FMW中间件11g中的凭据存储-拒绝访问

时间:2018-07-10 14:49:09

标签: security java-ee soap weblogic

我在从Weblogic的凭据存储中获取凭据时遇到问题(如标题中的:))。

我编写了SOAP Web服务并将其部署到同一Weblogic(凭证存储)中。

获取凭据:

private String getPassword(final String mapName, final String key) {
    String password;
    try {
        password =
                AccessController.doPrivileged(new PrivilegedExceptionAction<String>() {
                    public String run() throws CredStoreException, JpsException {
                        CredentialStore credentialStore = JpsServiceLocator.getServiceLocator().lookup(CredentialStore.class);
                        PasswordCredential pwCred =
                                (PasswordCredential)credentialStore.getCredential(mapName, key);
                        String password = new String(pwCred.getPassword());
                        return password;
                    }
                });
    } catch (PrivilegedActionException ex) {
        throw new RuntimeException(ex);
    }
    return password;
}

我也在EM中创建了Map和Key凭据,并添加了系统策略

PermissionClass:oracle.security.jps.service.credstore.CredentialAccessPermission

资源名称:context=SYSTEM,mapName=oracle.wsm.security,keyName=*

权限:read

还有ofc代码库,我在其中放置了WAR存档的位置。

不幸的是,我收到错误消息:

<detail>
    <ns2:exception xmlns:ns2="http://jax-ws.dev.java.net/" class="java.security.AccessControlException" note="To disable this feature, set com.sun.xml.ws.fault.SOAPFaultBuilder.disableCaptureStackTrace system property to false">
        <message>access denied ("oracle.security.jps.service.credstore.CredentialAccessPermission" "context=SYSTEM,mapName=oracle.wsm.security,keyName=osb.tst.weblogic.user" "read")</message>
        <ns2:stackTrace>
            <ns2:frame class="java.security.AccessControlContext" file="AccessControlContext.java" line="372" method="checkPermission"/>
            <ns2:frame class="java.security.AccessController" file="AccessController.java" line="559" method="checkPermission"/>
            <ns2:frame class="oracle.security.jps.util.JpsAuth$AuthorizationMechanism$3" file="JpsAuth.java" line="478" method="checkPermission"/>
            <ns2:frame class="oracle.security.jps.util.JpsAuth" file="JpsAuth.java" line="538" method="checkPermission"/>
            <ns2:frame class="oracle.security.jps.util.JpsAuth" file="JpsAuth.java" line="564" method="checkPermission"/>
            <ns2:frame class="oracle.security.jps.internal.credstore.util.CsfUtil" file="CsfUtil.java" line="691" method="checkPermission"/>
            <ns2:frame class="oracle.security.jps.internal.credstore.ssp.SspCredentialStore" file="SspCredentialStore.java" line="608" method="getCredential"/>

有人可以帮忙吗?

0 个答案:

没有答案
相关问题
最新问题