我为此wsdl生成了客户端ws-client:
<wsdl:definitions name="ArkivServiceBasis" targetNamespace="http://acos.no/websak/appservices/contracts/interface/arkivservicebasis/2011/08" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:i0="http://tempuri.org/" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:tns="http://acos.no/websak/appservices/contracts/interface/arkivservicebasis/2011/08" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
<wsp:Policy wsu:Id="ArkivServiceBasisEP_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedSupportingTokens>
<sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy/>
</sp:Wss11>
<sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportIssuedTokens/>
<sp:RequireClientEntropy/>
<sp:RequireServerEntropy/>
</wsp:Policy>
</sp:Trust10>
<wsaw:UsingAddressing/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<!-- types,messages,opertaions goes here -->
</wsdl:definitions>
我已经将wsdls端点网站的证书添加到java cacerts(也是WL密钥库 - 正常偏执)
我也使用SecurityHandler:
public final class SecurityHandler implements SOAPHandler<SOAPMessageContext> {
private String username;
private String password;
public SecurityHandler() {
super();
}
public SecurityHandler(String username, String password) {
super();
this.username = username;
this.password = password;
}
@Override
public boolean handleMessage(final SOAPMessageContext msgCtx) {
// Indicator telling us which direction this message is going in
final Boolean outInd = (Boolean) msgCtx.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
// Handler must only add security headers to outbound messages
if (outInd.booleanValue()) {
try {
// Get the SOAP Envelope
final SOAPEnvelope envelope = msgCtx.getMessage().getSOAPPart().getEnvelope();
// Header may or may not exist yet
SOAPHeader header = envelope.getHeader();
if (header == null) {
header = envelope.addHeader();
}
// Add WSS Usertoken Element Tree
final SOAPElement security = header.addChildElement("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
final SOAPElement userToken = security.addChildElement("UsernameToken", "wsse");
userToken.addChildElement("Username", "wsse").addTextNode(username);
userToken.addChildElement("Password", "wsse").addTextNode(password);
msgCtx.getMessage().writeTo(System.out);
System.out.println();
}
catch (final Exception e) {
return false;
}
}
return true;
}
public Set<QName> getHeaders() {
QName securityHeader = new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
Set<QName> headers = new HashSet<QName>();
headers.add(securityHeader);
return headers;
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return false;
}
@Override
public void close(MessageContext context) {
}
}
最后,测试类:
public class WebSakPingTest {
private static final String LOGIN = "login";
private static final String PASS = "pass";
@SuppressWarnings("rawtypes")
@Test
public void testSendPingRequest() throws DatatypeConfigurationException, MalformedURLException, SOAPException {
System.setProperty("javax.net.debug", "all");
System.setProperty("com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.dump", "true");
AddressingFeature feature = new AddressingFeature(true, false);
ArkivServiceBasis service = new ArkivServiceBasis();
IArkivServiceBasis port = service.getArkivServiceBasisEP(feature);
final Binding binding = ((BindingProvider) port).getBinding();
List<Handler> handlerList = binding.getHandlerChain();
handlerList.add(new SecurityHandler(LOGIN, PASS));
binding.setHandlerChain(handlerList);
port.ping("Ping test message");
}
}
这完美无缺!
但是当我将代码部署到weblogic时 - 我收到了这个例外:
javax.ejb.EJBException: EJB Exception: ; nested exception is:
com.sun.xml.ws.fault.ServerSOAPFaultException: Client received SOAP Fault from server: Unable to add security token for identity, token uri =http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken Please see the server log to find more detail regarding exact cause of the failure.
at com.sun.xml.ws.fault.SOAP12Fault.getProtocolException(SOAP12Fault.java:229)
at com.sun.xml.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:125)
at com.sun.xml.ws.client.sei.StubHandler.readResponse(StubHandler.java:253)
at com.sun.xml.ws.db.DatabindingImpl.deserializeResponse(DatabindingImpl.java:181)
at com.sun.xml.ws.db.DatabindingImpl.deserializeResponse(DatabindingImpl.java:258)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:117)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:91)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:154)
at com.sun.proxy.$Proxy303.nyJournalpostGittJournalpostInformasjon(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at weblogic.wsee.jaxws.spi.ClientInstanceInvocationHandler.invoke(ClientInstanceInvocationHandler.java:84)
at com.sun.proxy.$Proxy304.nyJournalpostGittJournalpostInformasjon(Unknown Source)
at com.computas.service.websakws.WebSakServiceHandler.nyJournalpostGittJournalpostInformasjon(WebSakServiceHandler.java:82)
at com.computas.lovisa.server.WebSakManagerBean.addJournalpost(WebSakManagerBean.java:91)
at com.computas.lovisa.server.DocumentStorageManager_h43t3b_DocumentStorageManagerImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:34)
at com.computas.lovisa.server.DocumentStorageManager_h43t3b_DocumentStorageManagerImpl.addJournalpost(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:84)
at com.sun.proxy.$Proxy261.addJournalpost(Unknown Source)
at com.computas.lovisa.websakpoc.WebsakPOC.testSkrivSak(WebsakPOC.java:44)
不知道该怎么做
答案 0 :(得分:1)
<强>解强>
我已经为jax-ws(不是rpc)尝试了this文章。我已将代码更改为示例中的代码,仅省略ClientBSTCredentialProvider - 我已将证书导入到java默认密钥库中。最终代码如下所示:
AddressingFeature feature = new AddressingFeature(true, false);
port = service.getArkivServiceBasisEP(feature);
objectFactory = new ObjectFactory();
datatypeFactory = DatatypeFactory.newInstance();
List<CredentialProvider> credProviders = new ArrayList<CredentialProvider>();
CredentialProvider cp = new ClientUNTCredentialProvider(username.getBytes(), password.getBytes());
credProviders.add(cp);
Map<String, Object> requestContext = ((BindingProvider) port).getRequestContext();
requestContext.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
requestContext.put(WSSecurityContext.TRUST_MANAGER, new TrustManager() {
public boolean certificateCallback(X509Certificate[] chain, int validateErr) {return true;}
});
所以现在它适用于WL!