0

SignedSupportingTokens我正在尝试为在其 wsdl中具有 ws-security 策略的肥皂服务组装一个小型 CXF 客户端。我已将 CXF 客户端配置如下

<jaxws:client id="secretService" name="{http:/mySecretServiceEndpoint//}Service" createdFromAPI="true">
        <jaxws:properties>
            <entry key="ws-security.signature.properties" value="keystore/secret.properties" />
            <entry key="ws-security.encryption.properties" value="keystore/secret.properties" />
            <entry key="ws-security.timestamp.timeToLive" value="600" />
        </jaxws:properties>
    </jaxws:client>

不幸的是,它无法发送带有以下错误的消息。

Caused by: org.apache.cxf.ws.policy.PolicyException: None of the policy alternatives can be satisfied.
    at org.apache.cxf.ws.policy.EffectivePolicyImpl.chooseAlternative(EffectivePolicyImpl.java:199)
    at org.apache.cxf.ws.policy.EffectivePolicyImpl.chooseAlternative(EffectivePolicyImpl.java:192)
    at org.apache.cxf.ws.policy.EffectivePolicyImpl.initialise(EffectivePolicyImpl.java:96)
    at org.apache.cxf.ws.policy.PolicyEngineImpl.getEffectiveClientRequestPolicy(PolicyEngineImpl.java:205)
    at org.apache.cxf.ws.policy.PolicyOutInterceptor.handle(PolicyOutInterceptor.java:98)
    at org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:44)
    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
    at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
    at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)

我想知道CXF是否SignedSupportingTokens默认支持策略?我需要注册一些处理程序还是我错过了其他东西?WS-Security我对and没有太多经验WS-SecurityPolicy,任何回复都将受到高度赞赏。

4

1 回答 1

1

回答我自己的问题,因为有一天它可能会对某人有所帮助!CXF 确实支持 SignedSupportingTokens 等等,就我而言,服务 WSDL 为 SignedSupportingTokens 提供了不同的命名空间,CXF 客户端可以理解(无法匹配)。

我能够通过使用 ws-security 拦截器来配置客户端来解决这个问题。

于 2014-12-15T17:26:16.263 回答