我想用签名SOAP消息的不同密钥库来实现两个Wss4jSecurityInterceptor。如何在@Configuration类中使用@Bean做到这一点?也许有更好的选择来解决这个问题。
@Configuration
public class WebSecurityConfig {
@Bean
public Wss4jSecurityInterceptor securityInterceptor() throws Exception {
Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor();
securityInterceptor.setSecurementActions("Signature");
securityInterceptor.setSecurementUsername("username");
securityInterceptor.setSecurementPassword("password");
securityInterceptor.setSecurementSignatureCrypto(getCryptoFactoryBean().getObject());
securityInterceptor.setSecurementSignatureKeyIdentifier("DirectReference");
securityInterceptor.setSecurementSignatureCrypto(getCryptoFactoryBean().getObject());
return securityInterceptor;
}
@Bean
public CryptoFactoryBean getCryptoFactoryBean() throws IOException {
CryptoFactoryBean cryptoFactoryBean = new CryptoFactoryBean();
cryptoFactoryBean.setKeyStorePassword("password");
cryptoFactoryBean.setKeyStoreLocation(new ClassPathResource("keystore1.jks"));
return cryptoFactoryBean;
}
@Bean
public Jaxb2Marshaller getMarshaller() {
Jaxb2Marshaller marshaller = new Jaxb2Marshaller();
marshaller.setContextPath("com.service.model.wsdl");
return marshaller;
}
@Bean
public SomeApiDto getSomeApiRequest() throws Exception {
SomeApiDto requestDto = new SomeApiDto ();
requestDto.setMarshaller(getMarshaller());
requestDto.setUnmarshaller(getMarshaller());
requestDto.setDefaultUri("https://www.example.com:8080/Service");
ClientInterceptor[] interceptors = new ClientInterceptor[]{securityInterceptor()};
requestDto.setInterceptors(interceptors);
return requestDto;
}
还有SomeApiDto类:
public class SomeApiDto extends WebServiceGatewaySupport {
public ApiObjectResponse getApiObjectResponse(ApiObjectRequest request) {
return (ApiObjectResponse ) getWebServiceTemplate().marshalSendAndReceive(request);
}
}
我希望当我给参数/标头输入时,它将检查使用哪个密钥库来签署对服务的请求。 有人知道如何解决吗?