web-services - Weblogic 10.3 WebService 单向 SSL HTTP 401：未经授权

Question

在过去的两天里，我遇到了一个 Web 服务 HTTP 401 问题。如果有人能给我一些指导，我将不胜感激。

背景

我开发了一个 web 服务，它应该使用 weblogic ant 命令 jwsc 和 clientgen 进行单向 SSL 身份验证。我开发了与 HTTP 服务相同的功能，并且在客户端获得适当响应的情况下也能正常工作。

在此之后，我将服务转换为基于 oracle文档的单向 SSL 工作。生成客户端后，我将服务类更改为 https 和正确的端口号，使用谷歌实验室的 InstallCert.java 创建了一个信任库。

问题当我测试上面的代码时，我得到了以下异常

 Exception in thread "main" com.sun.xml.internal.ws.client.ClientTransportException: The server sent HTTP status code 401: Unauthorized
 [java]     at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.checkStatusCode(HttpTransportPipe.java:196)
 [java]     at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:168)
 [java]     at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:83)
 [java]     at com.sun.xml.internal.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:105)
 [java]     at com.sun.xml.internal.ws.api.pipe.Fiber.__doRun(Fiber.java:587)
 [java]     at com.sun.xml.internal.ws.api.pipe.Fiber._doRun(Fiber.java:546)
 [java]     at com.sun.xml.internal.ws.api.pipe.Fiber.doRun(Fiber.java:531)
 [java]     at com.sun.xml.internal.ws.api.pipe.Fiber.runSync(Fiber.java:428)
 [java]     at com.sun.xml.internal.ws.client.Stub.process(Stub.java:211)
 [java]     at com.sun.xml.internal.ws.client.sei.SEIStub.doProcess(SEIStub.java:124)
 [java]     at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:98)
 [java]     at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:78)
 [java]     at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:107)
 [java]     at $Proxy29.sayHelloWorld(Unknown Source)
 [java]     at examples.webservices.simple_client.Main.callServer(Unknown Source)
 [java]     at examples.webservices.simple_client.Main.main(Unknown Source)

经过大量的谷歌搜索后，我想出了如何在客户端使用调试 SOAP 消息<jvmarg value="-Dcom.sun.xml.ws.transport.http.client.HttpTransportPipe.dump=true"/> <jvmarg value="-Djavax.net.debug=ssl"/> <jvmarg value="-Dweblogic.security.SSL.ignoreHostnameVerify=true"/>

在输出中，我可以看到我的服务器证书得到了正确的身份验证（基于我对各种谷歌搜索结果的理解，由于以下输出

    Found trusted certificate:
     [java] [
     [java] [
     [java]   Version: V1
     [java]   Subject: CN=myserver, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
     [java]   Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
     [java]
     [java]   Key:  Sun RSA public key, 512 bits
     [java]   modulus: 11399037646943714373129589413160891986565558044118796140794648360486617578069478083040335022051356380275876221883739208839702905668066595828725571636353511
     [java]   public exponent: 65537
     [java]   Validity: [From: Tue Oct 11 05:46:19 EDT 2011,
     [java]                To: Mon Oct 12 05:46:19 EDT 2026]
     [java]   Issuer: CN=CertGenCAB, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
     [java]   SerialNumber: [    55a93b5e 2866f87c 4d24e2a3 eb4fe6da]
     [java]
     [java] ]
     [java]   Algorithm: [MD5withRSA]
     [java]   Signature:
     [java] 0000: 2A 8C EF C6 93 59 A8 0B   59 CD 28 08 7C D5 EC 50  *....Y..Y.(....P
     [java] 0010: B1 31 00 CA 67 DB DE 45   4D B5 40 A8 48 2D 58 5C  .1..g..EM.@.H-X\
     [java] 0020: 04 6E 50 7B 58 C5 14 D7   FD 89 BA C3 18 DC A9 BC  .nP.X...........
     [java] 0030: 33 4A ED EC 35 51 CB 0F   88 BD 0B FC 99 35 1C 7B  3J..5Q.......5..
     [java]
     [java] ]
     [java] main, READ: TLSv1 Handshake, length = 4
     [java] *** ServerHelloDone
     [java] *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
     [java] main, WRITE: TLSv1 Handshake, length = 70
     [java] SESSION KEYGEN:
     [java] PreMaster Secret:
     [java] 0000: 03 01 4E 55 6E B6 7D F3   1A 95 EC 23 1A 26 A1 F4  ..NUn......#.&..
     [java] 0010: CB 7D 77 0A E2 87 09 34   C9 CD A2 F3 34 5C 7F E8  ..w....4....4\..
     [java] 0020: D1 35 D7 5E BB 1A 13 2F   06 55 72 C5 2A 43 FD ED  .5.^.../.Ur.*C..
     [java] CONNECTION KEYGEN:
     [java] Client Nonce:
     [java] 0000: 52 0D D7 97 92 E3 75 F1   3C 19 4F 5F B1 DE 38 BE  R.....u.<.O_..8.
     [java] 0010: 43 13 D3 0A D8 C0 0D 87   8F 82 32 58 07 1B 09 91  C.........2X....
     [java] Server Nonce:
     [java] 0000: 52 0D D7 97 29 8A F0 E1   31 85 01 D0 B7 6F CC AC  R...)...1....o..
     [java] 0010: 1E C0 F3 69 5C 19 01 C5   05 96 5D 61 ED 34 DE B0  ...i\.....]a.4..
     [java] Master Secret:
 [java] 0000: 2A AC FE C3 23 DC C8 4C   B3 43 52 9A C3 AD 6C 7D  *...#..L.CR...l.
     [java] 0010: 86 64 06 C7 71 7B 0A C2   41 2D D8 85 80 C7 09 2C  .d..q...A-.....,
     [java] 0020: 8D 4B BF BE D7 6A 14 E0   FD 71 7C 42 33 9E E9 3E  .K...j...q.B3..>
     [java] Client MAC write Secret:
     [java] 0000: C7 C4 4B B0 17 63 EF 15   49 10 41 C9 8E F5 4D B8  ..K..c..I.A...M.
     [java] Server MAC write Secret:
     [java] 0000: 43 D5 66 32 E6 8D 85 5F   4A 59 4E 22 E2 2D 63 9B  C.f2..._JYN".-c.
     [java] Client write key:
     [java] 0000: C7 A0 5E 3C 95 7D 5B C1   76 58 33 50 32 9F 32 60  ..^<..[.vX3P2.2`
     [java] Server write key:
     [java] 0000: 8E C1 C7 DE A4 46 89 4D   CB 27 19 98 20 59 69 9E  .....F.M.'.. Yi.
     [java] ... no IV used for this cipher
     [java] main, WRITE: TLSv1 Change Cipher Spec, length = 1
     [java] *** Finished
     [java] verify_data:  { 177, 168, 133, 8, 117, 184, 224, 201, 35, 12, 96, 25 }
     [java] ***
     [java] main, WRITE: TLSv1 Handshake, length = 32
     [java] main, READ: TLSv1 Change Cipher Spec, length = 1
     [java] main, READ: TLSv1 Handshake, length = 32
     [java] *** Finished
     [java] verify_data:  { 202, 0, 249, 55, 208, 218, 164, 49, 228, 244, 138, 164 }
     [java] ***
     [java] %% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
     [java] main, WRITE: TLSv1 Application Data, length = 225
     [java] main, READ: TLSv1 Application Data, length = 175
     [java] main, READ: TLSv1 Application Data, length = 3040
     [java] main, called close()
     [java] main, called closeInternal(true)
     [java] main, SEND TLSv1 ALERT:  warning, description = close_notify
     [java] main, WRITE: TLSv1 Alert, length = 18
     [java] Allow unsafe renegotiation: false
     [java] Allow legacy hello messages: true
     [java] Is initial handshake: true
     [java] Is secure renegotiation: false
     [java] %% Client cached [Session-1, SSL_RSA_WITH_RC4_128_MD5]
     [java] %% Try resuming [Session-1, SSL_RSA_WITH_RC4_128_MD5] from port 56321
     [java] *** ClientHello, TLSv1
     [java] RandomCookie:  GMT: 1376573079 bytes = { 81, 111, 75, 50, 149, 29, 122, 231, 125, 64, 236, 168, 67, 7, 127, 120, 207, 8, 204, 91, 43, 124, 235, 162, 123, 13, 168, 6 }
[java] Session ID:  {202, 36, 120, 65, 56, 38, 121, 89, 214, 122, 192, 105, 176, 215, 37, 182}
     [java] Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
     [java] Compression Methods:  { 0 }
     [java] ***
     [java] main, WRITE: TLSv1 Handshake, length = 97
     [java] main, READ: TLSv1 Handshake, length = 58
     [java] *** ServerHello, TLSv1
     [java] RandomCookie:  GMT: 1376573079 bytes = { 255, 58, 121, 2, 103, 75, 164, 168, 47, 33, 30, 118, 219, 155, 5, 87, 78, 50, 248, 87, 55, 98, 140, 75, 1, 34, 94, 8 }
     [java] Session ID:  {202, 36, 120, 65, 56, 38, 121, 89, 214, 122, 192, 105, 176, 215, 37, 182}
     [java] Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
     [java] Compression Method: 0
     [java] ***
     [java] Warning: No renegotiation indication extension in ServerHello
     [java] CONNECTION KEYGEN:
     [java] Client Nonce:
     [java] 0000: 52 0D D7 97 51 6F 4B 32   95 1D 7A E7 7D 40 EC A8  R...QoK2..z..@..
     [java] 0010: 43 07 7F 78 CF 08 CC 5B   2B 7C EB A2 7B 0D A8 06  C..x...[+.......
     [java] Server Nonce:
     [java] 0000: 52 0D D7 97 FF 3A 79 02   67 4B A4 A8 2F 21 1E 76  R....:y.gK../!.v
     [java] 0010: DB 9B 05 57 4E 32 F8 57   37 62 8C 4B 01 22 5E 08  ...WN2.W7b.K."^.
     [java] Master Secret:
     [java] 0000: 2A AC FE C3 23 DC C8 4C   B3 43 52 9A C3 AD 6C 7D  *...#..L.CR...l.
     [java] 0010: 86 64 06 C7 71 7B 0A C2   41 2D D8 85 80 C7 09 2C  .d..q...A-.....,
     [java] 0020: 8D 4B BF BE D7 6A 14 E0   FD 71 7C 42 33 9E E9 3E  .K...j...q.B3..>
     [java] Client MAC write Secret:
     [java] 0000: E9 45 08 20 F4 70 E3 F0   B7 EF CB 17 A3 D0 F2 28  .E. .p.........(
     [java] Server MAC write Secret:
     [java] 0000: 12 5D 3C 63 FE FA FA AC   DC 31 0E C5 AE 52 71 2C  .]<c.....1...Rq,
     [java] Client write key:
     [java] 0000: CE E5 02 F1 A4 EA 87 B3   C7 AF 35 89 DD 3E BD 64  ..........5..>.d
     [java] Server write key:
     [java] 0000: 6E 02 D3 5C A7 3F C5 57   D7 B7 84 CD 8D 4A 17 2C  n..\.?.W.....J.,
     [java] ... no IV used for this cipher
     [java] %% Server resumed [Session-1, SSL_RSA_WITH_RC4_128_MD5]
     [java] main, READ: TLSv1 Change Cipher Spec, length = 1
     [java] main, READ: TLSv1 Handshake, length = 32
     [java] *** Finished
     [java] verify_data:  { 253, 116, 209, 250, 88, 31, 151, 15, 134, 162, 94, 55 }
     [java] ***
[java] main, WRITE: TLSv1 Handshake, length = 32
     [java] main, WRITE: TLSv1 Application Data, length = 225
     [java] main, READ: TLSv1 Application Data, length = 175
     [java] main, READ: TLSv1 Application Data, length = 3040
     [java] main, called close()
     [java] main, called closeInternal(true)
     [java] main, SEND TLSv1 ALERT:  warning, description = close_notify
     [java] main, WRITE: TLSv1 Alert, length = 18
     [java] the wsdl location is https://myserver:myport/HelloWorldImpl/HelloWorldService?WSDL
     [java] the ports is {https://myserver:myport}HelloWorldPortTypePort
     [java] Allow unsafe renegotiation: false
     [java] Allow legacy hello messages: true
     [java] Is initial handshake: true
     [java] Is secure renegotiation: false
     [java] %% Client cached [Session-1, SSL_RSA_WITH_RC4_128_MD5]
     [java] %% Try resuming [Session-1, SSL_RSA_WITH_RC4_128_MD5] from port 56322
     [java] *** ClientHello, TLSv1
     [java] RandomCookie:  GMT: 1376573079 bytes = { 110, 65, 69, 188, 135, 246, 1, 160, 40, 124, 7, 13, 57, 253, 194, 185, 195, 172, 61, 188, 32, 74, 61, 241, 66, 54, 12, 11 }
     [java] Session ID:  {202, 36, 120, 65, 56, 38, 121, 89, 214, 122, 192, 105, 176, 215, 37, 182}
     [java] Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
     [java] Compression Methods:  { 0 }
     [java] ***
     [java] main, WRITE: TLSv1 Handshake, length = 97
     [java] main, READ: TLSv1 Handshake, length = 58
     [java] *** ServerHello, TLSv1
     [java] RandomCookie:  GMT: 1376573079 bytes = { 62, 17, 208, 2, 106, 161, 176, 178, 192, 167, 106, 98, 252, 176, 9, 52, 142, 121, 171, 228, 11, 115, 9, 179, 2, 28, 133, 193 }
     [java] Session ID:  {202, 36, 120, 65, 56, 38, 121, 89, 214, 122, 192, 105, 176, 215, 37, 182}
     [java] Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
     [java] Compression Method: 0
     [java] ***
     [java] Warning: No renegotiation indication extension in ServerHello
     [java] CONNECTION KEYGEN:
     [java] Client Nonce:
     [java] 0000: 52 0D D7 97 6E 41 45 BC   87 F6 01 A0 28 7C 07 0D  R...nAE.....(...
     [java] 0010: 39 FD C2 B9 C3 AC 3D BC   20 4A 3D F1 42 36 0C 0B  9.....=. J=.B6..
     [java] Server Nonce:
     [java] 0000: 52 0D D7 97 3E 11 D0 02   6A A1 B0 B2 C0 A7 6A 62  R...>...j.....jb
     [java] 0010: FC B0 09 34 8E 79 AB E4   0B 73 09 B3 02 1C 85 C1  ...4.y...s......
[java] Master Secret:
     [java] 0000: 2A AC FE C3 23 DC C8 4C   B3 43 52 9A C3 AD 6C 7D  *...#..L.CR...l.
     [java] 0010: 86 64 06 C7 71 7B 0A C2   41 2D D8 85 80 C7 09 2C  .d..q...A-.....,
     [java] 0020: 8D 4B BF BE D7 6A 14 E0   FD 71 7C 42 33 9E E9 3E  .K...j...q.B3..>
     [java] Client MAC write Secret:
     [java] 0000: FC B9 1E 90 2C A4 A2 2F   34 9B F2 FB F5 FD 16 35  ....,../4......5
     [java] Server MAC write Secret:
     [java] 0000: 0D 31 04 6F CE 64 64 8F   5E C0 62 2C 4C 87 BC 7C  .1.o.dd.^.b,L...
     [java] Client write key:
     [java] 0000: B6 21 C1 68 57 93 BB E1   CF 66 6B CC 91 FA C2 24  .!.hW....fk....$
     [java] Server write key:
     [java] 0000: 82 82 6D 40 AD 98 98 27   29 38 C1 DC D0 2B 1C DC  ..m@...')8...+..
     [java] ... no IV used for this cipher
     [java] %% Server resumed [Session-1, SSL_RSA_WITH_RC4_128_MD5]
     [java] main, READ: TLSv1 Change Cipher Spec, length = 1
     [java] main, READ: TLSv1 Handshake, length = 32
     [java] *** Finished
     [java] verify_data:  { 118, 17, 113, 93, 80, 136, 119, 75, 181, 180, 92, 119 }
     [java] ***
     [java] main, WRITE: TLSv1 Change Cipher Spec, length = 1
     [java] *** Finished
     [java] verify_data:  { 161, 172, 242, 50, 208, 52, 88, 200, 8, 141, 79, 241 }
     [java] ***
     [java] main, WRITE: TLSv1 Handshake, length = 32
     [java] main, WRITE: TLSv1 Application Data, length = 338
     [java] main, WRITE: TLSv1 Application Data, length = 242
     [java] main, READ: TLSv1 Application Data, length = 227
     [java] main, READ: TLSv1 Application Data, length = 300
     [java] Exception in thread "main" com.sun.xml.internal.ws.client.ClientTransportException: The server sent HTTP status code 401: Unauthorized
     [java]     at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.checkStatusCode(HttpTransportPipe.java:196)
     [java]     at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:168)
     [java]     at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:83)
     [java]     at com.sun.xml.internal.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:105)
     [java]     at com.sun.xml.internal.ws.api.pipe.Fiber.__doRun(Fiber.java:587)
     [java]     at com.sun.xml.internal.ws.api.pipe.Fiber._doRun(Fiber.java:546)
     [java]     at com.sun.xml.internal.ws.api.pipe.Fiber.doRun(Fiber.java:531)
     [java]     at com.sun.xml.internal.ws.api.pipe.Fiber.runSync(Fiber.java:428)
     [java]     at com.sun.xml.internal.ws.client.Stub.process(Stub.java:211)
     [java]     at com.sun.xml.internal.ws.client.sei.SEIStub.doProcess(SEIStub.java:124)
     [java]     at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:98)
     [java]     at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:78)
     [java]     at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:107)
     [java]     at $Proxy29.sayHelloWorld(Unknown Source)

在我的网络服务中，我使用的身份验证策略是policy:Wssp1.2-2007-Https.xml.

我的理解是我的请求被服务器端拒绝。如何调试或识别这个？任何人都可以帮助我了解这里发生的事情。

提前感谢稻田

更新-2

你好，

请在下面的 WSDL 中找到该策略。

<wsp:Policy wssutil:Id="Wssp1.2-2007-Https.xml">
- <ns1:TransportBinding xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
- <wsp:Policy>
- <ns1:TransportToken>
- <wsp:Policy>
  <ns1:HttpsToken /> 
  </wsp:Policy>
  </ns1:TransportToken>
- <ns1:AlgorithmSuite>
- <wsp:Policy>
  <ns1:Basic256 /> 
  </wsp:Policy>
  </ns1:AlgorithmSuite>
- <ns1:Layout>
- <wsp:Policy>
  <ns1:Lax /> 
  </wsp:Policy>
  </ns1:Layout>
  <ns1:IncludeTimestamp /> 
  </wsp:Policy>
  </ns1:TransportBinding>
  </wsp:Policy>

更新 3 -

我试图删除策略 {@Policy} 并尝试在没有任何策略规范的情况下使用 SSL。我仍然遇到同样的错误。我将 SSL 调试添加到我的 weblogic 服务器。这是我在服务器端看到的日志。客户端异常是相同的。

<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <close(): 339812160>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 1651138619>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <339812160 closed by last read, readRecord returned 0>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <close(): 339812160>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 1651138619>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 705673280>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will  be Muxing>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 SSL3/TLS MAC>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 received HANDSHAKE>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ClientHello>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm MD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 58>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <write CHANGE_CIPHER_SPEC, offset = 0, length = 1>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 16>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 SSL3/TLS MAC>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 received CHANGE_CIPHER_SPEC>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RC4>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HMACMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HMACMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 SSL3/TLS MAC>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 received HANDSHAKE>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Finished>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacMD5>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Mac: SunJCE version 1.6 for algorithm HmacSHA1>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Will use default Mac for algorithm HmacSHA1>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.findContext(sock): 212226998>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <activateNoRegister()>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLFilterImpl.activate(): activated: 865292526 510369659>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 read(offset=0, length=4080)>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: true>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <hasSSLRecord()>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <hasSSLRecord returns true>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 SSL3/TLS MAC>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 received APPLICATION_DATA: databufferLen 0, contentLength 349>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 read databufferLen 349>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 read A returns 349>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 read(offset=349, length=3731)>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: true>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <hasSSLRecord()>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <hasSSLRecord returns true>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 SSL3/TLS MAC>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <434381551 received APPLICATION_DATA: databufferLen 0, contentLength 226>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 read databufferLen 226>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 read A returns 226>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 read(offset=575, length=3505)>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: true>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <hasSSLRecord()>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <hasSSLRecord returns false 1>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 Rethrowing InterruptedIOException>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.findContext(sock): 212226998>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <activateNoRegister()>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLFilterImpl.activate(): activated: 865292526 1247045377>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 read(offset=575, length=3505)>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: true>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <hasSSLRecord()>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <hasSSLRecord returns false 1>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <610789119 Rethrowing InterruptedIOException>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 0, length = 197>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <write APPLICATION_DATA, offset = 6, length = 1518>
<Aug 18, 2013 2:40:45 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: WARNING, Type: 0
java.lang.Exception: New alert stack
        at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
        at com.certicom.tls.interfaceimpl.TLSConnectionImpl.closeWriteHandler(Unknown Source)
        at com.certicom.tls.interfaceimpl.TLSConnectionImpl.close(Unknown Source)
        at javax.net.ssl.impl.SSLSocketImpl.close(Unknown Source)
        at weblogic.socket.SocketMuxer.closeSocket(SocketMuxer.java:463)
        at weblogic.socket.SocketMuxer.closeSocket(SocketMuxer.java:444)
        at weblogic.socket.SocketMuxer.cleanupSocket(SocketMuxer.java:831)
        at weblogic.socket.SocketMuxer.deliverExceptionAndCleanup(SocketMuxer.java:788)
        at weblogic.socket.SocketMuxer.deliverEndOfStream(SocketMuxer.java:716)
        at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:904)
        at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:854)
        at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:130)
        at weblogic.socket.SocketReaderRequest.run(SocketReaderRequest.java:29)
        at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:42)
        at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:145)
        at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:117)

score 0 · Accepted Answer

我想我解决了我的问题。我不需要 @Policy 注释。一旦我评论了它。我的网络服务仍然是安全的，因为我有一个 https url，但是令牌和用户名密码身份验证从未启动。

谢谢您的帮助。稻田

score 0 · Accepted Answer

似乎该策略需要 basic autentication ，而您没有发送 Auth Basic Header。你能打印你的保单吗？这不是 SSL 的问题。

web-services - Weblogic 10.3 WebService 单向 SSL HTTP 401：未经授权

2 回答 2

Related

Reference