再次欢迎WSO2社区,
我们是新手,我们正在努力了解和学习有关WSO2 ESB的技巧。这是我们的第一个项目。 我们必须调用具有安全策略的Web服务。 我们已按顺序将此端点定义为
<proxy name=........>
<inSequence>
<header name="Action" scope="default" value="urn:rc"/>
<header name="wsse:Security" scope="default" value="" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
<send>
<endpoint>
<address statistics="enable" trace="enable" uri="https://urlToEndPoint">
<enableSec policy="gov:policy/policy.xml"/>
</address>
</endpoint>
</send>
</inSequence>
<outSequence>
<send/>
</outSequence>
<faultSequence/>
</proxy>
当我们将带有数据的soap消息发送到CDATA元素时,一切正常,我们收到一条确认消息。但是如果我们发送不同于CDATA的相同消息,我们会收到下一个错误:
TID: [-1] [] [2017-03-03 14:02:56,797] ERROR org.apache.synapse.transport.passthru.ClientWorker} - Fault processing response message through Axis2 {org.apache.synapse.transport.passthru.ClientWorker}
org.apache.axis2.AxisFault: Missing wsse:Security header in request
at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180) at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:99)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167)
at org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:261)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.rampart.RampartException: Missing wsse:Security header in request
at org.apache.rampart.RampartEngine.process(RampartEngine.java:146)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
... 9 more
这是我的安全政策。
<wsp:Policy wsu:Id="SigOnly"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssX509V3Token10/>
<!-- sp:WssX509V3Token10/ -->
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
<!-- sp:WssX509V3Token10/ -->
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:TripleDesRsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:ProtectTokens/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
<rampart:RampartConfig xmlns:rampart="http://ws.apache.org/rampart/policy">
<rampart:user>XXXXXXXXXXXXXXXX</rampart:user>
<rampart:encryptionUser>XXXXXXXXXXXXXXXX</rampart:encryptionUser>
<rampart:timestampPrecisionInMilliseconds>true</rampart:timestampPrecisionInMilliseconds>
<rampart:timestampTTL>300</rampart:timestampTTL>
<rampart:timestampMaxSkew>300</rampart:timestampMaxSkew>
<rampart:timestampStrict>false</rampart:timestampStrict>
<rampart:passwordCallbackClass>XX.XXXX.XX.XXXX.XXXXX.PWCBHandler</rampart:passwordCallbackClass>
<rampart:tokenStoreClass>org.wso2.carbon.security.util.SecurityTokenStore</rampart:tokenStoreClass>
<rampart:nonceLifeTime>300</rampart:nonceLifeTime>
<rampart:encryptionCrypto>
<rampart:crypto
cryptoKey="org.wso2.carbon.security.crypto.privatestore" provider="org.wso2.carbon.security.util.ServerCrypto">
<rampart:property name="org.wso2.carbon.security.crypto.alias">XXXXXXXXXXXXXXXX</rampart:property>
<rampart:property name="org.wso2.carbon.security.crypto.privatestore">XXXXXXXX.jks</rampart:property>
<rampart:property name="org.wso2.stratos.tenant.id">-1234</rampart:property>
<rampart:property name="org.wso2.carbon.security.crypto.truststores">XXXXXXXX.jks</rampart:property>
<rampart:property name="rampart.config.user">XXXXXXXXXXXXXX</rampart:property>
</rampart:crypto>
</rampart:encryptionCrypto>
<rampart:signatureCrypto>
<rampart:crypto
cryptoKey="org.wso2.carbon.security.crypto.privatestore" provider="org.wso2.carbon.security.util.ServerCrypto">
<rampart:property name="org.wso2.carbon.security.crypto.alias">XXXXXXXXXXXXXXXX</rampart:property>
<rampart:property name="org.wso2.carbon.security.crypto.privatestore">XXXXXXXX.jks</rampart:property>
<rampart:property name="org.wso2.stratos.tenant.id">-1234</rampart:property>
<rampart:property name="org.wso2.carbon.security.crypto.truststores">XXXXXXXX.jks</rampart:property>
<rampart:property name="rampart.config.user">XXXXXXXXXXXXXXXX</rampart:property>
</rampart:crypto>
</rampart:signatureCrypto>
</rampart:RampartConfig>
</wsp:Policy>
这是终点
<proxy name="Proxy" startOnLoad="true" transports="http https" xmlns="http://ws.apache.org/ns/synapse">
<target>
<inSequence>
<header name="Action" scope="default" value="urn:operacion"/>
<header name="wsse:Security" scope="default" value="" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
<send>
<endpoint>
<address statistics="enable" trace="enable" uri="https://URLtoWebService">
<enableSec policy="gov:ws-policy/policy.xml"/>
</address>
</endpoint>
</send>
</inSequence>
<outSequence/>
<faultSequence/>
</target>
</proxy>
我们通过http / s连接发送这种肥皂信息。
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ws="http://xx.xxx">
<soapenv:Header/>
<soapenv:Body>
<xx:operacion>
<!--Optional:-->
<ws:xml>
<mensaje id="002" date="2003-07-09-08-58-39">
<data>............</data>
</mensaje>
</xx:xml>
</xx:operacion>
</soapenv:Body>
</soapenv:Envelope>
是否有人知道有关此错误的警告以及如何解决此问题?
提前致谢。