我一直试图在webservice
想法13中使用Apache Axis编写Intellij
客户端,但遇到了一些困难。我已经可以将该webservice
与.net c#项目连接,现在我需要使用Java实现该功能。 WebService
希望在安全标头中输入用户名和密码。
这是来自WebService的响应:
嵌套的错误:在WS块中没有使用actor:当前actor的用户名安全令牌
这是我使用的代码。
SomeWebServiceServiceLocator locator = new SomeWebServiceServiceLocator();
SomeWebServicePortBindingStub stub = (SomeWebServicePortBindingStub) locator.getSomeWebServicePort();
stub.setUsername("usr111");
stub.setPassword("pass111");
SOAPMessage soapMessage = MessageFactory.newInstance().createMessage();
javax.xml.soap.SOAPPart sOAPPart = soapMessage.getSOAPPart();
SOAPEnvelope envelope = sOAPPart.getEnvelope();
SOAPHeader header = envelope.getHeader();
if (header == null) {
System.out.println("no header yet, create one");
header = envelope.addHeader();
}
SOAPElement security = header.addChildElement("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
Name tUserTokenElementName = envelope.createName("UsernameToken", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
SOAPElement tUserTokenElement = security.addChildElement(tUserTokenElementName);
tUserTokenElement.removeNamespaceDeclaration("wsse");
tUserTokenElement.addNamespaceDeclaration("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
//
tUserTokenElement.addAttribute(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Id", "u"), "UsernameToken-usr111");
// user name child
Name tUsernameElementName = envelope.createName("Username", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
SOAPElement tUsernameElement = tUserTokenElement.addChildElement(tUsernameElementName);
tUsernameElement.removeNamespaceDeclaration("wsse");
tUsernameElement.addTextNode("usr111");
// password child
Name tPasswordElementName = envelope.createName("Password", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
SOAPElement tPasswordElement = tUserTokenElement.addChildElement(tPasswordElementName);
tPasswordElement.removeNamespaceDeclaration("wsse");
tPasswordElement.addTextNode("pass111");
tPasswordElement.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
Element assertion = (Element) security;
SOAPHeaderElement header0 = new SOAPHeaderElement(assertion);
stub.setHeader(header0);
该代码生成以下标头。
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:actor="" soapenv:mustUnderstand="0" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:UsernameToken wsu:Id="UsernameToken-usr111" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>usr111</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pass111</wsse:Password>
</wsse:UsernameToken> </wsse:Security>
我还跟踪了正在工作的.net CS应用程序与Fiddler的连接,但未能跟踪我的Java调用。这是工作请求的标题。
<s:Header>
<VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDPo1zQ7/YYhJpArMKDUdofV4QAAAAAvGLoItf+KkC8k4KQjqtXUK0D00UQcXJBtCFGkgP0qBkACQAA</VsDebuggerCausalityData>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:UsernameToken u:Id="uuid-de9cefc3-6ab9-407f-8658-7ecf007559bc-17">
<o:Username>usr111</o:Username>
<o:Password o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pass111</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
这也是
xml
所有者提供的示例webservice
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-11111111" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>someuser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">*****</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
Webservice的所有者还提供了两个.crt证书。我将它们添加到javakeystore中,但没有任何帮助。
最后,我无法通过SoapUI请求该
webservice
。 最佳答案
好的,如果其他人遇到这种错误,下面的这种方法对我有用。我不记得我在哪里找到的,但要感谢老板。 。感谢him。
void addWsSecurityHeader(org.apache.axis.client.Stub binding, String wsUser,String wsPass)throws SOAPException {
// Create the top-level WS-Security SOAP header XML name.
QName headerName = new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
SOAPHeaderElement header = new SOAPHeaderElement(headerName);
// no intermediate actors are involved.
header.setActor(null);
// not important, "wsse" is standard
header.setPrefix("wsse");
header.setMustUnderstand(true);
// Add the UsernameToken element to the WS-Security header
SOAPElement utElem = header.addChildElement("UsernameToken");
SOAPElement userNameElem = utElem.addChildElement("Username");
userNameElem.removeContents();
userNameElem.setValue(wsUser);
SOAPElement passwordElem = utElem.addChildElement("Password");
passwordElem.setValue(wsPass);
// Finally, attach the header to the binding.
binding.setHeader(header);
}
同样用于追踪我发送和接收的内容,我使用了this
关于java - 使用带有WS-Security的Apache Axis的Web服务客户端。找不到用户名安全 token ,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/39633195/