我正在开发一个Java客户端,我需要在其中发送一些soap xml到服务器。服务器运行在http方案上,但是它要求对请求进行加密,就像使用https一样。我已经在服务器上生成了.cer和.key文件,并且这些文件也已经在服务器端导入了。现在,当我尝试执行以下命令向服务器发送请求时,它不起作用。

我的soap xml在text.txt中

curl -vX POST -d @test.txt http://test.com:98/wcflib-tc/service.svc
--header "Content-Type:application/soap+xml; charset=utf-8;"
--cert /myserver/certs/server.crt
--key  /myserver/certs/server.key

* About to connect() to test.com port 98 (#0)
*   Trying 172.27.655.65... connected
* Connected to test.com (172.27.655.65) port 98 (#0)
> POST /wcflib-tc/service.svc HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.12.9.0 zlib/1.2.3 libidn/1.18 libssh2/1.2.2
> Host: test.com:98
> Accept: */*
> Content-Type:application/soap+xml; charset=utf-8;
> Content-Length: 962
>

< HTTP/1.1 500 Internal Server Error
< Content-Type: application/soap+xml; charset=utf-8
< Server: Microsoft-IIS/7.0
< X-Powered-By: Programmer's tears
< Date: Mon, 18 Nov 2013 05:26:18 GMT
< Content-Length: 576
<
* Connection #0 to host test.com left intact
* Closing connection #0
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header><a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action></s:Header>
<s:Body><s:Fault><s:Code><s:Value>s:Sender</s:Value>
<s:Subcode><s:Value xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
a:InvalidSecurity</s:Value></s:Subcode></s:Code>
<s:Reason><s:Text xml:lang="en-US">
An error occurred when verifying security
for the message.</s:Text></s:Reason>


请让我知道解决方案。否则让我知道如何使用任何Java API使用.key和.cer文件处理http请求。

最佳答案

线索在http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd中-您需要使用WS-Security。在这里阅读规范,让自己哭泣https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss

10-08 18:23