问题描述
我正在尝试连接到安全的 soap 网络服务,它使用 x.509 证书身份验证.我有 .p12 客户端密钥和 .pfx 服务器密钥.请找到以下配置和代码.
I am trying to connect to a secured soap web service, It uses x.509 certificate authentication. I have .p12 client key and a .pfx server key. Please find the following configurations and codes.
我得到的错误是 - 未找到加密/签名元素:http://www.w3.org/2005/08/addressing,行动
The error I am getting is - Element to encrypt/sign not found: http://www.w3.org/2005/08/addressing, Action
我的POM;
<groupId>test-pps-2</groupId>
<artifactId>test-pps-2</artifactId>
<version>1.0-SNAPSHOT</version>
<properties>
<cxf.version>2.6.0</cxf.version>
<spring.version>3.2.4.RELEASE</spring.version>
<wss4j.version>1.6.19</wss4j.version>
</properties>
<dependencies>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>${cxf.version}</version>
</dependency>
<!-- Jetty is needed if you're are not using the CXFServlet -->
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http-jetty</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
<version>${wss4j.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-codegen-plugin</artifactId>
<version>${cxf.version}</version>
<executions>
<execution>
<id>generate-sources</id>
<phase>generate-sources</phase>
<configuration>
<sourceRoot>${project.build.directory}/generated/</sourceRoot>
<wsdlOptions>
<wsdlOption>
<wsdl>${basedir}/src/main/resources/WSDL.wsdl</wsdl>
<serviceName>PPS</serviceName>
</wsdlOption>
</wsdlOptions>
</configuration>
<goals>
<goal>wsdl2java</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
还有我的 WSS4JOutInterceptor;
And my WSS4JOutInterceptor;
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" id="outbound-security">
<constructor-arg>
<map>
<entry key="action" value="Signature Encrypt"/>
<entry key="user" value="clientUser"/>
<entry key="signatureUser" value="clientUser"/>
<entry key="signaturePropFile" value="clientKeystore.properties"/>
<entry key="useSingleCertificate" value="false"/>
<entry key="encryptionPropFile" value="serviceKeystore.properties"/>
<entry key="signatureKeyIdentifier" value="DirectReference"/>
<entry key="encryptionUser" value="imsinterop"/>
<entry key="encryptionKeyIdentifier" value="IssuerSerial"/>
<entry key="passwordCallbackClass" value="pps.ClientPasswordCallback"/>
<entry key="signatureParts" value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;
{Element}{http://www.w3.org/2005/08/addressing}Action;
{Element}{http://www.w3.org/2005/08/addressing}MessageID;
{Element}{http://www.w3.org/2005/08/addressing}To;"/>
<entry key="encryptionParts" value="{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
<entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<entry key="encryptionKeyTransportAlgorithm" value=" http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<entry key="signatureCanonicalizationAlgorithm" value="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</map>
</constructor-arg>
</bean>
当我尝试连接到服务时,出现以下错误
When I am trying connect to the service, I get following error
org.apache.ws.security.WSSecurityException: General security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found: http://www.w3.org/2005/08/addressing, Action)
我想知道如何解决这个问题.谢谢.
I want to how to correct this issue. Thank you.
推荐答案
看起来您需要启用 WS-Addressing,因为找不到要签名的标头:http://cxf.apache.org/docs/ws-addressing.html
It looks like you need to enable WS-Addressing, as the header to sign is not being found: http://cxf.apache.org/docs/ws-addressing.html
这篇关于WSEncryptBody/WSSignEnvelope:未找到要加密/签名的元素的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!