2

尝试在 Axis2 中使用 Rampart 实现 WS-Security 时出现以下错误。

org.apache.axis2.AxisFault: Unable to engage module : rampart
at org.apache.axis2.client.ServiceClient.engageModule(ServiceClient.java:358)

我在嵌入式模式下使用轴(在我的耳朵里)。没有安全实施,服务工作正常。我已在 services.xml 和 WSDL 中包含该策略。使用 Jboss 和 JDK6 请在下面找到文件。

Axis2.xml

<wsdl:definitions xmlns:ns1="http://org.apache.axis2/xsd" xmlns:ns="http://service" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" targetNamespace="http://service">
<wsdl:types>
<xs:schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://service">
<xs:element name="echo">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" name="args0" nillable="true" type="xs:string"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="echoResponse">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" name="return" nillable="true" type="xs:string"/>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:schema>
</wsdl:types>
<wsdl:message name="echoRequest">
<wsdl:part name="parameters" element="ns:echo"></wsdl:part>
</wsdl:message>
<wsdl:message name="echoResponse">
<wsdl:part name="parameters" element="ns:echoResponse"></wsdl:part>
</wsdl:message>
<wsdl:portType name="SimpleServicePortType">
<wsdl:operation name="echo">
<wsdl:input message="ns:echoRequest" wsaw:Action="urn:echo"></wsdl:input>
<wsdl:output message="ns:echoResponse" wsaw:Action="urn:echoResponse"></wsdl:output>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="SimpleServiceSoap11Binding" type="ns:SimpleServicePortType">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="echo">
<soap:operation soapAction="urn:echo" style="document"/>
<wsdl:input>
<soap:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:binding name="SimpleServiceSoap12Binding" type="ns:SimpleServicePortType">
<soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="echo">
<soap12:operation soapAction="urn:echo" style="document"/>
<wsdl:input>
<soap12:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap12:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:binding name="SimpleServiceHttpBinding" type="ns:SimpleServicePortType">
<http:binding verb="POST"/>
<wsdl:operation name="echo">
<http:operation location="SimpleService/echo"/>
<wsdl:input>
<mime:content part="echo" type="text/xml"/>
</wsdl:input>
<wsdl:output>
<mime:content part="echo" type="text/xml"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="SimpleService">
<wsdl:port name="SimpleServiceHttpEndpoint" binding="ns:SimpleServiceHttpBinding">
<http:address location="http://sbswsvm1426:9091/axis2/services/SimpleService.SimpleServiceHttpEndpoint/"/>
</wsdl:port>
<wsdl:port name="SimpleServiceHttpSoap11Endpoint" binding="ns:SimpleServiceSoap11Binding">
<soap:address location="http://sbswsvm1426:9091/axis2/services/SimpleService.SimpleServiceHttpSoap11Endpoint/"/>
</wsdl:port>
<wsdl:port name="SimpleServiceHttpSoap12Endpoint" binding="ns:SimpleServiceSoap12Binding">
<soap12:address location="http://sbswsvm1426:9091/axis2/services/SimpleService.SimpleServiceHttpSoap12Endpoint/"/>
</wsdl:port>
</wsdl:service>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SigOnly">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:TripleDesRsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</sp:Policy>
</sp:Wss10>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsdl:definitions>

服务.XML

<?xml version="1.0" encoding="UTF-8"?>
<!-- This file was auto-generated from WSDL -->
<!-- by the Apache Axis2 version: 1.5.6  Built on : Aug 30, 2011 (10:00:16 CEST) -->
<serviceGroup>
    <service name="SimpleService">
        <messageReceivers>
            <messageReceiver mep="http://www.w3.org/ns/wsdl/in-out" class="service.SimpleServiceMessageReceiverInOut"/>
        </messageReceivers>
        <parameter name="ServiceClass">service.SimpleServiceSkeleton</parameter>
        <parameter name="useOriginalwsdl">true</parameter>
        <parameter name="modifyUserWSDLPortAddress">true</parameter>
        <operation name="echo" mep="http://www.w3.org/ns/wsdl/in-out" namespace="http://service">
            <actionMapping>urn:echo</actionMapping>
            <outputActionMapping>urn:echoResponse</outputActionMapping>
        </operation>
    <module ref="rampart"/>
    <module ref="addressing"/>

    <wsp:Policy wsu:Id="SigOnly"
                xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
                xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
        <wsp:ExactlyOne>
            <wsp:All>
                <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <wsp:Policy>
                        <sp:InitiatorToken>
                            <wsp:Policy>
                                <sp:X509Token
                                        sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                                    <wsp:Policy>
                                        <sp:RequireThumbprintReference/>
                                        <sp:WssX509V3Token10/>
                                    </wsp:Policy>
                                </sp:X509Token>
                            </wsp:Policy>
                        </sp:InitiatorToken>
                        <sp:RecipientToken>
                            <wsp:Policy>
                                <sp:X509Token
                                        sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
                                    <wsp:Policy>
                                        <sp:RequireThumbprintReference/>
                                        <sp:WssX509V3Token10/>
                                    </wsp:Policy>
                                </sp:X509Token>
                            </wsp:Policy>
                        </sp:RecipientToken>
                        <sp:AlgorithmSuite>
                            <wsp:Policy>
                                <sp:TripleDesRsa15/>
                            </wsp:Policy>
                        </sp:AlgorithmSuite>
                        <sp:Layout>
                            <wsp:Policy>
                                <sp:Strict/>
                            </wsp:Policy>
                        </sp:Layout>
                        <sp:IncludeTimestamp/>
                        <sp:OnlySignEntireHeadersAndBody/>
                    </wsp:Policy>
                </sp:AsymmetricBinding>
                <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <wsp:Policy>
                        <sp:MustSupportRefKeyIdentifier/>
                        <sp:MustSupportRefIssuerSerial/>
                    </wsp:Policy>
                </sp:Wss10>
                <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <sp:Body/>
                </sp:SignedParts>

                <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
                    <ramp:user>service</ramp:user>
                    <ramp:encryptionUser>client</ramp:encryptionUser>
                    <ramp:passwordCallbackClass>service.PWCBHandler
                    </ramp:passwordCallbackClass>

                    <ramp:signatureCrypto>
                        <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
                            <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
                            <ramp:property name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property>
                            <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache
                            </ramp:property>
                        </ramp:crypto>
                    </ramp:signatureCrypto>
                </ramp:RampartConfig>

            </wsp:All>
        </wsp:ExactlyOne>
    </wsp:Policy>
    </service>
</serviceGroup>

客户存根

SimpleServiceStub stub = new SimpleServiceStub("http://sbswsvm1426:9091/axis2/services/SimpleService?wsdl");
            stub._getServiceClient().engageModule("rampart");
            stub._getServiceClient().engageModule("addressing");
            Options options = stub._getServiceClient().getOptions();
            options.setUserName("apache");
            options.setPassword("password");
            Echo oSreq=new Echo();
            oSreq.setArgs0("Echoed!!");


            EchoResponse response = stub.echo(oSreq);
            System.out.println(response.get_return());
4

2 回答 2

8

尝试跟随。您必须提供客户端存储库的路径。在存储库文件夹中必须有一个名为“modules”的文件夹,并且城墙 mar 应该在此文件夹内。

ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("path/to/client/repo", null);
SimpleServiceStub stub = new SimpleServiceStub(ctx, "http://sbswsvm1426ou:9091/axis2/services/SimpleService?wsdl");

我想你会再次收到一条新的错误消息。诸如“PKIX 路径构建失败”之类的东西。如果您知道,您需要将服务器证书添加到您的密钥库并需要导入它。你可以这样做

 System.setProperty("javax.net.ssl.trustStore", "/path/to/server.jks");
 System.setProperty("javax.net.ssl.trustStorePassword", "password"); 

您可以在此处阅读有关此内容的更多信息。http://wso2.com/library/3190/

于 2014-04-16T04:57:36.273 回答
0

您必须将其部署rampart.mar到模块目录下的客户端存储库。

于 2013-07-15T08:25:24.010 回答