5

我有一个实现SOAPHandler 接口的类。handleMessage 定义为:

public boolean handleMessage(SOAPMessageContext context) {

  SOAPMessage msg = context.getMessage();
  SOAPPart part = msg.getSOAPPart();
  SOAPEnvelope envelope = part.getEnvelope();

  // add namespaces
  SOAPElement envelope.addNamespaceDeclaration("xsd", "http://www.w3.org/2001/XMLSchema");
  envelope.addNamespaceDeclaration("xsi", "http://www.w3.org/2001/XMLSchema-      

  // add the header with additional elements
  Name qname = envelope.createName("Security", "sse", "http://example.com/security.xsd");
  element = envelope.addHeader().addChildElement(qname);

  qname = envelope.createName("mustUnderstand");
  element.addAttribute(qname, "1");

  qname = envelope.createName("UsernameToken", "sse", "http://example.com/user.xsd");
  element = envelope.getHeader().addHeaderElement(qname);
  element.addTextNode("user1");

  qname = envelope.createName("Password");
  element = envelope.getHeader().addHeaderElement(qname);
  element.addTextNode("1234");

}

} catch (Exception e) {
  e.printStackTrace();
}
  return true;
}

这会生成以下消息:

<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <S:Header>
    <sse:Security xmlns:sse="http://example.com/security.xsd" mustUnderstand="1"/>
    <sse:UsernameToken xmlns:sse="http://example.com/user.xsd">user1</sse:UsernameToken>
  </S:Header>
  <S:Body>
    ....The rest of the transaction
  </S:Body>
</S:Envelope>

问题是我需要生成以下格式的消息:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <soapenv:Header>
      <sse:Security soapenv:mustUnderstand="1" xmlns:sse="http://example.com/security.xsd">
         <sse:UsernameToken wsu:Id="UsernameToken-9993341" xmlns:wsu="http://example.com/user.xsd">
            <sse:Username>user1</sse:Username>
            <sse:Password Type="http://example.com/password#PasswordText">1234</sse:Password>
         </sse:UsernameToken>
      </sse:Security>
   </soapenv:Header>
  <soapenv:Body>
    ....The rest of the transaction
  </soapenv:Body>
</soapenv:Envelope>

“mustUnderstand”属性没有soapenv前缀,sse:Security标签立即关闭,而不是将其他标签作为子标签,并且用户名的格式不正确

<sse:Username>user1</sse:Username>

. 如何使用SOAPElement方法正确格式化消息?我需要知道的最重要的事情是如何正确地放置安全标签内的标签以及如何正确格式化用户名/密码标签。

我尝试了 addHeaderElement 和 addChildElement 方法的不同组合,但我无法正确格式化它,并且 javadocs 没有提供足够的详细信息来说明它们将生成什么。

4

3 回答 3

7

这是从我的工作处理程序中获取的。希望对你有效。

public static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
public static final String PASSWORD_TEXT_TYPE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";
public static final String WSSE_SECURITY_LNAME = "Security";
public static final String WSSE_NS_PREFIX = "wsse";

private String username;
private String password;
private boolean mustUnderstand = false;

public boolean handleMessage(SOAPMessageContext messageContext) {
    Object bOutbound = messageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
    if (bOutbound == Boolean.TRUE) {
        try {
            if (username != null && username.length() != 0) {
                addSecurityHeader(messageContext);
                LOG.debug("Added security header");
            } else {
                LOG.debug("No username configured thus not adding a security header");
            }
        } catch (Exception e) {
            LOG.error("Exception in handleMessage", e);
            return false;
        }
    }
    return true;
}

private void addSecurityHeader(SOAPMessageContext messageContext) throws SOAPException {
    SOAPFactory sf = SOAPFactory.newInstance();
    SOAPHeader header = messageContext.getMessage().getSOAPPart().getEnvelope().getHeader();
    if (header == null) {
        header = messageContext.getMessage().getSOAPPart().getEnvelope().addHeader();
    }

    Name securityName = sf.createName(WSSE_SECURITY_LNAME, WSSE_NS_PREFIX, WSSE_NS);
    SOAPHeaderElement securityElem = header.addHeaderElement(securityName);
    securityElem.setMustUnderstand(mustUnderstand);

    Name usernameTokenName = sf.createName("UsernameToken", WSSE_NS_PREFIX, WSSE_NS);
    SOAPElement usernameTokenMsgElem = sf.createElement(usernameTokenName);

    Name usernameName = sf.createName("Username", WSSE_NS_PREFIX, WSSE_NS);
    SOAPElement usernameMsgElem = sf.createElement(usernameName);
    usernameMsgElem.addTextNode(username);
    usernameTokenMsgElem.addChildElement(usernameMsgElem);

    Name passwordName = sf.createName("Type", WSSE_NS_PREFIX, WSSE_NS);
    SOAPElement passwordMsgElem = sf.createElement("Password", WSSE_NS_PREFIX, WSSE_NS);

    passwordMsgElem.addAttribute(passwordName, PASSWORD_TEXT_TYPE);
    passwordMsgElem.addTextNode(password);
    usernameTokenMsgElem.addChildElement(passwordMsgElem);

    securityElem.addChildElement(usernameTokenMsgElem);
}
于 2010-12-07T16:32:47.027 回答
3

如果有人仍然想知道,只需发布​​我的解决方案 - 

Name name = soapenv.createName("Security", "sse", "URL");
SOAPHeaderElement security = soapenv.getHeader().addHeaderElement(name);
security.setMustUnderstand(true);
SOAPElement usernameToken = security.addChildElement("UsernameToken", "sse");
SOAPElement username = usernameToken.addChildElement("Username", "sse");
username.addTextNode("TestUser");
SOAPElement password = usernameToken.addChildElement("Password", "sse");
password.addTextNode("TestPassword");
于 2014-12-11T19:01:07.803 回答
-2

这段代码中有足够多的问题,我认为这是一个巨魔,但这是一个开始:

该行:

element = envelope.addHeader().addChildElement(qname);

应该读:

SOAPHeaderElement secHdrElement = envelope.addHeader().addHeaderElement(qname);

接下来,而不是:

qname = envelope.createName("mustUnderstand");
element.addAttribute(qname, "1");

大概:

secHdrElement.setMustUnderstand(true);


qname = envelope.createName("UsernameToken", "sse", "http://example.com/user.xsd");
element = envelope.getHeader().addHeaderElement(qname);
element.addTextNode("user1");

应该是这样的:

qname = envelope.createName("UsernameToken", "sse", "http://example.com/user.xsd");
element = secHdrElement.addHeaderElement(
          envelope.createName("UsernameToken", "sse", "http://example.com/user.xsd"));

等等...

于 2009-07-29T05:38:32.947 回答