如何使用Spring WS将Timestamp添加到SOAP标头

时间:2013-09-19 16:44:55

标签: java soap spring-ws wss4j

使用SpringWS + Wss4j拦截器添加时间戳的默认选项似乎是在标题内的安全元素中添加时间戳:

<SOAP-ENV:Header>
    <wsse:Security>
        ...
        <wsu:Timestamp wsu:Id="TS-2">
            <wsu:Created>2013-09-19T17:43:31Z</wsu:Created>
            <wsu:Expires>2013-09-19T17:48:31Z</wsu:Expires>
        </wsu:Timestamp>
    </wsse:Security>
</SOAP-ENV:Header>

但是我希望Timestam元素在Security元素之外(见下文)。这可能吗?

<SOAP-ENV:Header>
    <wsse:Security>
        ...
    </wsse:Security>
    <wsu:Timestamp wsu:Id="TS-2">
        <wsu:Created>2013-09-19T17:43:31Z</wsu:Created>
        <wsu:Expires>2013-09-19T17:48:31Z</wsu:Expires>
    </wsu:Timestamp>
</SOAP-ENV:Header>

Spring配置如下:

<bean id="messageFactory" class="org.springframework.ws.soap.saaj.SaajSoapMessageFactory"/>

<bean id="webServiceTemplate" class="org.springframework.ws.client.core.WebServiceTemplate">
    <constructor-arg ref="messageFactory"/>
    <property name="defaultUri" value="https://domain.com/service"/>
    <property name="marshaller" ref="marshaller"/>
    <property name="unmarshaller" ref="marshaller"/>
    <property name="interceptors">
        <list>
            <ref local="wsClientSecurityInterceptor"/>
        </list>
    </property>
</bean>

<bean id="wsClientSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">  
    <!-- Validation Actions -->
    <property name="validationActions" value="NoSecurity" />

    <!-- Securement Actions -->
    <property name="securementActions" value="UsernameToken Timestamp" /> 

    <!-- timestamp options -->
    <property name="timestampStrict" value="false"/> 
    <property name="timestampPrecisionInMilliseconds" value="false"/> 

    <!-- username -->
    <property name="securementUsername" value="TheUsername"/>
    <property name="securementPassword" value="ThePassword"/>
    <property name="securementMustUnderstand" value="true" />
</bean>

0 个答案:

没有答案