我正在进行分配,我需要通过数字签名来使用Web服务。我使用JAX-WS生成了Web Service客户端。为了签署soap请求,我实现了SOAP Handler,它将使用APACHE wss4j库对信封进行签名,然后将其发布到服务器。我有.pfx文件,我将其加载到密钥库并用于签名目的。
当我从eclipse运行此代码并从服务器获得正确的响应时,这一切正常。
问题是我在我的Web应用程序中包含了相同的代码并尝试从那里发送请求,但不知何故签名未在服务器端验证并获得响应soap:Server 75275
我的问题是,wss4j是否可以在Web服务器上签署soap请求?如果不是,那么我可以尝试另一种方法来解决这个问题。任何解决方案的方向都将受到高度赞赏。
代码
Document doc = soapEnv.getOwnerDocument();
WSSecSignature builder = new WSSecSignature();
WSSecTimestamp timestamp = new WSSecTimestamp();
WSSecUsernameToken usernametoken = new WSSecUsernameToken();
usernametoken.setPasswordType(WSConstants.PASSWORD_TEXT);
usernametoken.setUserInfo(SOAP_USER, SOAP_USER_PASS);
usernametoken.addNonce();
usernametoken.addCreated();
WSSecHeader secHeader = new WSSecHeader();
// secHeader.setMustUnderstand(true);
secHeader.insertSecurityHeader(doc);
usernametoken.build(doc, secHeader);
timestamp.build(doc, secHeader);
builder.setUserInfo(KEYSTORE_ALIAS, KEYSTORE_PWD);
builder.setX509Certificate(cert);
builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
builder.setSignatureAlgorithm(WSConstants.RSA_SHA1);
builder.setSigCanonicalization(WSConstants.C14N_EXCL_OMIT_COMMENTS);
builder.setDigestAlgo(WSConstants.SHA1);
builder.setUseSingleCertificate(true);
builder.appendBSTElementToHeader(secHeader);
// Set message parts to sign
List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
WSEncryptionPart bodyPart1 = new WSEncryptionPart("Body", WSConstants.URI_SOAP11_ENV, "Content");
bodyPart1.setElement(soapBody);
parts.add(bodyPart1);
builder.setParts(parts);
// Set keystore and sign the document
Properties properties = new Properties();
properties.setProperty("org.apache.wss4j.crypto.provider",
"class org.apache.ws.security.components.crypto.Merlin");
Merlin crypto = (Merlin) CryptoFactory.getInstance(properties);
crypto.setKeyStore(store);
doc = builder.build(doc, crypto, secHeader);
soapMsg.saveChanges();
//获取证书和商店的代码
// code to get cert and keystore
private boolean getX509Certificate() {
String keyAlias = "";
try {
Security.addProvider(new BouncyCastleProvider());
FileInputStream stream = new FileInputStream(KEYSTORE_FILE); //.pfx file
this.store = KeyStore.getInstance("PKCS12");
store.load(stream, KEYSTORE_PWD.toCharArray());
Enumeration<String> aliases = store.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (store.getCertificate(alias).getType().equals("X.509")) {
keyAlias = alias;
}
}
this.cert = (X509Certificate) store.getCertificate(keyAlias);
return true;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
//例外
皂:Server.75275 响应值:soap:Server.75275 2018-05-11 18:56:17,977错误[WebService](WFA:132301310 - 152335722助理:349730687 IE = 349730685)异常javax.xml.ws.soap.SOAPFaultException: 2018年5月11日18:56:17978 ERROR [WebService的](WFA:132301310 - 152335722准:349730687 IE = 349730685)[org.apache.axis2.jaxws.marshaller.impl.alt.MethodMarshallerUtils.createSystemException(MethodMarshallerUtils.java: 1363) org.apache.axis2.jaxws.marshaller.impl.alt.MethodMarshallerUtils.demarshalFaultResponse(MethodMarshallerUtils.java:1089) org.apache.axis2.jaxws.marshaller.impl.alt.DocLitWrappedMinimalMethodMarshaller.demarshalFaultResponse(DocLitWrappedMinimalMethodMarshaller.java:684) org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.getFaultResponse(JAXWSProxyHandler.java:626) org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.createResponse(JAXWSProxyHandler.java:566) org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.invokeSEIMethod(JAXWSProxyHandler.java:432) org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.invoke(JAXWSProxyHandler.java:213) com.sun.proxy。$ Proxy256.synchronousSendAndReceive(未知来源)
谢谢, 阿伦