Coldfusion - HTTPS错误/ X.509 ws-security

时间:2016-05-27 09:24:32

标签: web-services ssl soap https coldfusion

我对SOAP很新,这是我的第一个项目。我正在尝试连接到HTTPS WSDL,以便在我的网页上提取一些信息。

本地服务器与服务提供商服务器连接的证书设置已准备就绪。当我尝试连接https webservice时有一个响应,所以我相信两个服务器之间没有连接问题:

HTTPs Webservice connection response

以下是第三方技术团队提供的SOAPUI示例:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" 
     xmlns:soap="http://soap.ipr.tfp.com/">
    <soapenv:Header/>
    <soapenv:Body>
       <soap:create>
          <arg0>
            <attribute_1>abc</attribute_1>
            <attribute_2></attribute_2>
            <attribute_3>abc123</attribute_3>
            <attribute_4>abc234</attribute_4>
            <attribute_5></attribute_5>
          </arg0>
       </soap:create>
    </soapenv:Body>
</soapenv:Envelope>

以下是我用于连接Webservice的cfm代码:

<cfscript>
    ws = CreateObject("webservice", [HTTPS URL]?wsdl);
    //show web service methods for debugging purposes
    writeDump(ws);

    // construct arguments
    args = {attribute_1="abc"
            , attribute_2=""
            , attribute_3="abc123"
            , attribute_4="abc234"
            , attribute_5=""
        };
    // call the method
    result  = ws.create(arg0=args);

    writeDump(result)
</cfscript>

问题:

执行我的cfm脚本时,我收到以下错误消息:

     Cannot perform web service invocation create.
The fault returned when invoking the web service operation is:
AxisFault
 faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server
 faultSubcode: 
 faultString: These policy alternatives can not be satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token: The received token does not match the token inclusion requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InitiatorToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RecipientToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts: {http://schemas.xmlsoap.org/soap/envelope/}Body not SIGNED
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EncryptedParts: {http://schemas.xmlsoap.org/soap/envelope/}Body not ENCRY...

问题:

  1. 此错误是否与ColdFusion密钥库中的SSL证书设置有关?

  2. 我的CFM脚本有什么问题吗?请参阅SOAPUI示例,xml格式为`[arg0] - &gt; [attribute_1],[attribute_2]等。我可以这样传递属性吗?

    • result = ws.create(arg0 = args);

  3. 相同的服务可以使用SoapUI工具。我在这里遗漏了什么吗?

    4. 感谢您的时间。感谢您的帮助。

    2016-05-30 - 更新 -

    我尝试使用CFHTTP标记来提交XML,但它似乎返回了一个不同的错误:

    <cfhttp
    url     = "[HTTPS URL]?wsdl"
    method  ="post"
    result  ="httpResponse" 
    charset ="utf-8">

    <cfhttpparam
        type="header"
        name="accept-encoding"
        value="no-compression"
    />
    <cfhttpparam
        type="xml"
        value="#trim( soapBody )#"
        />
</cfhttp>

    错误:

    Error Message Image

    以下是文件内容中的错误消息:

        <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Body>
        <soap:Fault>
            <faultcode>soap:Server</faultcode>
            <faultstring>These policy alternatives can not be satisfied: 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            AsymmetricBinding: Received Timestamp does not match the requirements 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            X509Token: The received token does not match the token inclusion requirement 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            X509Token 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            InitiatorToken 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            RecipientToken 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            IncludeTimestamp: Received Timestamp does not match the requirements 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            SignedParts: {http://schemas.xmlsoap.org/soap/envelope/}
            Body not SIGNED 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            EncryptedParts: 
            {http://schemas.xmlsoap.org/soap/envelope/}
            Body not ENCRYPTED
            </faultstring>
        </soap:Fault>
    </soap:Body>
</soap:Envelope>

    错误消息与cfobject标记类似。当我仔细阅读错误消息时,它似乎与X.509 ws-security加密有关,其中SOAP内容在发送到Web服务请求之前需要加密。

    经过一番研究后,加密流程看起来如下:

    1. 将SOAP内容保存到临时文件夹中。

    2. 使用Java类文件将SOAP内容加密为X.509 ws-security格式。

    3. 将新的加密SOAP内容发送到Webservice。

      4. 我不知道CF如何使用Java类文件。有没有人之前做过相同的加密转换?

1 个答案:

答案 0 :(得分:0)

在连接到网络服务的代码中,更改

ws = CreateObject("webservice", [HTTPS URL]);


ws = CreateObject(
  "webservice", 
  "[HTTPS URL]",
  {wsversion="1"}
);

只有Axis 1适合您。

另请检查另一端,如果您使用ColdFusion公开Web服务,请确保为Axis 1设置。

相关问题
最新问题