401尝试从Java EE应用程序使用SOAP WS时未经授权

时间:2019-05-06 14:20:48

标签: java soap cxf wildfly jax-ws

我有一个需要使用的SOAP Web服务,它使用WS安全性和一些安全策略。

当我第一次尝试使用以下代码时:

CMAdapterService cmAdapterService = new CMAdapterService(); CMAdapter port =
      cmAdapterService.getCMAdapterPort();

      // Use the BindingProvider's context to set the endpoint BindingProvider bp =
      (BindingProvider)port;



      Optional credentials
      bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "myUser");
      bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "myPass");

      calling the webservice method CmReturn cmReturn =
      port.getPersonalData("12345"); System.out.println(cmReturn);

      byte[] imageData = port.getPersonalData("123") .getPersonalData()
      .getData();

使用上面的代码,我遇到了类似于here的策略异常,不同之处在于我的策略不是 ssl_policy 而是 ATAlwaysCapability 策略。

我尝试了上面链接中解决方案中的代码,如下所示:

JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();

    factory.setServiceClass(CMAdapter.class);
    factory.setAddress("http://myHost:8080/bla/CMAdapter");

    CMAdapter cmAdapter = (CMAdapter) factory.create();

    Client client = ClientProxy.getClient(cmAdapter);
    HTTPConduit http = (HTTPConduit) client.getConduit();

    http.getAuthorization().setUserName("myUser");
    http.getAuthorization().setPassword("myPass");

    byte[] imageData = cmAdapter.getPersonalData("12345").getPersonalData().getData();

但是,上面的代码可在桌面Java应用程序中运行,但是当我将其作为Java EE应用程序在Wildfly上部署时,它不起作用(战争)。

要使其与Wildfly一起使用,我添加了以下4个依赖项,这些依赖项已提供给maven的pom.xml:

<dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-ws-policy</artifactId>
        <version>3.3.1</version>
        <scope>provided</scope>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-tools-common -->
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-tools-common</artifactId>
        <version>3.3.1</version>
        <scope>provided</scope>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-rt-frontend-jaxws -->
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-frontend-jaxws</artifactId>
        <version>3.3.1</version>
        <scope>provided</scope>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-rt-transports-http -->
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-transports-http</artifactId>
        <version>3.3.1</version>
        <scope>provided</scope>
    </dependency>

我还编辑了webapp / WEB-INF / jboss-deployment-structure.xml,如下所示:

    <?xml version="1.0" encoding="ISO-8859-1"?>
<jboss-deployment-structure xmlns="urn:jboss:deployment-structure:1.2">
    <deployment>
        <exclude-subsystems>
        </exclude-subsystems>
        <dependencies>
            <module name="org.jboss.ws.cxf.jbossws-cxf-client" services="import" />
            <module name="org.apache.cxf.impl">
                <imports>
                    <include path="META-INF"/>
                    <include path="META-INF/cxf"/>
                </imports>
            </module>
        </dependencies>
    </deployment>
</jboss-deployment-structure>

但是,当我尝试从企业Java应用程序调用Web服务时,与http://myHost:8080/bla/CMAdapter通信时,我得到org.apache.cxf.transport.http.HTTPException: HTTP响应“ 401:未经授权” < / em>

1 个答案:

答案 0 :(得分:0)

我通过遵循this SO thread

解决了问题

我需要添加以下代码:

HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();

//This is the magic line. Setting this to false solved the problem
httpClientPolicy.setAllowChunking(false);

http.setClient(httpClientPolicy);

不确定确切的原因。看来wildfly正在对请求进行分块,并且出于某种原因,用户名和密码已部分发送。

相关问题
最新问题