具有WS-Security的Axis 1.4 Web服务客户端

时间:2016-04-16 07:07:23

标签: java web-services axis keystore ws-security

我正在尝试使用Apache Axis 1.4编写Web服务客户端。 Webservice正在使用WS-Security,经过多次尝试后我需要一些帮助。我写了以下代码:

        sbinary.WSHttpBinding_IServiceStub stub;
        stub = (sbinary.WSHttpBinding_IServiceStub)new sbinary.ServiceLocator().getWSHttpBinding_IService();

        stub._setProperty(org.apache.axis.client.Call.CHECK_MUST_UNDERSTAND, Boolean.FALSE);
        stub._setProperty(Stub.USERNAME_PROPERTY, serviceUsername);
        stub._setProperty(Stub.PASSWORD_PROPERTY, servicePassword);
        // Create a trust manager that does not validate certificate chains
        final TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
            @Override
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override
            public void checkClientTrusted(X509Certificate[] certs, String authType) {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] certs, String authType) {
            }
        }
        };

        // Install the all-trusting trust manager
        try {
            AxisProperties.setProperty("axis.socketSecureFactory","org.apache.axis.components.net.SunFakeTrustSocketFactory");
            SSLContext sc = SSLContext.getInstance("SSL");
            sc.init(null, trustAllCerts, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        } catch (Exception ex) {
            // take action
        }
        addWsSecurityHeader(stub, serviceUsername, servicePassword);
        stub.pingDatabase();`

我覆盖了证书验证,因为服务器有一个我无法验证的不安全(自签名)证书。运行此代码后,我得到了回复:the security context token is expired or is not valid。我还尝试使用以下代码

    protected void addWsSecurityHeader(org.apache.axis.client.Stub binding, String wsUser, String wsPass) throws SOAPException {

    // Create the top-level WS-Security SOAP header XML name.
    QName headerName = new QName(
            "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
    SOAPHeaderElement header = new SOAPHeaderElement(headerName);
    //  no intermediate actors are involved.
    header.setActor(null);
    // not important, "wsse" is standard
    header.setPrefix("wsse");
    header.setMustUnderstand(true);

     //Add the UsernameToken element to the WS-Security header
    SOAPElement utElem = header.addChildElement("UsernameToken");
    SOAPElement userNameElem = utElem.addChildElement(wsUser);
    userNameElem.setValue(wsUser);
    SOAPElement passwordElem = utElem.addChildElement(wsPass);
    passwordElem.setValue(wsPass);

    // Finally, attach the header to the binding.
    binding.setHeader(header);
}

然后我遇到了错误:org.xml.sax.SAXParseException; Premature end of file. 如果你能给我一个很好的教程,那将会很有帮助,谢谢(抱歉格式化)。

0 个答案:

没有答案
相关问题
最新问题