我需要使用此策略来使用安全的Web服务:
<wsp:Policy wsu:Id="test_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:EndorsingSupportingTokens>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
使用AXIS2框架我可以毫无问题地进行操作但是使用JAX-WS总是我的安全检查程序是空白的。
有任何帮助或教程吗?
更新:
我设法加载了WSIT和这个配置[1]但是现在出现了这个错误[2]
[1]
<wsp:Policy wsu:Id="my_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:EndorsingSupportingTokens>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<sc1:KeyStore wspp:visibility="private" alias="importkey" keypass="importkey" storepass="importkey" type="JKS" location="${keystore.dir}/pac.jks"/>
<sc1:TrustStore wspp:visibility="private" peeralias="importkey" storepass="importkey" type="JKS" location="${keystore.dir}/pac.jks"/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
[2]
Información: WSP5018: se ha cargado la configuración de WSIT desde el archivo: file:client_Autentica/target/classes/wsit-client.xml.
mar 24, 2014 1:10:49 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler getKeyStore
Grave: WSS1540: no se ha encontrado el elemento KeyStore. Compruebe la afirmación de KeyStore en la configuración de WSIT
mar 24, 2014 1:10:49 PM com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl getDefaultPrivKeyCertRequest
Grave: WSS0216: Se ha producido un error al utilizar CallbackHandler para: SignatureKeyCallback.DefaultPrivKeyCertRequest
mar 24, 2014 1:10:49 PM com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl getDefaultPrivKeyCertRequest
Grave: WSS0217: se ha producido un error al utilizar el método CallbackHandler handle().
com.sun.xml.wss.impl.XWSSecurityRuntimeException: Could not locate KeyStore, check keystore assertion in WSIT configuration
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler.getKeyStore(DefaultCallbackHandler.java:2279)
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler.getDefaultPrivKeyCert(DefaultCallbackHandler.java:1414)
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler.handle(DefaultCallbackHandler.java:553)
at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.getDefaultPrivKeyCertRequest(DefaultSecurityEnvironmentImpl.java:261)
at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:235)
at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:99)
at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:278)
at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:194)
at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:155)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:388)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:323)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:247)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1050)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:1019)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:877)
at com.sun.xml.ws.client.Stub.process(Stub.java:464)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:174)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:91)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:154)
at $Proxy40.autentica(Unknown Source)
at client.WSClient.main(WSClient.java:26)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
mar 24, 2014 1:10:49 PM com.sun.xml.wss.impl.filter.SignatureFilter process
Grave: WSS1417: error al procesar la firma [Ljava.lang.Object;@2f186df7
mar 24, 2014 1:10:49 PM com.sun.xml.wss.jaxws.impl.SecurityTubeBase secureOutboundMessage
Grave: WSSTUBE0024: error al proteger el mensaje saliente.
com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: Could not locate KeyStore, check keystore assertion in WSIT configuration
at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:321)
at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:99)
at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:278)
at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:194)
at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:155)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:388)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:323)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:247)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1050)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:1019)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:877)
at com.sun.xml.ws.client.Stub.process(Stub.java:464)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:174)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:91)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:154)
at $Proxy40.autentica(Unknown Source)
at client.WSClient.main(WSClient.java:26)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
Caused by: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.XWSSecurityRuntimeException: Could not locate KeyStore, check keystore assertion in WSIT configuration
at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.getDefaultPrivKeyCertRequest(DefaultSecurityEnvironmentImpl.java:266)
at com.sun.xml.wss.impl.filter.SignatureFilter.process(SignatureFilter.java:235)
... 23 more
Caused by: com.sun.xml.wss.impl.XWSSecurityRuntimeException: Could not locate KeyStore, check keystore assertion in WSIT configuration
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler.getKeyStore(DefaultCallbackHandler.java:2279)
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler.getDefaultPrivKeyCert(DefaultCallbackHandler.java:1414)
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler.handle(DefaultCallbackHandler.java:553)
at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.getDefaultPrivKeyCertRequest(DefaultSecurityEnvironmentImpl.java:261)
... 24 more
mar 24, 2014 1:10:49 PM com.sun.xml.wss.jaxws.impl.SecurityClientTube processClientRequestPacket
Grave: WSSTUBE0024: error al proteger el mensaje saliente.
com.sun.xml.wss.impl.WssSoapFaultException: Invalid Security Header
at com.sun.xml.wss.impl.SecurableSoapMessage.newSOAPFaultException(SecurableSoapMessage.java:349)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:393)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:323)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:247)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1050)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:1019)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:877)
at com.sun.xml.ws.client.Stub.process(Stub.java:464)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:174)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:91)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:154)
at $Proxy40.autentica(Unknown Source)
at client.WSClient.main(WSClient.java:26)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
Exception in thread "main" javax.xml.ws.WebServiceException: WSSTUBE0024: error al proteger el mensaje saliente.
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:328)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processRequest(SecurityClientTube.java:247)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1050)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:1019)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:877)
at com.sun.xml.ws.client.Stub.process(Stub.java:464)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:174)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:91)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:154)
at $Proxy40.autentica(Unknown Source)
at client.WSClient.main(WSClient.java:26)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
Caused by: javax.xml.ws.soap.SOAPFaultException: Invalid Security Header
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.getSOAPFaultException(SecurityTubeBase.java:715)
... 18 more
Caused by: com.sun.xml.wss.impl.WssSoapFaultException: Invalid Security Header
at com.sun.xml.wss.impl.SecurableSoapMessage.newSOAPFaultException(SecurableSoapMessage.java:349)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.secureOutboundMessage(SecurityTubeBase.java:393)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRequestPacket(SecurityClientTube.java:323)
... 17 more
答案 0 :(得分:2)
解决方案是:
在\ src \ main \ resources \
将这些文件:wsit-client.xml和Autenticacion.xml放在meta-inf中,内容如下:
WSIT-client.xml的
<?xml version="1.0" encoding="UTF-8"?>
<definitions
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" name="mainclientconfig"
>
<import location="Autenticacion.xml" namespace="http://tempuri.org/"/>
</definitions>
Autenticacion.xml: 在这个文件中放入你的WSDL并最后放入这个策略:
<wsp1:Policy wsu:Id="BasicHttpBinding_IAutenticacionPolicy">
<wsp1:ExactlyOne>
<wsp1:All>
<sc:KeyStore wspp:visibility="private" alias="youralias" keypass="pass1" storepass="pass" type="JKS" location="${keystore.dir}/your_jks.jks"/>
</wsp1:All>
</wsp1:ExactlyOne>
</wsp1:Policy>
这就是全部。
答案 1 :(得分:0)
我也花了很多时间找出解决方案。 我的问题是tomcat服务器无法读取wsit-client.xml文件并向服务器发送普通请求。
解决方案
META-INF文件夹位于'src/main'或'src/'?wsit-client.xml文件是否被服务器读取。