1

我正在尝试仅使用以下代码配置 WSS4J 拦截器:

        try {

        Map<String, Object> outProps = new HashMap<String, Object>();

        outProps.put(WSHandlerConstants.ACTION,
                WSHandlerConstants.TIMESTAMP + " "
                        + WSHandlerConstants.SIGNATURE + " "
                        + WSHandlerConstants.ENCRYPT);
        outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
        outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
                ClientKeystorePasswordCallback.class.getName());
        outProps.put(WSHandlerConstants.SIG_PROP_FILE,
                "clientWSsec-PC165.properties");
        outProps.put(WSHandlerConstants.ENC_PROP_FILE,
                "clientWSsec-PC165-Srv.properties");
        outProps.put(WSHandlerConstants.SIGNATURE_USER, "clientKey");
        outProps.put(WSHandlerConstants.ENCRYPTION_USER, "serverKey");

        Map<String, Object> inProps = new HashMap<String, Object>();

        inProps.put("action", "Timestamp Signature Encrypt");
        inProps.put("passwordType", "PasswordText");
        inProps.put("passwordCallbackClass",
                "utils.ClientKeystorePasswordCallback");
        inProps.put("signatureUser", "clientKey");
        inProps.put("encryptionUser", "serverKey");
        inProps.put("encryptionPropFile", "clientWSsec-PC165.properties");
        inProps.put("signaturePropFile", "clientWSsec-PC165.properties");


        DefaultCryptoCoverageChecker coverageChecker = new DefaultCryptoCoverageChecker();
        coverageChecker.setSignBody(true);
        coverageChecker.setSignTimestamp(true);
        coverageChecker.setEncryptBody(true);

        Service service = new Service ();
        WsService  wsService = service.getWsServiceSOAP();

        org.apache.cxf.endpoint.Client client = ClientProxy
                .getClient(wsService);
        client.getInInterceptors().add(new WSS4JInInterceptor(inProps));
        client.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
        client.getInInterceptors().add(coverageChecker);

        ResponseType parameters1 = new ResponseType();
        wsService.getResponse(getServiceHeader(),
                parameters1);

    } catch (UndeclaredThrowableException ex) {
        ex.getUndeclaredThrowable().printStackTrace();
    } catch (Exception ex) {
        ex.printStackTrace();
    }

但我收到了这个错误:

javax.xml.ws.soap.SOAPFaultException: Security configuration could not be detected. Potential cause: Make sure jaxws:client element with name attribute value matching endpoint port is defined as well as a ws-security.signature.properties element within it.
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:157)
at $Proxy29.getResponse(Unknown Source)
at utils.Client.main(Client.java:118)

Caused by: org.apache.cxf.ws.policy.PolicyException: Security configuration could not be detected. Potential cause: Make sure jaxws:client element with name attribute value matching endpoint port is defined as well as a ws-security.signature.properties element within it.
at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:313)
at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuilder(AbstractBindingBuilder.java:1827)
at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:567)
at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:147)
at org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:98)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:176)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:90)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
... 2 more

我想知道我的代码中是否遗漏了某些内容,或者我的做法是否正确。

谢谢!

4

2 回答 2

5

您正在使用 WSS4JOutInterceptor/WSS4JInInterceptor 混合“基于操作”的配置和“基于策略”的配置。在您的示例中,CXF WS-Security 运行时使用 WS-SecurityPolicy (AsymmetricBinding) 来配置安全性。在这种情况下,您不需要显式配置 WSS4JOutInterceptor。您需要做的是添加相关的安全属性。这是一个(代码)示例:

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=systests/ws-security/src/test/java/org/apache/cxf/systest/ ws/fault/FaultTest.java;hb=fd92c807e8773c363df37cfaf946971f5bac763b

尤其是:

client.getRequestContext().put("ws-security.username", "bob");

client.getRequestContext().put("ws-security.encryption.properties", "bob.properties");

等等

科尔姆。

于 2014-06-16T15:06:01.930 回答
0

您使用的是哪个版本的 CXF?

我对 CXF 2.7.11 也有同样的问题。版本 2.7.1 中未出现此问题。

您也可以尝试使用最新的 3.0 版本。

于 2014-07-20T13:14:46.873 回答