350 Bounty 和华夫饼给可以帮助我的人!
我一直在努力使用Spring Web服务加密几天,我无法弄清楚如何让Spring的加密功能在消息体上运行。每当我让服务器加密生成的消息时,客户端似乎在尝试根据模式(XSD)验证它之前没有对其进行解密。
Here is the server side configuration
The server's xwss security configuration
The client's Spring configuration
我能做的是加密用户令牌并成功解密。我在从客户端向服务器发送数据时这样做。然后,服务器解密用户令牌并验证用户凭据,这非常有效。
如果我尝试加密回来的邮件正文,就会出现问题。问题发生在客户端。似乎客户端在解密之前尝试验证消息,因此在验证模式时会发生错误。
[Fatal Error] :1:192: The prefix "ns0" for element "ns0:HolidayListResponse" is not bound.
11-Dec-2009 7:45:32 AM com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor decryptElementWithCipher
SEVERE: WSS1203: Exception [ The prefix "ns0" for element "ns0:HolidayListResponse" is not bound. ] while trying to decrypt message
And here is the SOAP response itself
这是编组映射文件
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapping PUBLIC "-//EXOLAB/Castor Mapping DTD Version 1.0//EN"
"http://castor.org/mapping.dtd">
<mapping>
<field-handler name="dateHandler" class="com.mycompany.hr.handlers.DateFieldHandler" />
<field-handler name="dateHandler2" class="com.mycompany.hr.handlers.DateFieldHandler" />
<class name="com.mycompany.hr.data.Holiday">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="Holiday" />
<field name="from" type="string" handler="dateHandler">
<bind-xml name="StartDate" node="element" />
</field>
<field name="to" type="string" handler="dateHandler2">
<bind-xml name="EndDate" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.Employee">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="Employee" />
<field name="number" type="java.lang.Integer">
<bind-xml name="Number" node="element" />
</field>
<field name="firstName" type="java.lang.String">
<bind-xml name="FirstName" node="element" />
</field>
<field name="lastName" type="java.lang.String">
<bind-xml name="LastName" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayRequest">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayRequest" />
<field name="holiday" type="com.mycompany.hr.data.Holiday">
<bind-xml name="Holiday" node="element" />
</field>
<field name="employee" type="com.mycompany.hr.data.Employee">
<bind-xml name="Employee" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayConfirmation">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayConfirmation" />
<field name="confirmationCode" type="java.lang.Integer">
<bind-xml name="ConfirmationCode" node="element" />
</field>
<field name="confirmationMessage" type="java.lang.String">
<bind-xml name="ConfirmationMessage" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayResponse">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayResponse" />
<field name="confirmation" type="com.mycompany.hr.data.HolidayConfirmation">
<bind-xml name="HolidayConfirmation" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayListRequest">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayListRequest" />
<field name="id" type="java.lang.Integer">
<bind-xml name="userId" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayListResponse">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayListResponse" />
<field name="holidays" type="com.mycompany.hr.data.Holiday" collection="vector">
<bind-xml name="Holiday" node="element" />
</field>
</class>
</mapping>
我知道这是很多信息,但我想我会提供一切。我的加密设置是否正确?是否无法加密消息正文并在客户端解密?在这一点上,我几乎可以接受任何建议。
答案 0 :(得分:2)
查看CastorMarshaller属性,并尝试将一些“忽略”属性设置为true(在<bean id="castorMarshaller"中)。例如set:
<property name="validating" value="false" />
<property name="suppressNamespaces" value="true" />
<property name="ignoreExtraElements" value="true" />
其中一个可能会这样做。
答案 1 :(得分:0)
你确定
<property name="xsd" value="classpath:src/java/hr.xsd"/>
正在妥善解决?
您收到的错误表示无法找到如何处理该元素。如果响应未被解密,您将看不到元素名称和前缀。
您是否可以在不加密的情况下验证和运行Web服务?