多个<wsse:security>标头被添加到SOAP标头:CXF客户端实现

时间:2016-04-06 19:42:23

标签: cxf ws-security cxf-client

使用已在其中定义了WS-SecurityPolicy的WSDL实现了CXF客户端。它工作正常,并且被Web应用程序大量使用。 但我们在perf env中观察到间歇性地将多个wsse:Security头添加到SOAP头中导致失败。它是间歇性的,无法在开发环境中重现它。 这是客户端配置:

 <jaxws:client
    xmlns:tns="http://ws.soa.com/service/XYZ/XYZService/"
    name="XYZPort" address="${XYZService.endPoint}"
    serviceClass="com.soa.ws.service.XYZ.XYZService.XYZPortType"
    serviceName="tns:XYZService">
    <jaxws:properties>
        <entry key="ws-security.username" value="${XYZService.auth.username}" />
        <entry key="ws-security.callback-handler" value-ref="XYZServicePasswordCallback" />
    </jaxws:properties>
    <jaxws:inInterceptors>
        <ref bean="logInBound" />
  <ref bean="XYZServiceSOAPResponseInterceptor" />      
    </jaxws:inInterceptors>
    <jaxws:outInterceptors>
        <ref bean="logOutBound" />          
  <ref bean="XYZServiceSOAPRequestInterceptor" />
    </jaxws:outInterceptors>
</jaxws:client>

<bean id="XYZServicePasswordCallback" class="com.services.client.XYZ.XYZServiceClientPasswordCallback" >
    <property name="username" value="${XYZService.auth.username}" />
    <property name="password" value="${XYZService.auth.password}" />
    <!-- Decrypt key defined in keyfile.properties -->
    <property name="secretKey" value="${key}" />
</bean>

这是Intermitttent问题。安全标头添加了两次

<soap:Header>

<wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-   open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-33466425961" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XYZPwd</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>

<wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-33466425962" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XYZPwd</wsse:Password>
 </wsse:UsernameToken>
</wsse:Security>

0 个答案:

没有答案