签署SOAP消息时出错

时间:2017-04-19 13:29:54

标签: java soap signature

尝试在Java中签署SOAP消息时会抛出异常:

14:47:39.896 [AWT-EventQueue-0] ERROR com.ui.FinestraPrincipal - WSHandler: Signature: error during message procesingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature); nested exception is: 
    org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message procesingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
org.apache.axis.AxisFault: WSHandler: Signature: error during message procesingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature); nested exception is: 
    org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message procesingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
    at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:223) ~[wss4j-1.5.1.jar:?]
    at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) ~[axis.jar:?]
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) ~[axis.jar:?]
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) ~[axis.jar:?]
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) ~[axis.jar:?]
at org.apache.axis.client.Call.invokeEngine(Call.java:2765) ~[axis.jar:?]
at org.apache.axis.client.Call.invoke(Call.java:2748) ~[axis.jar:?]
at org.apache.axis.client.Call.invoke(Call.java:1902) ~[axis.jar:?]
at net.aocat.siri.proxy.client.SIRIProxyClient.invoca(SIRIProxyClient.java:54) ~[classes/:?]
at com.ObtenidorDocumentsMUX.getDocumentsIntern(ObtenidorDocumentsMUX.java:51) ~[classes/:?]
at com.ObtenidorDocumentsMUX.getDocuments(ObtenidorDocumentsMUX.java:36) ~[classes/:?]
at com.FinestraPrincipal.jButton2ActionPerformed(FinestraPrincipal.java:241) [classes/:?]
at com.FinestraPrincipal.access$200(FinestraPrincipal.java:27) [classes/:?]
at com.FinestraPrincipal$4.actionPerformed(FinestraPrincipal.java:113) [classes/:?]
at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2022) [?:1.8.0_121]
at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2348) [?:1.8.0_121]
at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:402) [?:1.8.0_121]
at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259) [?:1.8.0_121]
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:252) [?:1.8.0_121]
at java.awt.Component.processMouseEvent(Component.java:6533) [?:1.8.0_121]
at javax.swing.JComponent.processMouseEvent(JComponent.java:3324) [?:1.8.0_121]
at java.awt.Component.processEvent(Component.java:6298) [?:1.8.0_121]
at java.awt.Container.processEvent(Container.java:2236) [?:1.8.0_121]
at java.awt.Component.dispatchEventImpl(Component.java:4889) [?:1.8.0_121]
at java.awt.Container.dispatchEventImpl(Container.java:2294) [?:1.8.0_121]
at java.awt.Component.dispatchEvent(Component.java:4711) [?:1.8.0_121]
at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4888) [?:1.8.0_121]
at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4525) [?:1.8.0_121]
at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4466) [?:1.8.0_121]
at java.awt.Container.dispatchEventImpl(Container.java:2280) [?:1.8.0_121]
at java.awt.Window.dispatchEventImpl(Window.java:2746) [?:1.8.0_121]
at java.awt.Component.dispatchEvent(Component.java:4711) [?:1.8.0_121]
at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:758) [?:1.8.0_121]
at java.awt.EventQueue.access$500(EventQueue.java:97) [?:1.8.0_121]
at java.awt.EventQueue$3.run(EventQueue.java:709) [?:1.8.0_121]
at java.awt.EventQueue$3.run(EventQueue.java:703) [?:1.8.0_121]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_121]
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:80) [?:1.8.0_121]
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:90) [?:1.8.0_121]
at java.awt.EventQueue$4.run(EventQueue.java:731) [?:1.8.0_121]
at java.awt.EventQueue$4.run(EventQueue.java:729) [?:1.8.0_121]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_121]
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:80) [?:1.8.0_121]
at java.awt.EventQueue.dispatchEvent(EventQueue.java:728) [?:1.8.0_121]
at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:201) [?:1.8.0_121]
at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116) [?:1.8.0_121]
at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105) [?:1.8.0_121]
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101) [?:1.8.0_121]
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93) [?:1.8.0_121]
at java.awt.EventDispatchThread.run(EventDispatchThread.java:82) [?:1.8.0_121]
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message procesingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) ~[wss4j-1.5.1.jar:?]
at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:192) ~[wss4j-1.5.1.jar:?]
at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:170) ~[wss4j-1.5.1.jar:?]
... 49 more

我尝试签名的SOAP消息是:

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <soapenv:Body>
    <ns1:procesa xmlns="http://www.openuri.org/" xmlns:ns1="http://www.openuri.org/">
      <Peticion xmlns="http://XXXXX/scsp/esquemes/peticion">
        <Atributos>
            <IdPeticion>XXXX</IdPeticion>
            <NumElementos>1</NumElementos>
            <TimeStamp>2017-04-19 14:47:38.671</TimeStamp>
            .....
       </Atributos >
     </Peticion>
   </ns1:procesa>
  </soapenv:Body>
</soapenv:Envelope> 

用于创建和签署消息以及调用服务的代码是:

     //....
     //xml contains the message shown before
     SOAPEnvelope requestEnvelope = new SOAPEnvelope();
     SOAPBodyElement requestBodyElement = new SOAPBodyElement(xml.getDocumentElement());
     requestEnvelope.addBodyElement(requestBodyElement);
     Service service = new Service(getWssd());
     Call call = (Call) service.createCall();
     call.setTargetEndpointAddress(url);
     SOAPEnvelope responseEnvelope = call.invoke(requestEnvelope);

在最后一行之后抛出异常。

为了完整起见,getWssd()方法是:

   public FileProvider getWssd () throws Exception
   {
      InputStream is = ClassLoader.getSystemResourceAsStream("path/to/properties/config.wsdd");
      return new FileProvider(is);
   }//getWssd

config.wsdd的内容是:

<?xml version="1.0" encoding="UTF-8"?>
<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
  <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/>

  <globalConfiguration >
    <requestFlow>
      <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
        <parameter name="passwordCallbackClass" value="net.aocat.siri.proxy.client.PWCallback"/>     
        <parameter name="action" value="Timestamp Signature"/>
        <parameter name="user" value="alies"/>
        <parameter name="signaturePropFile" value="keystore.properties"/>
        <parameter name="signatureKeyIdentifier" value="DirectReference"/>
      </handler>
    </requestFlow >
    <responseFlow>
     <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
       <parameter name="passwordCallbackClass" value="net.aocat.siri.proxy.client.PWCallback"/>
       <parameter name="action" value="Timestamp Signature"/>
       <parameter name="signaturePropFile" value="truststore.properties"/>
     </handler>
    </responseFlow>     
  </globalConfiguration >
</deployment>

我无法找到为什么这个例外被抛出......任何想法?

非常感谢你的帮助。

1 个答案:

答案 0 :(得分:0)

最后我发现了问题http://wso2.com/library/116/

user中的config.wsdd参数必须与密钥库中的密钥别名相同。

这很简单,但很难找到。