Wildfly 8.2和SOAP Web服务 - 通过https发送文件

时间:2015-09-30 09:22:38

标签: java web-services ssl soap wildfly

SERVER: 我有一个SOAP Web服务。 Web服务的某些方法处理接收和保存文件到db。 Web服务要求使用client-cert调用它进行身份验证。身份验证由自定义登录模块解决。

@Stateless
@WebService
@MTOM(enabled = true)
@WebContext(authMethod = "CLIENT-CERT", secureWSDLAccess = false, 
transportGuarantee = "CONFIDENTIAL")
@RolesAllowed("meo_ws")
public class EDVWs implements IEDVWS
{
 ...

客户端: 我创建了一个调用WS的单元测试。在我保护Web服务(HTTPS + client-cert)之前,我能够通过测试调用它的所有方法。然后我添加了安全性,我仍然能够调用不处理文件的服务。当我尝试将文件发送到服务时,我收到403 Forbidden错误。对于小文件(小于1MB),我没有得到错误。

错误:

Caused by: org.apache.cxf.transport.http.HTTPException: HTTP response '403: Forbidden' when communicating with https://localhost:8443/Jedro-EDV/EDVWs
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1577)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1532)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1330)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:652)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
... 33 more

奇怪的是,如果我将文件添加到调用中,它甚至在进入登录模块之前就会被拒绝。我尝试设置max-post-size但没有运气。

<https-listener name="default-ssl" socket-binding="https"
                security-realm="SslRealm" max-post-size="52428800"/>

客户端配置:

public static void initServicePort(String endpoint, URL wsdlLocation)
{
    TLSClientParameters tlsClientParameters = initTLSClientParameters();

    service = new EDVWsService(wsdlLocation);
    edvWs = service.getEDVWsPort();
    BindingProvider bp = (BindingProvider) edvWs;
    SOAPBinding binding = (SOAPBinding) bp.getBinding();
    binding.setMTOMEnabled(true);

    log.debug("Success!");

    configureClient(tlsClientParameters, ClientProxy.getClient(edvWs));
}

private static void configureClient(TLSClientParameters tlsClientParameters, Client client)
{
    HTTPConduit http = (HTTPConduit) client.getConduit();
    http.setTlsClientParameters(tlsClientParameters);

    HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
    httpClientPolicy.setConnectionTimeout(new Long(30000));
    httpClientPolicy.setReceiveTimeout(new Long(30000));
    http.setClient(httpClientPolicy);
}

我非常感谢任何提示:)

0 个答案:

没有答案
相关问题
最新问题