Question

我在CXF webservice中实现了WS-security，以下是Mule流程： -

<context:property-placeholder location="classpath:conf/DBConnectionProp.properties"/>
    <!-- Authentication security-->
     <mule-ss:security-manager>
            <mule-ss:delegate-security-provider name="memory-provider" delegate-ref="authenticationManager" />
        </mule-ss:security-manager>
        <spring:beans>
            <ss:authentication-manager alias="authenticationManager">
                <ss:authentication-provider>
                    <ss:user-service id="userService" >
                        <ss:user name="${username}" password="${password}" authorities="ROLE_ADMIN" />
                    </ss:user-service>
                </ss:authentication-provider>
            </ss:authentication-manager>
        </spring:beans>

    <cxf:ws-security name="inboundSecurityConfig">
    <cxf:mule-security-manager />
    <cxf:ws-config>
    <cxf:property key="action" value="UsernameToken" />
    </cxf:ws-config>
    </cxf:ws-security>

    <!-- Authentication security ends-->

    <flow name="securedSoapService">
    <http:inbound-endpoint exchange-pattern="request-response" host="localhost" port="8090" path="designation" doc:name="HTTP">
    <cxf:jaxws-service serviceClass="com.getdesignation.test.services.schema.maindata.v1.GetDesignation">
    <cxf:ws-security ref="inboundSecurityConfig"/>
    </cxf:jaxws-service>
    </http:inbound-endpoint>
    <component class="com.getdesignation.vertu.services.schema.maindata.v1.Impl.GetDesignationImpl" />
    </flow>

现在的问题是，它没有从属性文件中读取用户名和密码的值。如果我尝试读取属性文件<ss:user name="${username}" password="${password}" authorities="ROLE_ADMIN" />中的值，那么它会将整个值读取为字符串，并在无效用户名和密码后出现异常： -

WARN  2014-09-18 21:23:41,426 [[SOAPSecurity2].connector.http.mule.default.receiver.02] org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor: 
org.apache.ws.security.WSSecurityException: The security token could not be authenticated or authorized
    at org.mule.module.cxf.support.MuleSecurityManagerValidator.validate(MuleSecurityManagerValidator.java:57)
    at org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:153)
    at org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:66)
    at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:281)
    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:100)
    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
    at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:122)

但是如果删除$ {username}和$ {password}并直接提供用户名和密码，那么它运行正常..我没有得到如何让它从属性文件中读取用户名和密码..请帮助..有没有办法从proprties文件中实现ws-security读取???

Answer 1

尝试使用：

username1=username
password1=password

和

<ss:user name="${username1}" password="${password1}" authorities="ROLE_ADMIN" />

因为与名称具有相同值的属性可能存在问题。

Answer 2

感谢大卫...... 这是一个奇怪的问题，David所说的工作解决方案是：

<ss:user name="${username1}" password="${password1}" authorities="ROLE_ADMIN" />

我无法将密钥用作用户名或密码

更新我发现错误是由于＆＃34; userName＆＃34;被Windows环境变量＆＃34; USERNAME＆＃34;覆盖参考： - https://support.mulesoft.com/s/article/ka434000000TOoDAAW/Bad-credentials-error-when-configuring-the-Spring-Security-Manager-with-properties

如何从Mule中的WS-Security属性文件中读取用户名和密码

2 个答案: