Spring ws安全标头未知的密码类型编码异常

Question

我正在实现spring Wss4jSecurityInterceptor来生成SOAP信封wsse标头，想要包含纯密码文本，但是不幸的是，我正在获取未知密码类型编码，看不到任何禁用编码类型的选项。请找到下面的代码片段以及异常详细信息和帮助。

@Bean
    public Wss4jSecurityInterceptor securityInterceptor(){
        Wss4jSecurityInterceptor wss4jSecurityInterceptor = new Wss4jSecurityInterceptor();
        wss4jSecurityInterceptor.setSecurementActions(WSHandlerConstants.USERNAME_TOKEN +" "+ WSHandlerConstants.TIMESTAMP);
        wss4jSecurityInterceptor.setSecurementUsername("scott");
        wss4jSecurityInterceptor.setSecurementPassword("tiger");
        wss4jSecurityInterceptor.setSecurementPasswordType(WSConstants.PASSWORD_TEXT);
        wss4jSecurityInterceptor.setSecurementUsernameTokenCreated(true);
        wss4jSecurityInterceptor.setSecurementUsernameTokenNonce(true);

        return wss4jSecurityInterceptor;
    }

  

org.springframework.ws.soap.security.wss4j2.Wss4jSecuritySecurementException：未知的密码类型编码：http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText；嵌套的异常是org.apache.wss4j.common.ext.WSSecurityException：未知的密码类型编码：http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText       在org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor.secureMessage（Wss4jSecurityInterceptor.java:577）〜[spring-ws-security-3.0.1.RELEASE.jar：na]       在org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest（AbstractWsSecurityInterceptor.java:210）〜[spring-ws-security-3.0.1.RELEASE.jar：na]       在org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive（WebServiceTemplate.java:597）[spring-ws-core-3.0.1.RELEASE.jar：na]       在org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive（WebServiceTemplate.java:555）[spring-ws-core-3.0.1.RELEASE.jar：na]       在org.springframework.ws.client.core.WebServiceTemplate.marshalSendAndReceive（WebServiceTemplate.java:390）[spring-ws-core-3.0.1.RELEASE.jar：na]       在com.bcbsfl.ais.medical.records.AISClient.getMedicalRecords（AISClient.java:144）[bin /：na]       在com.bcbsfl.ais.medical.records.SpringBootSoapClientApplication.lookup（SpringBootSoapClientApplication.java:21）处[bin /：na]       在com.bcbsfl.ais.medical.records.SpringBootSoapClientApplication $$ EnhancerBySpringCGLIB $$ cd3ea8fc.CGLIB $ lookup $ 0（）[bin /：na]       在com.bcbsfl.ais.medical.records.SpringBootSoapClientApplication $$ EnhancerBySpringCGLIB $$ cd3ea8fc $$ FastClassBySpringCGLIB $$ ec9388da.invoke（）[bin /：na]       在org.springframework.cglib.proxy.MethodProxy.invokeSuper（MethodProxy.java:228）[spring-core-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.context.annotation.ConfigurationClassEnhancer $ BeanMethodInterceptor.intercept（ConfigurationClassEnhancer.java:361）上[spring-context-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在com.bcbsfl.ais.medical.records.SpringBootSoapClientApplication $$ EnhancerBySpringCGLIB $$ cd3ea8fc.lookup（）[bin /：na]       在sun.reflect.NativeMethodAccessorImpl.invoke0（本机方法）〜[na：1.8.0_171]       在sun.reflect.NativeMethodAccessorImpl.invoke（NativeMethodAccessorImpl.java:62）〜[na：1.8.0_171]       在sun.reflect.DelegatingMethodAccessorImpl.invoke（DelegatingMethodAccessorImpl.java:43）〜[na：1.8.0_171]       在java.lang.reflect.Method.invoke（Method.java:498）〜[na：1.8.0_171]       在org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate（SimpleInstantiationStrategy.java:154）[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod（ConstructorResolver.java:579）[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod（AbstractAutowireCapableBeanFactory.java:1254）[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance（AbstractAutowireCapableBeanFactory.java:1103）上[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean（AbstractAutowireCapableBeanFactory.java:541）[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean（AbstractAutowireCapableBeanFactory.java:501）[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.AbstractBeanFactory.lambda $ doGetBean $ 0（AbstractBeanFactory.java:317）[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton（DefaultSingletonBeanRegistry.java:228）〜[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean（AbstractBeanFactory.java:315）[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.AbstractBeanFactory.getBean（AbstractBeanFactory.java:199）[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons（DefaultListableBeanFactory.java:760）〜[spring-beans-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization（AbstractApplicationContext.java:869）〜[spring-context-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.context.support.AbstractApplicationContext.refresh（AbstractApplicationContext.java:550）〜[spring-context-5.0.6.RELEASE.jar：5.0.6.RELEASE]       在org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh（ServletWebServerApplicationContext.java:140）〜[spring-boot-2.0.2.RELEASE.jar：2.0.2.RELEASE]       在org.springframework.boot.SpringApplication.refresh（SpringApplication.java:759）〜[spring-boot-2.0.2.RELEASE.jar：2.0.2.RELEASE]       在org.springframework.boot.SpringApplication.refreshContext（SpringApplication.java:395）〜[spring-boot-2.0.2.RELEASE.jar：2.0.2.RELEASE]       在org.springframework.boot.SpringApplication.run（SpringApplication.java:327）〜[spring-boot-2.0.2.RELEASE.jar：2.0.2.RELEASE]       在org.springframework.boot.SpringApplication.run（SpringApplication.java:1255）〜[spring-boot-2.0.2.RELEASE.jar：2.0.2.RELEASE]       在org.springframework.boot.SpringApplication.run（SpringApplication.java:1243）〜[spring-boot-2.0.2.RELEASE.jar：2.0.2.RELEASE]       在com.bcbsfl.ais.medical.records.SpringBootSoapClientApplication.main（SpringBootSoapClientApplication.java:14）[bin /：na]   由以下原因引起：org.apache.wss4j.common.ext.WSSecurityException：未知的密码类型编码：http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText       在org.apache.wss4j.dom.handler.WSHandler.decodeUTParameter（WSHandler.java:509）〜[wss4j-ws-security-dom-2.2.0.jar：2.2.0]       在org.apache.wss4j.dom.handler.WSHandler.doSenderAction（WSHandler.java:141）〜[wss4j-ws-security-dom-2.2.0.jar：2.2.0]       在org.springframework.ws.soap.security.wss4j2.Wss4jHandler.doSenderAction（Wss4jHandler.java:63）〜[spring-ws-security-3.0.1.RELEASE.jar：na]       在org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor.secureMessage（Wss4jSecurityInterceptor.java:574）〜[spring-ws-security-3.0.1.RELEASE.jar：na]

Answer 1

问题已解决WSConstants.PASSWORD_TEXT将文本构建为http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText；而不是PasswordText。因此直接传递了字符串，并按预期方式构建了xml

代替wss4jSecurityInterceptor.setSecurementPasswordType(WSConstants.PASSWORD_TEXT);

替换为wss4jSecurityInterceptor.setSecurementPasswordType("PasswordText");