需要根据策略oracle / wss10_x509_token_with_message_protection_client_policy在SOAP请求中添加安全标头的代码段。我试过使用下面的代码。但是当我点击web服务然后在服务器日志中说:oracle.wsm.security.SecurityException:WSM-00069:缺少安全头。确保在客户端附加了有效的安全策略,并且该策略已启用。
代码:
EntMsgEvsNotificationBindingQSService service = new EntMsgEvsNotificationBindingQSService();
SecurityPoliciesFeature securityFeatures = new SecurityPoliciesFeature(new String[] { "bankaudi/wss10_x509_token_client_policy" });
EntMsgEvsNotification port = service.getEntMsgEvsNotificationBindingQSPort(securityFeatures);
List credProviders = new ArrayList();
CredentialProvider cp =
new ClientBSTCredentialProvider(clientKeyStore, clientKeyStorePass,
clientKeyAlias, clientKeyPass,
"JKS",serverCert);
System.out.println("Credential Provider"+cp);
credProviders.add(cp);
BindingProvider bindingProvider = (BindingProvider) port;
bindingProvider.getRequestContext()
.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, endPoint);
Map<String, Object> requestContext =
((BindingProvider)port).getRequestContext();
requestContext.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
requestContext.put(ClientConstants.WSSEC_KEYSTORE_TYPE,"JKS");
requestContext.put(ClientConstants.WSSEC_KEYSTORE_LOCATION,clientKeyStore);
requestContext.put(ClientConstants.WSSEC_KEYSTORE_PASSWORD,clientKeyStorePass);
requestContext.put(ClientConstants.WSSEC_ENC_KEY_ALIAS,serverAlias);
requestContext.put(ClientConstants.WSSEC_ENC_KEY_PASSWORD,clientKeyPass);
requestContext.put(ClientConstants.WSSEC_RECIPIENT_KEY_ALIAS,serverAlias);
requestContext.put(ClientConstants.WSSEC_SIG_KEY_ALIAS,clientKeyAlias);
requestContext.put(ClientConstants.WSSEC_SIG_KEY_PASSWORD,clientKeyPass);
requestContext.put(WSSecurityContext.TRUST_MANAGER,
new TrustManager() {
public boolean certificateCallback(X509Certificate[] chain,
int validateErr) {
// Check that the server cert matches
boolean result = true;
return result;
}
});