我正在使用 java 客户端创建对使用 Apache CXF 运行的 Web 服务的 Soap 请求。我已将 UserNameToken 添加到客户端消息,但 Apache CXF 无法在 AbstractUsernameTokenAuthenticatingInterceptor 类中处理它,因为缺少 SecurityToken。
如何将 SecurityToken 添加到 SoapHeader ?
我正在使用 Java 创建 SoapMessage。进入 web 服务的 SoapHeader 看起来像:
<S:Header><wsse:Security xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-.0.xsd"
SOAP-ENV:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">user</wsse:Username>
<wsse:Password xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
</wsse:UsernameToken></wsse:Security></S:Header>