CXF WSS4J拦截器

时间:2014-04-17 08:17:14

标签: cxf interceptor ws-security wss4j

我尝试使用以下代码配置WSS4J拦截器:

        try {

        Map<String, Object> outProps = new HashMap<String, Object>();

        outProps.put(WSHandlerConstants.ACTION,
                WSHandlerConstants.TIMESTAMP + " "
                        + WSHandlerConstants.SIGNATURE + " "
                        + WSHandlerConstants.ENCRYPT);
        outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
        outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
                ClientKeystorePasswordCallback.class.getName());
        outProps.put(WSHandlerConstants.SIG_PROP_FILE,
                "clientWSsec-PC165.properties");
        outProps.put(WSHandlerConstants.ENC_PROP_FILE,
                "clientWSsec-PC165-Srv.properties");
        outProps.put(WSHandlerConstants.SIGNATURE_USER, "clientKey");
        outProps.put(WSHandlerConstants.ENCRYPTION_USER, "serverKey");

        Map<String, Object> inProps = new HashMap<String, Object>();

        inProps.put("action", "Timestamp Signature Encrypt");
        inProps.put("passwordType", "PasswordText");
        inProps.put("passwordCallbackClass",
                "utils.ClientKeystorePasswordCallback");
        inProps.put("signatureUser", "clientKey");
        inProps.put("encryptionUser", "serverKey");
        inProps.put("encryptionPropFile", "clientWSsec-PC165.properties");
        inProps.put("signaturePropFile", "clientWSsec-PC165.properties");


        DefaultCryptoCoverageChecker coverageChecker = new DefaultCryptoCoverageChecker();
        coverageChecker.setSignBody(true);
        coverageChecker.setSignTimestamp(true);
        coverageChecker.setEncryptBody(true);

        Service service = new Service ();
        WsService  wsService = service.getWsServiceSOAP();

        org.apache.cxf.endpoint.Client client = ClientProxy
                .getClient(wsService);
        client.getInInterceptors().add(new WSS4JInInterceptor(inProps));
        client.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
        client.getInInterceptors().add(coverageChecker);

        ResponseType parameters1 = new ResponseType();
        wsService.getResponse(getServiceHeader(),
                parameters1);

    } catch (UndeclaredThrowableException ex) {
        ex.getUndeclaredThrowable().printStackTrace();
    } catch (Exception ex) {
        ex.printStackTrace();
    }

但是我收到了这个错误:

javax.xml.ws.soap.SOAPFaultException: Security configuration could not be detected. Potential cause: Make sure jaxws:client element with name attribute value matching endpoint port is defined as well as a ws-security.signature.properties element within it.
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:157)
at $Proxy29.getResponse(Unknown Source)
at utils.Client.main(Client.java:118)

Caused by: org.apache.cxf.ws.policy.PolicyException: Security configuration could not be detected. Potential cause: Make sure jaxws:client element with name attribute value matching endpoint port is defined as well as a ws-security.signature.properties element within it.
at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:313)
at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuilder(AbstractBindingBuilder.java:1827)
at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:567)
at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:147)
at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:98)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:176)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:90)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
... 2 more

我想知道我的代码中是否遗漏了某些内容,或者我是不是以正确的方式做错了。

谢谢!

2 个答案:

答案 0 :(得分:5)

您正在使用WSS4JOutInterceptor / WSS4JInInterceptor与“基于策略”配置混合使用“基于操作”的配置。在您的示例中,有一个WS-SecurityPolicy(AsymmetricBinding),CXF WS-Security运行时用于配置安全性。在这种情况下,您不需要显式配置WSS4JOutInterceptor。您需要做的是添加相关的安全属性。这是一个(代码)示例:

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=systests/ws-security/src/test/java/org/apache/cxf/systest/ws/fault/FaultTest.java;hb=fd92c807e8773c363df37cfaf946971f5bac763b

特别是:

client.getRequestContext()。put(“ws-security.username”,“bob”);

client.getRequestContext()。put(“ws-security.encryption.properties”,“bob.properties”);

科尔姆。

答案 1 :(得分:0)

您使用的是哪个版本的CXF?

我对CXF 2.7.11也有同样的问题。 版本2.7.1中没有出现此问题。

您也可以尝试使用最新的3.0版本。

相关问题
最新问题