2

我的 WSDL 文件中有以下策略:

<wsp:Policy wsu:Id="UsernameToken" 
   xmlns:wsp="http://www.w3.org/ns/ws-policy" 
   xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" 
   xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
   >
   <wsap:UsingAddressing xmlns:wsap="http://www.w3.org/2006/05/addressing/wsdl"/>
   <sp:SymmetricBinding>
       <wsp:Policy>
           <sp:ProtectionToken>
               <wsp:Policy>
                   <sp:SecureConversationToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient" />
               </wsp:Policy>
           </sp:ProtectionToken>
       </wsp:Policy>
   </sp:SymmetricBinding>
</wsp:Policy>

我已将其包含在绑定中:

    <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy" URI="#UsernameToken"/>

它似乎通过 WSDL,除了在我的处理程序中我这样做:

        List<?> securityList = soapEnvelope.getSecurity(null, true);

        if ((securityList == null) || (securityList.size() == 0))
        {
            securityList = soapEnvelope.getSecurity();
        }

它返回null。这里的soapEnvelop 是:WSSOAPEnvelope soapEnvelope,而且它不为空;

非常感谢您的帮助!已经为此苦苦挣扎了一段时间。

我有一种感觉,安全标头正在从信封中裁剪出来。

此外,如果我从 WSDL 文件中删除策略定义,那么它会在没有 的情况下通过soap:mustUnderstand="1",如果我确实包含此属性,那么它会给我错误消息:

MustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood
4

0 回答 0