我正在使用带有注解配置的Spring + wss4j。 Wss4jSecurityInterceptor拦截器具有以下配置:
@Bean
public Wss4jSecurityInterceptor sessionInterceptorNb() throws Exception {
Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor();
// set security actions
securityInterceptor.setSecurementActions("UsernameToken Signature Encrypt");
// sign the request
securityInterceptor.setSecurementUsername("anyuser");
securityInterceptor.setSecurementPassword("anypassword");
securityInterceptor.setSecurementSignatureUser("privatecertuser");
securityInterceptor.setSecurementSignatureCrypto(getCryptoFactoryBeanNb().getObject());
securityInterceptor.setSecurementSignatureParts("{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");
return securityInterceptor;
}
仅此而已。
我想将anyuser和anypassword设置为请求元素UsernameToken,并使用privatecertuser对请求进行签名,但是我正在解决这个错误:
Original Exception was java.security.UnrecoverableKeyException: Cannot recover key
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Error during Signature:
at org.apache.wss4j.dom.action.SignatureAction.execute(SignatureAction.java:163)
at org.apache.wss4j.dom.handler.WSHandler.doSenderAction(WSHandler.java:238)
at org.springframework.ws.soap.security.wss4j2.Wss4jHandler.doSenderAction(Wss4jHandler.java:63)
at org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor.secureMessage(Wss4jSecurityInterceptor.java:574)
... 45 common frames omitted
Caused by: org.apache.wss4j.common.ext.WSSecurityException: The private key for the supplied alias does not exist in the keystore
at org.apache.wss4j.dom.message.WSSecSignature.computeSignature(WSSecSignature.java:595)
at org.apache.wss4j.dom.action.SignatureAction.execute(SignatureAction.java:155)
... 48 common frames omitted
我正在使用命令keytool -list -v -keystore查看密钥库的内容,并且可以看到“ privatecertuser”的私有条目。
如果我删除对
的方法调用securityInterceptor.setSecurementSignatureUser("privatecertuser");
并在方法setSecurementUsername中设置此值可以正常工作。
积木有什么问题?