我有一个Spring WS客户端,需要使用密钥库/信任组合以及基本身份验证进行身份验证。
这是我目前拥有的相关Spring配置:
@Configuration
public class SpringWSConfig {
@Bean
public Jaxb2Marshaller jaxb2Marshaller() {
Jaxb2Marshaller marshaller = new Jaxb2Marshaller();
marshaller.setPackagesToScan("io.shido.credit.domain");
return marshaller;
}
@Bean
public WebServiceTemplate webServiceTemplate() throws Exception {
final WebServiceTemplate template = new WebServiceTemplate(jaxb2Marshaller(), jaxb2Marshaller());
template.setDefaultUri("https://domain.tld/SVC/data");
//template.setMessageSenders(new WebServiceMessageSender[]{ messageSender(), messageSender2() });
//template.setInterceptors(new ClientInterceptor[] { wss4jSecurityInterceptor() });
template.setMessageSender(messageSender());
return template;
}
@Bean
public HttpsUrlConnectionMessageSender messageSender() throws Exception {
HttpsUrlConnectionMessageSender messageSender = new HttpsUrlConnectionMessageSender();
messageSender.setTrustManagers(trustManagersFactoryBean().getObject()); // set the trust store(s)
messageSender.setKeyManagers(keyManagersFactoryBean().getObject()); // set the key store(s)
return messageSender;
}
这适用于密钥库/可信任部分。我能够成功进行SSL握手,但是现在我得到了一个 HTTP 401(未经授权)。所以我试过了:
senders;其中一个HttpComponentsMessageSender上面有用户名和密码......但它不起作用ClientInterceptor配置/设置配置Wss4jSecurityInterceptor ...也不起作用HttpsUrlConnectionMessageSender的发件人,请添加username和password字段,覆盖prepareConnection并设置connection.setRequestProperty以使用{{1}标头。这次我得到 HTTP 405(方法不允许) 任何线索如何做到这一点?
答案 0 :(得分:1)
我最终创建了一个新类,并在Spring lib/awesomelib/aws.rb:6:10: C: Style/MutableConstant: Freeze mutable objects assigned to constants.
IP = '34.111.241.111'
^^^^^^^^^^^^^^^^
中将其作为message sender注入。这解决了WebServiceTemplate - 不太记得HTTP 401 (Unauthorized)。
HTTP 405 (Method Not Allowed)@Bean
public HttpsUrlConnectionMessageSender messageSender() throws Exception {
HttpsUrlConnectionMessageSender messageSender = new BasicAuthHttpsConnectionMessageSender(username, password);
// ...
return messageSender;
}
有关详细信息,请参阅this answer。两者都是相关的(如果不是几乎相同)。