使用CXF和Camel调用安全的Web服务

时间:2016-01-29 12:16:39

标签: apache-camel cxf

我正在尝试在https URL上调用SOAP Web服务,其中需要客户端身份验证(SSL)。

现在我正在使用spring配置我的驼峰上下文(从蓝图中切换)并使用带有jetty的Camel CXF组件创建我的端点作为传输。

我找不到任何好的例子。也许我应该使用http4而不是Jetty。我试图设置一些Camel sslContextParameters,但我看不到这与CXF和/或Jetty一起工作。

有人能指出我正确的方向吗?

2 个答案:

答案 0 :(得分:3)

首先,如果您正在调用SOAP服务,则需要使用camel-cxf组件,而不是camel-cxfrs。后者用于REST端点。

您说客户端授权是必需的,但您没有指定哪种类型。鉴于您谈论SSL,我将假设您需要配置SSL和HTTP身份验证。

对于SSL,请查看:https://camel.apache.org/camel-configuration-utilities.htmlhttps://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.0/html/Security_Guide/files/CamelCXF-SecureClient.html

对于HTTP Basic Auth,请在此处查看tdtr选项:https://camel.apache.org/cxf.html

编辑: RedHat CXF Security Guide 6.1

答案 1 :(得分:0)

感谢raulk,我能够创建一个工作弹簧配置来访问安全的Web服务。我使用wsdl2java(CXF)生成Java代码,用于为我正在调用的服务创建客户端端点。

这是我的弹簧配置:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns="http://www.springframework.org/schema/beans"
       xmlns:camel="http://camel.apache.org/schema/spring"
       xmlns:cxf="http://camel.apache.org/schema/cxf"
       xmlns:http="http://cxf.apache.org/transports/http/configuration"
       xmlns:sec="http://cxf.apache.org/configuration/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
         http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
         http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
         http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
         http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
       ">

    <!-- My camel routes -->
    <bean id="myClientRoute" class="com.mycompany.myWebserviceClientRouteBuilder"/>

    <!-- Name of conduit must match the target namespace and service name of the @WebService identifier in the autogenerated webservice interface -->
    <http:conduit name="{targetNamespace}WebserviceName.http-conduit">
        <http:tlsClientParameters>
            <sec:keyManagers keyPassword="Test1234">
                <sec:keyStore password="Test1234" type="JKS"
                              resource="classpath:certs/myKeystore.jks" />
            </sec:keyManagers>
            <sec:trustManagers>
                <sec:keyStore password="Test1234" type="JKS"
                              resource="classpath:certs/myTruststore.jks" />
            </sec:trustManagers>
            <sec:cipherSuitesFilter>
                <sec:include>.*_WITH_3DES_.*</sec:include>
                <sec:include>.*_WITH_DES_.*</sec:include>
                <sec:exclude>.*_WITH_NULL_.*</sec:exclude>
                <sec:exclude>.*_DH_anon_.*</sec:exclude>
            </sec:cipherSuitesFilter>
        </http:tlsClientParameters>
    </http:conduit>

    <cxf:cxfEndpoint id="myRemoteWebserviceEndpoint"
                     address="{{HTTPS_ADDRESS_OF_REMOTE_WEBSERVICE_PROPERTYE}}"
                     serviceClass="com.autogenerated.ServiceClassFromWSDL">
    </cxf:cxfEndpoint>

    <camel:camelContext id="myCamelContext">
        <camel:routeBuilder ref="myClientRoute"/>
    </camel:camelContext>

</beans>

我的Camel路线如下:

public void configure() throws Exception {
    from("direct:in")
            //Create SOAP request headers and body
            .bean(RequestGenrator.class, "createRequest")
            //Call webservice
            .to("cxf:bean:myRemoteWebserviceEndpoint?dataFormat=MESSAGE")
            .bean(ResponseHandler.class, "extractResponse");
}