2

看起来这应该很简单,但解决方案一直在逃避我。我的流程是 XML -> XSLT 翻译 -> 使用 Web 服务(具体为 IBM Web Sphere Web Service)。我让这些部分单独工作,但我无法弄清楚如何将用户/传递添加到 SOAP 标头。我认为我应该能够将它们添加到 Mule SOAP 组件的安全选项卡中的键中(我将操作设置为代理客户端)。不幸的是,我无法弄清楚有效的密钥是什么。也许我什至试图使用安全选项卡都离基地很远。所以最终我需要我的传出 XML 包含:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <soapenv:Header>
        <wsse:Security soapenv:mustUnderstand="1">
            <wsse:UsernameToken>
                <wsse:Username>
                    myUserName
                </wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
                    myPa33W0rd
                </wsse:Password>
            </wsse:UsernameToken>
        </wsse:Security>
    </soapenv:Header>
    <soapenv:Body>

目前我的 Mule 流程正在推出:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Body>

我是否需要手动添加安全信息(可能在 XSLT 翻译中)?这感觉不对,但我不知道如何添加它。

以下是我的流程中的相关行:

<mulexml:xslt-transformer maxIdleTransformers="2" maxActiveTransformers="5" xsl-file="src\main\resources\MappingMapToChangeCatalogEntry.xslt" outputEncoding="US-ASCII" doc:name="XSLT"/>
<cxf:proxy-client payload="body" enableMuleSoapHeaders="true" doc:name="SOAP"/>
<byte-array-to-string-transformer doc:name="Byte Array to String"/>
4

1 回答 1

5

为了添加 WS-Sec,您需要配置 CXF WSS4J 拦截器并将它们注入 Mule 的 CXF 消息处理器。

3.3 之前 =

<spring:bean name="wss4jOutConfiguration"
    class="org.springframework.beans.factory.config.MapFactoryBean">
    <spring:property name="sourceMap">
      <spring:map>
          <spring:entry key="action" value="Signature" />
          <spring:entry key="user" value="joe" />
          <spring:entry key="signaturePropFile" value="org/mule/module/cxf/wssec/wssecurity.properties" />
          <spring:entry key="passwordCallbackClass" value="org.mule.module.cxf.wssec.ClientPasswordCallback" />
      </spring:map>
    </spring:property>
</spring:bean>

...

    <cxf:proxy-client payload="body" enableMuleSoapHeaders="true" doc:name="SOAP">
        <cxf:outInterceptors>
            <spring:bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
                <spring:property name="properties" ref="wss4jOutConfiguration"/>
            </spring:bean>
        </cxf:outInterceptors>
    </cxf:proxy-client>

粗略示例密码回调类:

public class ClientPasswordCallback implements CallbackHandler{

@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    WSPasswordCallback callback = (WSPasswordCallback) callbacks[0];
    if(callback.getIdentifier().equals("joe")){
        callback.setPassword("pass");
    }
}

在此处查看更多信息:http: //www.mulesoft.org/documentation/display/current/WS-Security+Usability+Improvement

3.3.+ :在 3.3+ 中有一个新的 cxf:ws-security 元素可用这里是一个示例流程:https ://svn.codehaus.org/mule/tags/mule-3.4-M2/modules/cxf/src /test/resources/org/mule/module/cxf/wssec/cxf-secure-proxy-flow.xml

<cxf:proxy-client payload="body"
    enableMuleSoapHeaders="true" doc:name="SOAP">
    <cxf:ws-security>
        <cxf:ws-config>
            <cxf:property key="action"
                value="UsernameToken 
                  Timestamp" />
            <cxf:property key="user" value="joe" />
            <cxf:property key="passwordCallbackClass"
                value="com.mulesoft.mule.example.security.PasswordCallback" />
            <cxf:property key="mustUnderstand" value="false" />
        </cxf:ws-config>
    </cxf:ws-security>
</cxf:proxy-client>

以前我在使用 XSLT 时也自己处理过整个信封。然后我传递了用户并通过上下文参数传递到 XSLT

<xm:xslt-transformer xsl-file="xslt/ToSomethingSOAPY.xsl">
    <xm:context-property key="user" value="${my.user}" />
    <xm:context-property key="password" value="${my.pass}" />
</xm:xslt-transformer>

然后通过 xsl 参数接收它们,如下所示:

<xsl:param name="user" />

....

<wsse:UsernameToken
                        xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
                        wsu:Id="UsernameToken-1018444980">
                        <wsse:Username><xsl:value-of select="$user" /></wsse:Username>
于 2013-05-01T08:38:07.323 回答