)。

  <soap:Header>
    <wsse:Security soap:mustUnderstand="1">  
      <wsse:UsernameToken>
         <wsse:Username>user</wsse:Username>
         <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">DbIekaN2kkkEHsC2dHVrWYj0Lj0=</wsse:Password>
         <wsse:Nonce>KCkqLywtiK8wMTIzND9N2e==</wsse:Nonce>
         <wsu:Created>2013-06-18T21:18:11Z</wsu:Created>
     </wsse:UsernameToken>
   </wsse:Security>
  </soap:Header>

我生成上述标题的代码是

    Element headers[] = new Element[1];
    headers[0]= new Element().createElement("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
    headers[0].setAttribute(null, "soap:mustUnderstand", "1");

    Element to = new Element().createElement("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken");


    Element action1 = new Element().createElement(null, "n0:Username");
    action1.addChild(Node.TEXT, "user");
    to.addChild(Node.ELEMENT,action1);

    Element action2 = new Element().createElement(null, "n0:Password");
    action2.setAttribute(null, "Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest");
    action2.addChild(Node.TEXT, "DbIekaN2kkkEHsC2dHVrWYj0Lj0=");
    to.addChild(Node.ELEMENT,action2);


    Element action3 = new Element().createElement(null, "n0:Nonce");
    action3.addChild(Node.TEXT, "KCkqLywtiK8wMTIzND9N2e==");
    to.addChild(Node.ELEMENT,action3);

    Element action4 = new Element().createElement(null, "wsu:Created");
    action4.addChild(Node.TEXT, "2013-06-18T13:18:11Z");
    to.addChild(Node.ELEMENT,action4);


    headers[0].addChild(Node.ELEMENT, to);

    soapEnvelope.headerOut = headers[0];
    // soapEnvelop is created using the following code
    // SoapSerializationEnvelope soapEnvelope = new SoapSerializationEnvelope(SoapEnvelope.VER11);

但是,上面的代码提供了HTTP 400 (Bad Request)

任何人都可以帮助我吗?

1 个答案:

答案 0 :(得分:2)

您是否通过制作httpTransport.debug = true来尝试查看requestdump

我认为wsu与正确的命名空间无关。而不是写这个, 元素action4 = new Element()。createElement(null,“wsu:Created”);

请尝试元素action4 = new Element()。createElement(“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”,“Created”);

相关问题
最新问题