WSS4J无效的安全标头 - 希望关闭InclusiveNamespace元素

时间:2016-01-09 01:46:53

标签: wss4j irs

使用以下SOAP请求访问生产者Web服务时,会返回“无效的安全标头”消息。当我的Oracle JDK 7的测试用例使用JAX-WS RI 2.2.4-b01时,它可以正常工作。

我必须使用WSS4j 1.6.0和IBM JDK 6,因为我在Websphere上 - 我认为问题在于IBM JDK 6附带的JAX-WS RI 2.1.6。

我试图让我的InclusiveNamspace看起来如下,没有“ec”前缀,因为我注意到这是下面显示的XML请求中的不同之处。

<S:Header>
    <wsse:Security
        xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
        xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
        S:mustUnderstand="1">
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
            Id="SIG-A45B0A5E750A47B9AE6EC49A362DB055">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
                <ds:Reference URI="#TS-1">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"
                                PrefixList="wsse S urn urn1" />

但相反,它出现了“ec”前缀

<ec:InclusiveNamespaces PrefixList="wsse S urn urn1" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />

我在我的代码中尝试了这个,但它没有删除它。有什么想法吗?

org.apache.xml.security.Init.init();
org.apache.xml.security.utils.ElementProxy.setDefaultPrefix("http://www.w3.org/2001/10/xml-exc-c14n#", "");

这是一个在使用Oracle JDK 7时有效的请求,请注意它正在使用JAX-WS RI 2.2.4-b01

POST /airp/aca/a2a/1095BC_Transmission_AATS2016 HTTP/1.1
Accept: text/xml, multipart/related
Content-Type: multipart/related;start="
<rootpart * d2bbd41-479c-4851-b6fb-5de42ba6573f @
example.jaxws.sun.com>
";type="application/xop+xml";boundary="uuid:6d2bbd41-479c-4851-b6fb-5de42ba6573f";start-info="text/xml"
SOAPAction: "BulkRequestTransmitter"
User-Agent: JAX-WS RI 2.2.4-b01
Host: la.www4.irs.gov
Connection: keep-alive
Content-Length: 325083

--uuid:6d2bbd41-479c-4851-b6fb-5de42ba6573f
Content-Id:
<rootpart * d2bbd41-479c-4851-b6fb-5de42ba6573f @
    example.jaxws.sun.com>
    Content-Type: application/xop+xml;charset=utf-8;type="text/xml"
    Content-Transfer-Encoding: binary

<?xml version="1.0" ?>
    <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
        xmlns:urn="urn:us:gov:treasury:irs:ext:aca:air:7.0" xmlns:urn1="urn:us:gov:treasury:irs:common">
        <S:Header>
            <wsse:Security
                xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
                xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
                S:mustUnderstand="1">
                <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
                    Id="SIG-DEE23B9A923D4A3CA3211DF2A3CD881A">
                    <ds:SignedInfo>
                        <ds:CanonicalizationMethod
                            Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></ds:CanonicalizationMethod>
                        <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
                        <ds:Reference URI="#TS-1">
                            <ds:Transforms>
                                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                    <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"
                                        PrefixList="wsse S urn urn1"></InclusiveNamespaces>
                                </ds:Transform>
                            </ds:Transforms>
                            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
                            <ds:DigestValue>removed=</ds:DigestValue>
                        </ds:Reference>
                        <ds:Reference URI="#id-4A79A4500D834A1688F0255D34F4B90A">
                            <ds:Transforms>
                                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                    <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"
                                        PrefixList="S urn1"></InclusiveNamespaces>
                                </ds:Transform>
                            </ds:Transforms>
                            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
                            <ds:DigestValue>removed=</ds:DigestValue>
                        </ds:Reference>
                        <ds:Reference URI="#id-1447A9BC79B048418D358EF9F861A302">
                            <ds:Transforms>
                                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                    <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"
                                        PrefixList="S urn urn1"></InclusiveNamespaces>
                                </ds:Transform>
                            </ds:Transforms>
                            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
                            <ds:DigestValue>removed=</ds:DigestValue>
                        </ds:Reference>
                    </ds:SignedInfo>
                    <ds:SignatureValue>removed==</ds:SignatureValue>
                    <ds:KeyInfo Id="KI-F84482F8FD684AF9811FCEA580F9FF93">
                        <wsse:SecurityTokenReference
                            wsu:Id="STR-71DE006212BB4C9FA21F3F59F79737CA">
                            <wsse:KeyIdentifier
                                EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
                                ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">removed</wsse:KeyIdentifier>
                        </wsse:SecurityTokenReference>
                    </ds:KeyInfo>
                </ds:Signature>
                <wsu:Timestamp wsu:Id="TS-1">
                    <wsu:Created>2016-01-08T23:00:48.578Z</wsu:Created>
                    <wsu:Expires>2016-01-09T00:00:48.578Z</wsu:Expires>
                </wsu:Timestamp>
            </wsse:Security>

以下是使用具有JAX-WS 2.1的IBM JDK 6的请求 - 我唯一可以看到的区别是它使用“ec”前缀并明确声明它是UTF-8

POST /airp/aca/a2a/1095BC_Transmission_AATS2016 HTTP/1.1
Soapaction:
"BulkRequestTransmitter"
Accept: text/xml, multipart/related, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Content-type:
multipart/related;start="
<rootpart * e-488d-80b8-4a137e7cb54e @ example.jaxws.sun.com>
";type="application/xop+xml";boundary="uuid:94066996-016e-488d-80b8-4a137e7cb54e";start-info="text/xml"
User-Agent: JAX-WS RI 2.1.6 in JDK 6
Host: la.www4.irs.gov
Connection: keep-alive
Content-Length: 325122

--uuid:94066996-016e-488d-80b8-4a137e7cb54e
Content-Id:
<rootpart * e-488d-80b8-4a137e7cb54e @ example.jaxws.sun.com>
    Content-Type: application/xop+xml;charset=utf-8;type="text/xml"
    Content-Transfer-Encoding: binary

<?xml version="1.0" encoding="UTF-8"?>
    <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
        xmlns:urn="urn:us:gov:treasury:irs:ext:aca:air:7.0" xmlns:urn1="urn:us:gov:treasury:irs:common">
        <S:Header>
            <wsse:Security
                xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
                xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
                S:mustUnderstand="1">
                <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
                    Id="SIG-2533902FF05A4C3EAD4DF4394DDC7232">
                    <ds:SignedInfo>
                        <ds:CanonicalizationMethod
                            Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></ds:CanonicalizationMethod>
                        <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
                        <ds:Reference URI="#TS-1">
                            <ds:Transforms>
                                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                    <ec:InclusiveNamespaces
                                        xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
                                        PrefixList="wsse S urn urn1"></ec:InclusiveNamespaces>
                                </ds:Transform>
                            </ds:Transforms>
                            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
                            <ds:DigestValue>removed=</ds:DigestValue>
                        </ds:Reference>
                        <ds:Reference URI="#id-7E93AD40DB804D8D9241DE569606EC96">
                            <ds:Transforms>
                                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                    <ec:InclusiveNamespaces
                                        xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
                                        PrefixList="S urn1"></ec:InclusiveNamespaces>
                                </ds:Transform>
                            </ds:Transforms>
                            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
                            <ds:DigestValue>removed=</ds:DigestValue>
                        </ds:Reference>
                        <ds:Reference URI="#id-2F77BCB77A484ABAB2FF110E580E2DD3">
                            <ds:Transforms>
                                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                    <ec:InclusiveNamespaces
                                        xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
                                        PrefixList="S urn urn1"></ec:InclusiveNamespaces>
                                </ds:Transform>
                            </ds:Transforms>
                            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
                            <ds:DigestValue>removed=</ds:DigestValue>
                        </ds:Reference>
                    </ds:SignedInfo>
                    <ds:SignatureValue>removed==</ds:SignatureValue>
                    <ds:KeyInfo Id="KI-7A496D73BB5342EAA06616B8AF4FDCB0">
                        <wsse:SecurityTokenReference
                            wsu:Id="STR-BF7E3246416240B5B45DA733BC718073">
                            <wsse:KeyIdentifier
                                EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
                                ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">removed</wsse:KeyIdentifier>
                        </wsse:SecurityTokenReference>
                    </ds:KeyInfo>
                </ds:Signature>
                <wsu:Timestamp wsu:Id="TS-1">
                    <wsu:Created>2016-01-08T23:04:33.001Z</wsu:Created>
                    <wsu:Expires>2016-01-09T00:04:33.001Z</wsu:Expires>
                </wsu:Timestamp>
            </wsse:Security>

0 个答案:

没有答案