SOAP服务器(我无法控制)向我发送了答案,其中包含下一部分:
<ds:KeyInfo>
<ds:X509Data>
<ds:X509SubjectName>
EMAILADDRESS=***@******, CN=*********, OU=***, O=*****, L=****, ST=***, C=**
</ds:X509SubjectName>
</ds:X509Data>
</ds:KeyInfo>
第3.2节中对Web Services Security
X.509 Certificate Token Profile 1.1的规范是说<ds:X509Data>必须是<wsse:SecurityTokenReference>的子元素。
我在看正确的文档吗,服务器发送的响应不正确吗?
是否有办法在客户端解决此问题?
p.s。我试图更改WSS4jInInterceptors并设置一些属性来更改键类型,但我认为我这样做的方式不正确。
p.p.s和下面的错误stacktrace:
org.apache.cxf.binding.soap.SoapFault: BSP:R5417: Any SIG_KEY_INFO MUST contain a SECURITY_TOKEN_REFERENCE child element
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:809)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:313)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:93)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:798)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1636)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1525)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1330)
at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:56)
at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:215)
at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:56)
at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:215)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:638)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:137)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: BSP:R5417: Any SIG_KEY_INFO MUST contain a SECURITY_TOKEN_REFERENCE child element
at org.apache.wss4j.dom.bsp.BSPEnforcer.handleBSPRule(BSPEnforcer.java:57)
at org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:158)
at org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:427)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:257)
... 25 more
答案 0 :(得分:0)
经过一番研究,我只是删除了WSS4JInInterceptor并开发了我的自定义验证器。