我正在使用 骆驼:2.12.1 春天:4.0.5.RELEASE CXF:2.7.13
我的目标是在Payload模式下从我的驼峰路由器向某个端点发送带有wsse:security标头(如下所述)的soap消息。
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken
wsu:Id="UsernameToken-D5896C4D7E4684BCF8141101393698197">
<wsse:Username><xsl:value-of select="User" /></wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"><xsl:value-of select="password" /></wsse:Password>
<wsu:Created><xsl:value-of select="$START_TIME" /></wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
为实现这一目标,我创建了一个配置文件,其中包含以下条目
<jaxws:client name="{http://com.abc/CallingService}CallingService" createdFromAPI="true">
<jaxws:properties>
<entry key="ws-security.username" value= "User" />
<entry key="ws-security.password" value="password" />
</jaxws:properties>
</jaxws:client>
但不确定如何使用此文件或在路由或某些其他弹簧配置文件中调用此文件,以便我可以在我的外出消息中使用soap标头。
我目前正在接受例外
org.apache.cxf.ws.policy.PolicyException: No username available
at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.policyNotAsserted(AbstractTokenInterceptor.java:229) ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:361) ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addToken(UsernameTokenInterceptor.java:307) ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:95) ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:61) ~[cxf-rt-ws-security-2.7.13.jar:2.7.13]
我的wsdl政策如下:
<wsp:Policy wsu:Id="EndpointSecurityPolicy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy>
<sp:RequireClientCertificate/>
</wsp:Policy>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken>
<wsp:Policy>
<sp:NoPassword/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
<wsp:All>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy/>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken>
<wsp:Policy>
<sp:WssUsernameToken11/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
任何帮助或指示?
答案 0 :(得分:0)
也许你需要添加一个PasswordCallbackHandler。