我们正在使用带有WS策略的axis2,如下所示:
context.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(PLAIN_TEXT_POLICY_FILE));
使用loadpPolicy代码:
InputStream file = this.getClass().getResourceAsStream(fileName);
StAXOMBuilder builder = new StAXOMBuilder(file);
Policy result = PolicyEngine.getPolicy(builder.getDocumentElement());
当我们进行通话时,我们看到:
wsse:UsernameToken xmlns:wsu =“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”wsu:Id =“UsernameToken- 1"
我们想要而不是wsu:Id =“UsernameToken-1”看到类似的东西:wsu:Id =“SecurityToken-d61ff167-34c7-430b-b3ad-50c8882ed5t9”
如何实现这一目标?我们需要更新政策吗?
答案 0 :(得分:1)
在不使用策略的情况下,从Java代码手动成功构建了标头:
stub._getServiceClient().addHeader(createRequestHeader());
createRequestHeader具有以下代码:
// Defines some namespace and URL constants
String WS_SEC_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
String WS_SOAP_URL = "http://schemas.xmlsoap.org/soap/envelope/";
SOAPFactory soapFact = OMAbstractFactory.getSOAP12Factory();
// namespace objects creation
OMNamespace ns = soapFact.createOMNamespace(WS_SEC_NS, "wsse");
OMNamespace nsu = soapFact.createOMNamespace(WS_SEC_NS, "wsu");
OMNamespace nsoap = soapFact.createOMNamespace(WS_SOAP_URL, "soap");
// Header definition and sub elements
SOAPHeaderBlock wssHeader = soapFact.createSOAPHeaderBlock("Security", ns);
wssHeader.addAttribute("mustUnderstand", "1", nsoap);
OMElement timeStampElement = soapFact.createOMElement("Timestamp", nsu);
// add random UUID as security ID
timeStampElement.addAttribute("Id", "Timestamp-" + UUID.randomUUID(), nsu);
// sub elements of timestamp
OMElement expires = soapFact.createOMElement("Expires", nsu);
Calendar cal = Calendar.getInstance();
// expiry period is now + 5 minutes
cal.add(Calendar.MINUTE, 5);
expires.setText(String.valueOf(new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'").format(cal.getTime())));
OMElement created = soapFact.createOMElement("Created", nsu);
created.setText(String.valueOf(new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'").format(new Date())));
OMElement usernameToken = soapFact.createOMElement("UsernameToken", ns);
// add random UUID as security token ID
usernameToken.addAttribute("Id", "SecurityToken-" + UUID.randomUUID(), nsu);
// sub elements of username token
OMElement username = soapFact.createOMElement("Username", ns);
username.setText(user);
OMElement password = soapFact.createOMElement("Password", ns);
password.setText(this.password);
password.addAttribute(WSConstants.PASSWORD_TYPE_ATTR, WSConstants.PASSWORD_TEXT, null);
OMElement nonce = soapFact.createOMElement("Nonce", ns);
// fill the nonce as a random encoded UUID
nonce.setText(HashUtils.createEncodedUUID());
OMElement createdUser = soapFact.createOMElement("Created", nsu);
createdUser.setText(String.valueOf(new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'").format(new Date())));
// adding sub elements
usernameToken.addChild(username);
usernameToken.addChild(password);
usernameToken.addChild(nonce);
usernameToken.addChild(createdUser);
timeStampElement.addChild(created);
timeStampElement.addChild(expires);
wssHeader.addChild(timeStampElement);
wssHeader.addChild(usernameToken);
以下方法用于哈希:
public static String createEncodedUUID()
{
log.trace("Enter Method createEncodedUUID");
String randomId = String.valueOf(UUID.randomUUID());
MessageDigest md = null;
String result = "";
try
{
md = MessageDigest.getInstance("SHA1");
md.update(randomId.getBytes());
byte[] byteNonce = md.digest();
result = String.valueOf(Base64.encodeBase64(byteNonce));
}
catch(NoSuchAlgorithmException e)
{
log.error("NoSuchAlgorithmException. Error calling createEncodedUUID.", e);
}
log.trace("Return Method createEncodedUUID. Result: {}", result);
return result;
}