Question

我有一个非常简单的任务要完成 - 我必须设置Web服务的安全性（使用WLES用户ID和密码进行硬编码的基本身份验证）。我设置了web.xml（参见下面的代码片段），但我很难配置WebLogic。我添加了IdentityAssertionAuthenticator身份验证提供程序，将其设置为必需，将DefaultAuthenticator修改为可选，然后我去部署应用程序的安全性并将角色设置为“thisIsUser”，并且在某些时候它工作，但不再是（我重新部署war文件并设置Web服务安全性）同样的方式，但没有用。）我非常感谢你的帮助。的web.xml

    <?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    id="PC3-WS" version="2.5">
    <display-name>PC3-WS</display-name>
     <session-config>
        <session-timeout>30</session-timeout>
    </session-config>
    <security-constraint>
        <display-name>SecurityConstraint</display-name>
        <web-resource-collection>
             <web-resource-name>PC3-WS</web-resource-name>
            <url-pattern>/PC3-WS</url-pattern>

        </web-resource-collection>

        <auth-constraint>
            <role-name>basicGroup</role-name>
        </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>

    </security-constraint>

    <security-role>
        <role-name>basicGroup</role-name>
    </security-role>

    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>myrealm</realm-name>
    </login-config>
</web-app>

weblogic.xml中：

    <?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    id="PC3-WS" version="2.5">
    <display-name>PC3-WS</display-name>
     <session-config>
        <session-timeout>30</session-timeout>
    </session-config>
    <security-constraint>
        <display-name>SecurityConstraint</display-name>
        <web-resource-collection>
             <web-resource-name>PC3-WS</web-resource-name>
            <url-pattern>/PC3-WS</url-pattern>

        </web-resource-collection>

        <auth-constraint>
            <role-name>basicGroup</role-name>
        </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>

    </security-constraint>

    <security-role>
        <role-name>basicGroup</role-name>
    </security-role>

    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>myrealm</realm-name>
    </login-config>
</web-app>

验证人名单：

DefaultAuthenticator
DefaultIdentityAssert

现在我有例外：

WS spec-version:2.5], request: weblogic.servlet.internal.ServletRequestImpl@23e1aca[
GET /PC3-WS/MetadataService?WSDL HTTP/1.1
User-Agent: Java1.6.0_22
Accept: text/html, image/gif, image/jpeg, */*; q=.2
Connection: Keep-Alive

]] Root cause of ServletException.
java.lang.NullPointerException
    at weblogic.wsee.jaxws.JAXWSDeployedServlet.init(JAXWSDeployedServlet.java:45)
    at javax.servlet.GenericServlet.init(GenericServlet.java:241)
    at weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHelper.java:283)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    Truncated. see log file for complete stacktrace
> 
java.lang.RuntimeException: weblogic.testclient.WsdlParseFailedException: Unable to parse WSDl at: http://192.168.1.3:7001/PC3-WS/MetadataService?WSDL
    at weblogic.testclient.ConnectionState.createWsdl(ConnectionState.java:69)
    at Controller.refreshWsdl(Controller.java:641)
    at Controller.begin(Controller.java:451)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.beehive.netui.pageflow.FlowController.invokeActionMethod(FlowController.java:879)
    at org.apache.beehive.netui.pageflow.FlowController.getActionMethodForward(FlowController.java:809)
    at org.apache.beehive.netui.pageflow.FlowController.internalExecute(FlowController.java:478)
    at org.apache.beehive.netui.pageflow.PageFlowController.internalExecute(PageFlowController.java:306)
    at org.apache.beehive.netui.pageflow.FlowController.execute(FlowController.java:336)
    at org.apache.beehive.netui.pageflow.internal.FlowControllerAction.execute(FlowControllerAction.java:52)
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.access$201(PageFlowRequestProcessor.java:97)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor$ActionRunner.execute(PageFlowRequestProcessor.java:2044)
    at org.apache.beehive.netui.pageflow.interceptor.action.internal.ActionInterceptors.wrapAction(ActionInterceptors.java:91)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:2116)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processInternal(PageFlowRequestProcessor.java:556)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:853)
    at org.apache.beehive.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:631)
    at org.apache.beehive.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:158)
    at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3683)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: weblogic.testclient.WsdlParseFailedException: Unable to parse WSDl at: http://192.168.1.3:7001/PC3-WS/MetadataService?WSDL
    at weblogic.testclient.ConnectionState.createWsdlFromHttpUrl(ConnectionState.java:199)
    at weblogic.

testclient.ConnectionState.createWsdl（ConnectionState.java:60） ......还有38个

Answer 1

您能提供完整的web.xml＆amp; weblogic.xml文件？
如果您只是进行BASIC身份验证，为什么还要配置IdentityAssertionAuthenticator？
您还可以在服务器摘要＆gt; myrealm＆gt;提供商（来自控制台）中提供您的身份验证器

最后，您可以启用调试以跟踪身份验证是否被触发

在控制台上导航至

服务器摘要＆gt; ％your_server％＆gt;调试

展开weblogic＆gt;安全性和启用

DebugSecurity
atn＆gt; DebugSecurityAtn

确保您将日志设置为DEBUG模式。测试应用程序并查看服务器日志，它应该提供有关正在发生的事情的详细信息。

Answer 2

这是使用基本HTTP身份验证来保护Web服务的方法，在WLES 10.3.3中。

在WLES管理控制台中，转到安全领域 - ＆gt; MyRealm并创建：

新用户：user / 12345678 新组：basicGroup 将用户添加到组

在web.xml中添加安全设置（路径，基本类型）：

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    id="PC3-WS" version="2.5">
    <display-name>PC3-WS</display-name>
     <session-config>
        <session-timeout>30</session-timeout>
    </session-config>
    <security-constraint>
        <display-name>SecurityConstraint</display-name>
        <web-resource-collection>
             <web-resource-name>PC3-WS</web-resource-name>
            <url-pattern>/PC3-WS</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>basicGroup</role-name>
        </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <security-role>
        <role-name>Authenticated</role-name>
    </security-role>

    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>myrealm</realm-name>
    </login-config>
</web-app>

在weblogic.xml中映射具有服务器角色的应用程序角色（必须）：

<?xml version="1.0" encoding="UTF-8"?>
<wls:weblogic-web-app
    xmlns:wls="http://xmlns.oracle.com/weblogic/weblogic-web-app"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd http://xmlns.oracle.com/weblogic/weblogic-web-app http://xmlns.oracle.com/weblogic/weblogic-web-app/1.1/weblogic-web-app.xsd">
    <wls:weblogic-version>10.3.3</wls:weblogic-version>
    <wls:context-root>PC3-WS</wls:context-root>
    <wls:security-role-assignment>
        <wls:role-name>Authenticated</wls:role-name>
        <wls:principal-name>users</wls:principal-name>
    </wls:security-role-assignment>
</wls:weblogic-web-app>

构建和部署应用程序。重启WLES。您可以使用SoapUI进行测试，在下面的“身份验证和安全相关设置”中传递userId和密码转到文件 - ＆gt;首选项，然后在“HTTP设置”中选中“抢先认证” 现在，您可以从soapUI运行Web服务。

如何设置WebLogic 10.3.3。 JAX_WS Web服务的安全性？

2 个答案: