2

似乎使用 SpringWS + Wss4j 拦截器添加时间戳的默认选项是在标头中的安全元素中添加时间戳:

<SOAP-ENV:Header>
    <wsse:Security>
        ...
        <wsu:Timestamp wsu:Id="TS-2">
            <wsu:Created>2013-09-19T17:43:31Z</wsu:Created>
            <wsu:Expires>2013-09-19T17:48:31Z</wsu:Expires>
        </wsu:Timestamp>
    </wsse:Security>
</SOAP-ENV:Header>

但是,我希望 Timestam 元素位于 Security 元素之外(见下文)。这可能吗?

<SOAP-ENV:Header>
    <wsse:Security>
        ...
    </wsse:Security>
    <wsu:Timestamp wsu:Id="TS-2">
        <wsu:Created>2013-09-19T17:43:31Z</wsu:Created>
        <wsu:Expires>2013-09-19T17:48:31Z</wsu:Expires>
    </wsu:Timestamp>
</SOAP-ENV:Header>

弹簧配置如下:

<bean id="messageFactory" class="org.springframework.ws.soap.saaj.SaajSoapMessageFactory"/>

<bean id="webServiceTemplate" class="org.springframework.ws.client.core.WebServiceTemplate">
    <constructor-arg ref="messageFactory"/>
    <property name="defaultUri" value="https://domain.com/service"/>
    <property name="marshaller" ref="marshaller"/>
    <property name="unmarshaller" ref="marshaller"/>
    <property name="interceptors">
        <list>
            <ref local="wsClientSecurityInterceptor"/>
        </list>
    </property>
</bean>

<bean id="wsClientSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">  
    <!-- Validation Actions -->
    <property name="validationActions" value="NoSecurity" />

    <!-- Securement Actions -->
    <property name="securementActions" value="UsernameToken Timestamp" /> 

    <!-- timestamp options -->
    <property name="timestampStrict" value="false"/> 
    <property name="timestampPrecisionInMilliseconds" value="false"/> 

    <!-- username -->
    <property name="securementUsername" value="TheUsername"/>
    <property name="securementPassword" value="ThePassword"/>
    <property name="securementMustUnderstand" value="true" />
</bean>
4

0 回答 0