webservice加密无法正常工作（jbossws-cxf）

Question

我正在尝试让WS-Security加密在Wildfly上运行。我读了这篇文档：https://docs.jboss.org/author/display/WFLY8/WS-Security。

我希望我的肥皂信息从客户端加密到服务器，反之亦然。

我按照服务器和客户端的步骤进行操作，但邮件未加密，服务器也没有投诉它收到的未加密邮件。

与doc示例的唯一区别在于我们不使用WSDL合同强制执行（我们的wsdl不包含有关加密的信息）。

Web服务服务器和客户端都像加密一样工作。

1）Webservice Implementation

@WebService(serviceName = "IMDService",    
            portName="IMDServicePort",    
            targetNamespace="http://ws.prueba.com")

@SOAPBinding(style = SOAPBinding.Style.RPC)

@Remote(IMDService.class)

@Stateless

@EndpointConfig(configFile = "WEB-INF/jaxws-endpoint-config.xml", configName = "Custom WS-Security Endpoint")

public class IMDServiceImpl implements IMDService {
    ...
}

2）文件jaxws-endpoint-config.xml：

<?xml version="1.0" encoding="UTF-8"?>
<jaxws-config xmlns="urn:jboss:jbossws-jaxws-config:4.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jbossws-jaxws-config:4.0 schema/jbossws-jaxws-config_4_0.xsd">
    <endpoint-config>
        <config-name>Custom WS-Security Endpoint</config-name>
        <property>
            <property-name>ws-security.signature.properties</property-name>
            <property-value>bob.properties</property-value>
        </property>
        <property>
            <property-name>ws-security.encryption.properties</property-name>
            <property-value>bob.properties</property-value>
        </property>
        <property>
            <property-name>ws-security.signature.username</property-name>
            <property-value>bob</property-value>
        </property>
        <property>
            <property-name>ws-security.encryption.username</property-name>
            <property-value>alice</property-value>
        </property>
        <property>
            <property-name>ws-security.callback-handler</property-name>
            <property-value>ar.com.condortech.business.KeystorePasswordCallback</property-value>
        </property>
    </endpoint-config>
</jaxws-config>

3）这里我们有bob.properties和alice.properties文件内容：

alice.properties
================
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=password
org.apache.ws.security.crypto.merlin.keystore.alias=alice
org.apache.ws.security.crypto.merlin.keystore.file=alice.jks

bob.properties
==============
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=password
org.apache.ws.security.crypto.merlin.keystore.alias=bob
org.apache.ws.security.crypto.merlin.keystore.file=bob.jks

我们已正确生成两个关键字。

4）在客户端，我将属性放入服务界面：

IMDService imdService = this.getService(); //We call to own method for obtain the service...


((BindingProvider)imdService).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,
    new KeystorePasswordCallback());

((BindingProvider)imdService).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES,
     Thread.currentThread().getContextClassLoader().getResource("alice.properties"));

((BindingProvider)imdService).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES,
     Thread.currentThread().getContextClassLoader().getResource("alice.properties"));

((BindingProvider)imdService).getRequestContext().put(SecurityConstants.SIGNATURE_USERNAME, "alice");

((BindingProvider)imdService).getRequestContext().put(SecurityConstants.ENCRYPT_USERNAME, "bob"); 

5）我用maven管理了依赖关系，所有都在提供的范围内，以便不被排除在最后的战争中：

- org.jboss.ws.native (jbossws-native-core) - 4.2.0.Final
- org.apache.ws.security (wss4j) - 1.6.17
- org.apache.cxf (cxf-rt-ws-security, cxf-rt-frontend-jaxws, cxf-rt-transports-http, cxf-rt-transports-http-jetty) - 2.2.3

6）MANIFEST文件内容为：

Manifest-Version: 1.0
Built-By: laispuru
Build-Jdk: 1.8.0_05
Created-By: Maven Integration for Eclipse
Dependencies: org.apache.ws.security