#java #web-services #jakarta-ee #cxf
#java #веб-сервисы #джакарта-ee #cxf
Вопрос:
Я создал веб-сервис CXF, используя инструмент wsdl2java с автономным HTTP-сервером. В wsdl указан ws-security.
Я не хочу применять заголовки ws-security, поскольку они меня на самом деле не волнуют, но клиент будет отправлять заголовок ws-security, как показано ниже. Обратите внимание, что пароля нет, только имя пользователя.
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>USER</wsse:Username>
</wsse:UsernameToken>
</wsse:Security>
Какие у меня есть варианты справиться с этим?
ОБНОВЛЕНИЕ: хорошо, теперь у меня есть это:
EndpointImpl impl = (EndpointImpl)Endpoint.publish(address, implementor);
impl.getInInterceptors().add(new LoggingInInterceptor());
impl.getOutInterceptors().add(new LoggingOutInterceptor());
Map<String, Object> inProps = new HashMap<String, Object>();
inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN_NO_PASSWORD);
inProps.put(WSHandlerConstants.USER, "USER");
impl.getOutInterceptors().add(new WSS4JInInterceptor(inProps));
Клиент отправляет заголовки, как показано ниже:
<soapenv:Header>
<wsa:To>http://www.test.com/Namespace/testb</wsa:To>
<wsa:ReplyTo>
<wsa:Address>http://www.test.com/Namespace/testa</wsa:Address>
</wsa:ReplyTo>
<wsa:Action>http://www.test.com/test</wsa:Action>
<wsa:MessageID xmlns:wsa="http://www.w3.org/2005/08/addressing"
>6158a795-46d5-4481-8467-da8ffda95664</wsa:MessageID>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>USER</wsse:Username>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Политика в wsdl такова:
<wsp:Policy wsu:Id="RequestPolicy">
<wsp:PolicyReference URI="#RequestAddressingPolicy"/>
</wsp:Policy>
<wsp:Policy wsu:Id="ResponsePolicy">
<!--<wsp:PolicyReference URI="#ResponseAddressingPolicy"/>-->
</wsp:Policy>
<wsp:Policy wsu:Id="RequestAddressingPolicy">
<wsp:All>
<sp:RequiredElements>
<!-- wsa:MessageID -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'MessageID' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
<sp:RequiredElements>
<!-- wsa:Action -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'Action' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
</wsp:All>
</wsp:Policy>
<wsp:Policy wsu:Id="ResponseAddressingPolicy">
<wsp:All>
<sp:RequiredElements>
<!-- wsa:MessageID -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'MessageID' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
<sp:RequiredElements>
<!-- wsa:Action -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'Action' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
<sp:RequiredElements>
<!-- wsa:RelatesTo -->
<sp:XPath>/*[local-name() = 'Envelope']/*[local-name() = 'Header']/*[local-name() = 'RelatesTo' and namespace-uri() =
'http://www.w3.org/2005/08/addressing'][1]</sp:XPath>
</sp:RequiredElements>
</wsp:All>
</wsp:Policy>
Однако я получаю эту ошибку:
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.frontend.WSDLGetInterceptor@17e83562
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor@577080e9
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor@5100a0c1
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor@322346e
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor@14429e20
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor@14446563
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.jaxb.attachment.JAXBAttachmentSchemaValidationHack@47663389
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.interceptor.DocLiteralInInterceptor@8b3f859
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor@7e7fcf24
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.interceptor.OneWayProcessorInterceptor@69e03797
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.WrapperClassInInterceptor@6a0aae79
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.SwAInInterceptor@7fdcf981
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.HolderInInterceptor@4caf756f
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:268) - Invoking handleMessage on interceptor org.apache.cxf.ws.policy.PolicyVerificationInInterceptor@624bc1dc
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.ws.policy.PolicyVerificationInInterceptor@624bc1dc
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.jaxws.interceptors.HolderInInterceptor@4caf756f
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.jaxws.interceptors.SwAInInterceptor@7fdcf981
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.jaxws.interceptors.WrapperClassInInterceptor@6a0aae79
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.OneWayProcessorInterceptor@69e03797
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor@7e7fcf24
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.DocLiteralInInterceptor@8b3f859
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.jaxb.attachment.JAXBAttachmentSchemaValidationHack@47663389
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor@14446563
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor@14429e20
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor@322346e
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor@5100a0c1
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor@577080e9
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.frontend.WSDLGetInterceptor@17e83562
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.StaxInInterceptor@795d674
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.transport.https.CertConstraintsInterceptor@629ec714
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.AttachmentInInterceptor@1f9d24f7
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.interceptor.LoggingInInterceptor@28ae3880
DEBUG [qtp1254651534-15 - /Identity/] (PhaseInterceptorChain.java:437) - Invoking handleFault on interceptor org.apache.cxf.ws.policy.PolicyInInterceptor@23c405af
WARN [qtp1254651534-15 - /Identity/] (LogUtils.java:443) - Interceptor for CENSORED has thrown exception, unwinding now
org.apache.cxf.ws.policy.PolicyException: These policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequiredElements
at org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:167)
at org.apache.cxf.ws.policy.PolicyVerificationInInterceptor.handle(PolicyVerificationInInterceptor.java:101)
at org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:44)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.serviceRequest(JettyHTTPDestination.java:355)
at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:319)
at org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:72)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1074)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1010)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.Server.handle(Server.java:361)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:485)
at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:926)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:988)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:642)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:627)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:51)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
at java.lang.Thread.run(Unknown Source)
Ответ №1:
Вы можете настроить WSS4JInInterceptor в CXF так, чтобы он ожидал UsernameToken, который не содержит пароля. Конфигурация здесь:http://cxf.apache.org/docs/ws-security.html — «действие», которое вам нужно указать, это «UsernameTokenNoPassword».
Комментарии:
1. Спасибо. Я обновил свой вопрос дополнительной информацией. Я попробовал то, что вы предложили.