我正在使用 CXF 3.0.4 加密 Web 服务,并且我希望将 KeyIdentifier 设置为 EncryptedKeySHA1。为此,我将参数添加<entry key="encryptionKeyIdentifier" value="EncryptedKeySHA1"></entry>到 WSS4JOutInterceptor bean 中的 context.xml。
但是在出站请求中,我得到了:
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">QgB9VjsaVwwYNx/MowOS058pegY=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
奇怪的是,我得到了一个指纹密钥标识符。这是一个错误还是我需要以不同的方式配置它?
PS.:这是完整的 applicationContext.xml:
<context:property-placeholder location="classpath:test.properties" />
<bean id="ProjectServices" class="primavera.ws.ProjectPortType"
factory-bean="clientFactory" factory-method="create" />
<bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
<property name="serviceClass" value="primavera.ws.ProjectPortType" />
<property name="address"
value="http://port-128:8206/p6ws/services/ProjectService" />
<property name="inInterceptors">
<list>
<ref bean="logIn" />
<ref bean="signResponse" />
</list>
</property>
<property name="outInterceptors">
<list>
<ref bean="logOut" />
<ref bean="saajOut" />
<ref bean="signRequest" />
</list>
</property>
</bean>
<bean id="logIn" class="org.apache.cxf.interceptor.LoggingInInterceptor" />
<bean id="logOut" class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
<bean id="saajOut" class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" />
<bean id="signRequest" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken Timestamp Signature Encrypt" />
<entry key="user" value="username" />
<entry key="passwordType" value="PasswordText" />
<entry key="signatureUser" value="serverwsalias" />
<entry key="encryptionUser" value="serverwsalias" />
<entry key="passwordCallbackClass" value="main.ClientPasswordCallback" />
<entry key="signaturePropFile" value="/crypt.properties"></entry>
<entry key="signatureParts"
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;Body" />
<entry key="encryptionPropFile" value="/crypt.properties"></entry>
<entry key="encryptionParts"
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken;Body" />
<entry key="encryptionKeyIdentifier" value="EncryptedKeySHA1"></entry>
</map>
</constructor-arg>
</bean>
<bean id="signResponse" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Encrypt" />
<entry key="encryptionUser" value="serverwsalias" />
<entry key="decryptionPropFile" value="/crypt.properties"></entry>
</map>
</constructor-arg>
</bean>
</beans>
这是我的 pom.xml:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>asco</groupId>
<artifactId>testPrimaveraWS</artifactId>
<version>1.0</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<cxf.version>3.0.4</cxf.version>
<spring.version>3.1.3.RELEASE</spring.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>4.1.5.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.ws</groupId>
<artifactId>spring-ws-security</artifactId>
<version>2.2.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-databinding-jaxb</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>${cxf.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.jvnet.jax-ws-commons</groupId>
<artifactId>jaxws-maven-plugin</artifactId>
<version>2.2</version>
<executions>
<execution>
<id>wsClient</id>
<phase>compile</phase>
<goals>
<goal>wsimport</goal>
</goals>
</execution>
</executions>
<configuration>
<sourceDestDir>src/main/java</sourceDestDir>
<packageName>primavera.ws</packageName>
<wsdlUrls>
<wsdlUrl>http://port-128:8206/p6ws/services/ProjectService?wsdl</wsdlUrl>
</wsdlUrls>
</configuration>
</plugin>
</plugins>
</build>
</project>