我有一个服务,接收标头中的x.509进行身份验证,一旦我的客户端发送了一条消息请求,我希望用类似这样的东西获得头部身份验证
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy" >
<ramp:passwordCallbackClass>pe.gob.hndac.util.PasswordCallbackHandler</ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">client</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
<ramp:user>client</ramp:user>
</ramp:RampartConfig>
,但我收到此错误
[2011-07-14 09:51:50,070]ERROR574153[qtp30279879-25] - org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:212) - An unsupported token was provided (Token type "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509") org.apache.axis2.AxisFault: An unsupported token was provided (Token type "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")
at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:166)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95)
at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:550)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:486)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:517)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:970)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:414)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:187)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:904)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:247)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:149)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
at org.eclipse.jetty.server.Server.handle(Server.java:347)
at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:590)
at org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:1071)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:823)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:220)
at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529)
at java.lang.Thread.run(Thread.java:662) Caused by: org.apache.ws.security.WSSecurityException: An unsupported token was provided (Token type "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")
at org.apache.ws.security.processor.SignatureProcessor.createSecurityToken(SignatureProcessor.java:486)
at org.apache.ws.security.processor.SignatureProcessor.getCertificatesTokenReference(SignatureProcessor.java:448)
at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:230)
at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:85)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
at org.apache.rampart.RampartEngine.process(RampartEngine.java:146)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
请知道吗?
答案 0 :(得分:2)
回答这个问题需要您在服务端拥有的安全策略......
...谢谢