资源路径[cxf-ehcache.xml]无效

时间:2015-05-31 20:57:17

标签: tomcat cxf wss4j

我正在尝试实现消息级加密。具体而言,SOAP消息的主体将被加密。 我正在尝试加密从客户端到Web服务的流量。

客户端成功发送加密数据:

UTF-8
Content-Type: text/xml
Headers: {Accept=[*/*], SOAPAction=[""]}
Payload: <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
      <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EK-2F22184B9EAAC6244514331031642721">
        <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <wsse:SecurityTokenReference>
            <ds:X509Data>
              <ds:X509IssuerSerial>
                <ds:X509IssuerName>CN=testkey</ds:X509IssuerName>
                <ds:X509SerialNumber>1940918168</ds:X509SerialNumber>
              </ds:X509IssuerSerial>
            </ds:X509Data>
          </wsse:SecurityTokenReference>
        </ds:KeyInfo>
        <xenc:CipherData>
          <xenc:CipherValue>n6hH/RHguV2YCqZxI2Sq+X6hnaDm/OSUJsNRvcsxEHZw6lpdR+JitcbEfdv2huhsQ0HbtGjj0dfOa9pOCiwuaZW5wdR2Nq8kq85lZ4g2l/rHkGBRch19/P2oT0wXHIh/qQRHSqDhBg4bUrLKlzw+mA/H8SZimFvUz5xymwzKaQcv8puc0r9yKukQRmKVCjiS7enBznN0PdAfoitKdJYIm44/UaXa+CLwySPAw1cHpETAWoKclMqtL8Wgs9cN8+aYCmbC8kSDS+DURXMWc8ilVcirrYVrPAyEVZIX/NE9Pe8SIQmfgD5GHdFaIOPYcmf0i1w4/YQdTxzCFIXlwNkI0w==</xenc:CipherValue>
        </xenc:CipherData>
        <xenc:ReferenceList>
          <xenc:DataReference URI="#ED-2F22184B9EAAC6244514331031642892"/>
        </xenc:ReferenceList>
      </xenc:EncryptedKey>
    </wsse:Security>
  </SOAP-ENV:Header>
  <soap:Body>
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="ED-2F22184B9EAAC6244514331031642892" Type="http://www.w3.org/2001/04/xmlenc#Content">
      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey">
          <wsse:Reference URI="#EK-2F22184B9EAAC6244514331031642721"/>
        </wsse:SecurityTokenReference>
      </ds:KeyInfo>
      <xenc:CipherData>
        <xenc:CipherValue>PNHM0fKuMOHtpm0rGSpR0siGeiFRz/4Dwgwauwe2C6usChfH5a7PDXimplOvYSKE9d8zTNXie3tDMfprHLS/hPD0vABlSGA4haGMYrelFKNgAU8BhXbBfrQimD7e8ue6gV/BBwAGa0rgoExPYJQh0w==</xenc:CipherValue>
      </xenc:CipherData>
    </xenc:EncryptedData>
  </soap:Body>
</soap:Envelope>

But the web service response is bad:
NFORMACIÓN: Inbound Message
----------------------------
ID: 1
Response-Code: 500
Encoding: UTF-8
Content-Type: text/xml;charset=UTF-8
Headers: {connection=[close], content-type=[text/xml;charset=UTF-8], Date=[Sun, 31 May 2015 20:12:44 GMT], Server=[Apache-Coyote/1.1], transfer-encoding=[chunked]}
Payload: <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Body>
    <soap:Fault>
      <faultcode>soap:Server</faultcode>
      <faultstring>The resource path [cxf-ehcache.xml] is not valid</faultstring>
    </soap:Fault>
  </soap:Body>
</soap:Envelope>

--------------------------------------
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: The resource path [cxf-ehcache.xml] is not valid
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:158)
    at com.sun.proxy.$Proxy37.factorial(Unknown Source)
    at com.mathutility.test.TestMathUtility.main(TestMathUtility.java:57)
Caused by: org.apache.cxf.binding.soap.SoapFault: The resource path [cxf-ehcache.xml] is not valid

我正在使用: Apache Tomcat 8和Apache CXF 2.6.13

1 个答案:

答案 0 :(得分:0)

事实证明,tomcat8不喜欢不以/开头的资源。因此,您需要在默认资源(cxf-ehcache.xml)前加上“/”前缀。答案在CXF mail archives中给出。

您需要做的是设置属性ws-security.cache.config.file,以便将默认值(cxf-ehcache.xml)替换为“/cxf-ehcache.xml”,如下所述CXF documentation

您可以通过在您的CXF XML配置中添加端点bean声明下的属性来执行此操作:

<jaxws:endpoint 
    id="your id"
   ...    
   <jaxws:properties>
   ... 
    <entry key="ws-security.cache.config.file"  value="/cxf-ehcache.xml"/>
   </jaxws:properties>
</jaxws:endpoint>