从EncryptedKey获取SecretKey时出错(JRE7到JRE8升级)

时间:2017-11-16 16:01:02

标签: java spring web-services soap

我已经将一个spring应用程序从Java 7升级到包含加密web服务的Java 8。如果我用测试运行一个soap-call,我得到以下响应:

<SOAP-ENV:Fault>
    <faultcode>SOAP-ENV:Client</faultcode>
    <faultstring xml:lang="en">com.sun.xml.wss.impl.WssSoapFaultException: Error while getting SecretKey from EncryptedKey; nested exception is com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Error while getting SecretKey from EncryptedKey</faultstring>
</SOAP-ENV:Fault>

当我查看catalina.out时,请参阅以下stacktrace:

16-Nov-2017 15:54:48.109 SEVERE [tomcat-http--4] com.sun.xml.wss.impl.misc.KeyResolver.getKey WSS0284: SOAP Fault Exception Occured
 com.sun.xml.wss.XWSSecurityException: Error while getting SecretKey from EncryptedKey
        at com.sun.xml.wss.core.EncryptedKeyToken.getSecretKey(EncryptedKeyToken.java:78)
        at com.sun.xml.wss.impl.misc.KeyResolver.processSecurityTokenReference(KeyResolver.java:719)
        at com.sun.xml.wss.impl.misc.KeyResolver.getKey(KeyResolver.java:135)
        at com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor.processEncryptedData(DecryptionProcessor.java:494)
        at com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor.decryptReferenceList(DecryptionProcessor.java:339)
        at com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor.decrypt(DecryptionProcessor.java:143)
        at com.sun.xml.wss.impl.filter.EncryptionFilter.process(EncryptionFilter.java:421)
        at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:81)
        at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:252)
        at com.sun.xml.wss.impl.SecurityRecipient.processMessagePolicy(SecurityRecipient.java:849)
        at com.sun.xml.wss.impl.SecurityRecipient.processMessagePolicy(SecurityRecipient.java:801)
        at com.sun.xml.wss.impl.SecurityRecipient.validateMessage(SecurityRecipient.java:242)
        at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.verifyInboundMessage(XWSSProcessor2_0Impl.java:134)
        at org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor.validateMessage(XwsSecurityInterceptor.java:163)
        at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest(AbstractWsSecurityInterceptor.java:124)
        at org.springframework.ws.server.endpoint.interceptor.DelegatingSmartEndpointInterceptor.handleRequest(DelegatingSmartEndpointInterceptor.java:80)
        at org.springframework.ws.server.MessageDispatcher.dispatch(MessageDispatcher.java:227)
        at org.springframework.ws.server.MessageDispatcher.receive(MessageDispatcher.java:176)
        at org.springframework.ws.transport.support.WebServiceMessageReceiverObjectSupport.handleConnection(WebServiceMessageReceiverObjectSupport.java:89)
        at org.springframework.ws.transport.http.WebServiceMessageReceiverHandlerAdapter.handle(WebServiceMessageReceiverHandlerAdapter.java:61)
        at org.springframework.ws.transport.http.MessageDispatcherServlet.doService(MessageDispatcherServlet.java:293)
        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
        at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)

我尝试更新或排除某些wss库,但没有效果。

有什么想法吗?

非常感谢!

1 个答案:

答案 0 :(得分:1)

最后,我已经解决了这个问题。

JRE 8中有一些更改,这些更改与xws-security不兼容。 我必须将类EncryptedKeyToken和EncryptionProcessor修改为JRE 8更改,它似乎工作正常。

变化非常小:

<强> com.sun.xml.wss.core.EncryptedKeyToken 

   ses.sendTemplatedEmail({
    Source: from,
    Destination: { ToAddresses: [to] },
    Template : "sample",
    TemplateData: "{ \"name\":\"Alejandro\", \"favoriteanimal\": \"alligator\" }"
}, function(err, data) {
    if (err) return cb(err);
    cb(null, true );
});

<强> com.sun.xml.wss.impl.apachecrypto.EncryptionProcessor 

// Starting line 69
xmlc = XMLCipher.getInstance(algorithm);
xmlc.init(XMLCipher.UNWRAP_MODE, null); // First, init with opMode UNWRAP
// leave the next lines

可以在这里查看maven补丁:

How do you replace the class of a Maven dependency?

如需更换,我使用了以下pom: https://pastebin.com/iYcAkpmH

相关问题
最新问题