3

我正在使用 WSS4J 1.6 和 Axis 1.4。

我正在使用 org.apache.ws.security.message.WSSecUsernameToken 创建 UsernameToken。

我不明白的是wsu:Id属性。根据 Web 服务规范,它必须采用"SecurityToken-24ada6f8-4626-4269-b786-a22361bfde78"的形式。

无论我做什么,wsu:Id属性都包含“UsernameToken-123”,但是根据 Web 服务规范,它必须采用“SecurityToken-24ada6f8-4626-4269-b786-a22361bfde78”的形式。

我完全不知道如何实现这一点,谷歌已经干涸。
那么,谁能告诉我我需要做什么?

现在的 UsernameToken xml 就是这样。

<wsse:UsernameToken wsu:Id="UsernameToken-133"
     xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
     xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsse:Username>stan</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">secrit</wsse:Password>
  </wsse:UsernameToken>

我希望它出现的 UsernameToken xml。

<wsse:UsernameToken wsu:Id="SecurityToken-24ada6f8-4626-4269-b786-a22361bfde78"
     xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
     xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsse:Username>stan</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">secrit</wsse:Password>
  </wsse:UsernameToken>

这是我用来创建肥皂消息的代码。

public String soapTest() throws Exception {
    MessageFactoryImpl messageFactory = new MessageFactoryImpl();
    SOAPMessage soapMessage = null;
    soapMessage = messageFactory.createMessage();
    Message message = (Message)soapMessage;
    SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
    unsignedEnvelope.addNamespaceDeclaration( "xsd", "http://www.w3.org/2001/XMLSchema" );
    unsignedEnvelope.addNamespaceDeclaration( "xsi", "http://www.w3.org/2001/XMLSchema-instance" );
    unsignedEnvelope.addNamespaceDeclaration( "enc", "http://schemas.xmlsoap.org/soap/encoding/" );
    unsignedEnvelope.addNamespaceDeclaration( "env", "http://schemas.xmlsoap.org/soap/envelop/" );
    unsignedEnvelope.addNamespaceDeclaration( "wsa", "http://schemas.xmlsoap.org/ws/2004/03/addressing" );
    unsignedEnvelope.addNamespaceDeclaration( "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" );
    unsignedEnvelope.addNamespaceDeclaration( "wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" );
    unsignedEnvelope.addNamespaceDeclaration( "ws", "http://ws.stupidsoap.com" );

    SOAPBody soapMsgBody = (SOAPBody)soapMessage.getSOAPBody();
    org.apache.axis.message.SOAPEnvelope soapMsgEnvelope = ((Message)soapMessage).getSOAPEnvelope();

    SOAPBodyElement be = (SOAPBodyElement)soapMsgBody.addChildElement( soapMsgEnvelope.createName( "addTwoNumbers", "", "http://ws.stupidsoap.com" ) );
    be.addChildElement( "number1" ).addTextNode( "5" );
    be.addChildElement( "number2" ).addTextNode( "10" );

    org.w3c.dom.Document doc = (org.w3c.dom.Document)soapMsgEnvelope.getAsDocument();
    WSSecHeader secHeader = new WSSecHeader();
    secHeader.insertSecurityHeader( doc );

    WSSecUsernameToken utBuilder = new WSSecUsernameToken();
    utBuilder.setPasswordType( WSConstants.PASSWORD_TEXT );
    utBuilder.setUserInfo( "stan", "secrit" );
    utBuilder.addNonce();
    utBuilder.addCreated();
    utBuilder.build( doc, secHeader );

    return org.apache.ws.security.util.XMLUtils.PrettyDocumentToString( doc );
}
4

1 回答 1

0

尝试这个:

WsuIdAllocator idAllocator = new WsuIdAllocator() {
    public String createId(String prefix, Object o) {
        return "SecurityToken-" + UUIDGenerator.getUUID();
    }

    public String createSecureId(String prefix, Object o) {
        return "SecurityToken-" + UUIDGenerator.getUUID();
    }
};

WSSecUsernameToken utBuilder = new WSSecUsernameToken();
WSSConfig wsConfig = new WSSConfig();
wsConfig.setIdAllocator(idAllocator);

utBuilder.setWsConfig(wsConfig);
utBuilder.setPasswordType( WSConstants.PASSWORD_TEXT );
utBuilder.setUserInfo( "stan", "secrit" );
于 2017-06-06T02:49:24.433 回答