本文介绍了带有Spring和自定义上下文文件的Apache CXF中未生成WS-Security Policy节点的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个使用Apache CXF并使用Spring生成的SOAP Web服务。该接口是从没有WS-Security Policy的WSDL生成的。现在,我需要在生成的WSDL中包括此WS-Security节点:

I have an SOAP web service generated with Apache CXF and using Spring. The interface was generated from a WSDL without WS-Security Policy. Now I need to include this WS-Security node in the generated WSDL:

<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" wsu:Id="wss_saml_or_username_token_service_policy">
    <wsp:ExactlyOne>
        <wsp:All>
            <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                <wsp:Policy>
                    <sp:SamlToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                        <wsp:Policy>
                            <sp:WssSamlV11Token10/>
                        </wsp:Policy>
                    </sp:SamlToken>
                </wsp:Policy>
            </sp:SupportingTokens>
        </wsp:All>
        <wsp:All>
            <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                <wsp:Policy>
                    <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                        <wsp:Policy>
                            <sp:WssUsernameToken10/>
                        </wsp:Policy>
                    </sp:UsernameToken>
                </wsp:Policy>
            </sp:SupportingTokens>
        </wsp:All>
    </wsp:ExactlyOne>
</wsp:Policy>

我将此依赖项包含在maven中

I included this dependencies in maven

    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-ws-policy</artifactId>
        <version>2.7.2</version>
    </dependency>
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-ws-security</artifactId>
        <version>2.7.2</version>
    </dependency>
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-ws-rm</artifactId>
        <version>2.7.2</version>
    </dependency>

我将此注释包含在我的服务实现中

I included this annotation in my service implementation

@Policies({
        @Policy(uri = "SecurityPolicy.xml")
}
)
@WebService(targetNamespace = "http://sample.com/SampleService", name = "SampleService", portName = "SampleService_pt")
public class SampleServiceImpl implements SampleService {
    .
    .
    .
    .
}

我修改了Spring上下文文件,使其包含cxf上下文文件,如下所示:

I modified the Spring context file to include cxf context files like this:

<import resource="classpath:META-INF/cxf/cxf.xml"/>
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml"/>
<import resource="classpath:META-INF/cxf/cxf-servlet.xml"/>
<import resource="classpath:META-INF/cxf/cxf-extension-policy.xml"/>
<import resource="classpath:META-INF/cxf/cxf-extension-ws-security.xml"/>

我在WEB-INF目录下创建了一个名为SecurityPolicy.xml的文件,其安全策略内容如下: :

I created a file named SecurityPolicy.xml under my WEB-INF directory with the security policy content like this:

<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" wsu:Id="wss_saml_or_username_token_service_policy">
    <wsp:ExactlyOne>
        <wsp:All>
            <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                <wsp:Policy>
                    <sp:SamlToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                        <wsp:Policy>
                            <sp:WssSamlV11Token10/>
                        </wsp:Policy>
                    </sp:SamlToken>
                </wsp:Policy>
            </sp:SupportingTokens>
        </wsp:All>
        <wsp:All>
            <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                <wsp:Policy>
                    <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                        <wsp:Policy>
                            <sp:WssUsernameToken10/>
                        </wsp:Policy>
                    </sp:UsernameToken>
                </wsp:Policy>
            </sp:SupportingTokens>
        </wsp:All>
    </wsp:ExactlyOne>
</wsp:Policy>

但是,我仍然没有在生成的WSDL中获得WS-Security Policy节点。

Howhever, I'm still not getting the WS-Security Policy node in the generated WSDL.

我在做什么错了?

推荐答案

我知道了。我必须进行一些修改。

I figure it out. I had to make some modifications.

首先,将SecurityPolicy.xml移到 resources 目录,然后修改 @Policy 批注,以从类路径中获取策略文件:

First, move SecurityPolicy.xml to the resources directory, then modify the @Policy annotation to get the policy file from the classpath:

@Policies({
        @Policy(uri = "classpath:SecurityPolicy.xml",
                placement = Policy.Placement.BINDING)
}
)

这篇关于带有Spring和自定义上下文文件的Apache CXF中未生成WS-Security Policy节点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-15 23:40