0

您好我在尝试查看 Axis2 上的可用服务时遇到错误。

我基本上需要客户端始终将用户名/密码发送到 Axis2 服务器。以下是我安装的:

Java7 Apache Tomcat 7.0.22 Axis2 1.6 Rampart 1.6

Tomcat 启动正常。我能够看到 Axis2,但是当我单击服务链接时,我看到以下错误。下面也是我添加到 services.xml 的策略部分。我是否还必须为证书创建一个 java 数据存储 JKS?这是必需的吗?我只是想让它启动并运行。一旦这个工作正常,我将添加额外的安全性,如 HTTPS。

提前致谢。

    <!-- Server policy for Username Token with plaintext password -->
<wsp:Policy wsu:Id="UsernameToken" xmlns:wsu="http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
 <wsp:ExactlyOne>
 <wsp:All>
 <sp:TransportBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 <wsp:Policy>
 <sp:TransportToken>
 <wsp:Policy>
 <sp:HttpToken RequireClientCertificate="false"/>
 </wsp:Policy>
 </sp:TransportToken>
<sp:AlgorithmSuite>
 <wsp:Policy>
<sp:Basic256/>
 </wsp:Policy>
</sp:AlgorithmSuite>
 </wsp:Policy>
 </sp:TransportBinding>
 <sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
 <wsp:Policy>
 <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/wssx/ws-securitypolicy/200702/IncludeToken/Never"/>
 </wsp:Policy>
 </sp:SupportingTokens>
 <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
 <ramp:passwordCallbackClass>com.ami.emscribe.security.PWCHandler</ramp:passwordCallbackClass>
 </ramp:RampartConfig>
 </wsp:All>
 </wsp:ExactlyOne>
</wsp:Policy>

在我在 Axis2 的浏览器中看到的堆栈跟踪下方:

Error: java.lang.RuntimeException: Incorrect inclusion value: -1 at org.apache.ws.secpolicy.model.Token.setInclusion(Token.java:56) 
at org.apache.ws.secpolicy12.builders.UsernameTokenBuilder.build(UsernameTokenBuilder.java:45) at org.apache.ws.secpolicy12.builders.UsernameTokenBuilder.build(UsernameTokenBuilder.java:35) 
at org.apache.neethi.AssertionBuilderFactoryImpl.invokeBuilder(AssertionBuilderFactoryImpl.java:138) at org.apache.neethi.AssertionBuilderFactoryImpl.build(AssertionBuilderFactoryImpl.java:117)
 at org.apache.neethi.PolicyBuilder.processOperationElement(PolicyBuilder.java:224) at org.apache.neethi.PolicyBuilder.getPolicyOperator(PolicyBuilder.java:174) at org.apache.neethi.PolicyBuilder.getPolicy(PolicyBuilder.java:124) at org.apache.neethi.PolicyEngine.getPolicy(PolicyEngine.java:100) at org.apache.ws.secpolicy12.builders.SupportingTokensBuilder.build(SupportingTokensBuilder.java:78)
 at org.apache.ws.secpolicy12.builders.SupportingTokensBuilder.build(SupportingTokensBuilder.java:39) at org.apache.neethi.AssertionBuilderFactoryImpl.invokeBuilder(AssertionBuilderFactoryImpl.java:138) 
 at org.apache.neethi.AssertionBuilderFactoryImpl.build(AssertionBuilderFactoryImpl.java:117) at org.apache.neethi.PolicyBuilder.processOperationElement(PolicyBuilder.java:224) 
 at org.apache.neethi.PolicyBuilder.getAllOperator(PolicyBuilder.java:184) at org.apache.neethi.PolicyBuilder.processOperationElement(PolicyBuilder.java:217)
 at org.apache.neethi.PolicyBuilder.getExactlyOneOperator(PolicyBuilder.java:180) at org.apache.neethi.PolicyBuilder.processOperationElement(PolicyBuilder.java:215) 
 at org.apache.neethi.PolicyBuilder.getPolicyOperator(PolicyBuilder.java:174) at org.apache.neethi.PolicyBuilder.getPolicy(PolicyBuilder.java:124) at org.apache.neethi.PolicyEngine.getPolicy(PolicyEngine.java:100)
 at org.apache.axis2.deployment.DescriptionBuilder.processPolicyElements(DescriptionBuilder.java:639) at org.apache.axis2.deployment.ServiceBuilder.populateService(ServiceBuilder.java:308) 
 at org.apache.axis2.deployment.repository.util.ArchiveReader.buildServiceGroup(ArchiveReader.java:101) at org.apache.axis2.deployment.repository.util.ArchiveReader.processServiceGroup(ArchiveReader.java:178) 
 at org.apache.axis2.deployment.ServiceDeployer.deploy(ServiceDeployer.java:82) at org.apache.axis2.deployment.repository.util.DeploymentFileData.deploy(DeploymentFileData.java:136) 
 at org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngine.java:813) at org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoList.java:144) 
 at org.apache.axis2.deployment.RepositoryListener.update(RepositoryListener.java:377) at org.apache.axis2.deployment.RepositoryListener.checkServices(RepositoryListener.java:254) 
 at org.apache.axis2.deployment.DeploymentEngine.loadServices(DeploymentEngine.java:142) at org.apache.axis2.deployment.WarBasedAxisConfigurator.loadServices(WarBasedAxisConfigurator.java:283) 
 at org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContext(ConfigurationContextFactory.java:95) at org.apache.axis2.transport.http.AxisServlet.initConfigContext(AxisServlet.java:584) 
 at org.apache.axis2.transport.http.AxisServlet.init(AxisServlet.java:454) at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1228)
 at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1147) at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:836)
 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:135) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169) 
 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) 
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at
4

1 回答 1

0

找到了我的问题的答案。基本上我的政策安全是错误的。我猜我没有遵循 WSS4J 的规范。这是我找到解决方案的地方:http: //www.developerblogger.com/1111_9173580/

我刚刚将我的政策更改为如下所示,并且有效:

<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy">
    <wsp:ExactlyOne>    
        <wsp:All>
            <sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
                <wsp:Policy>
                    <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
                        <wsp:Policy>
                            <sp:WssUsernameToken10 />
                            <sp:HashPassword />
                        </wsp:Policy>
                    </sp:UsernameToken>
                </wsp:Policy>
            </sp:SupportingTokens>
             <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
 <ramp:passwordCallbackClass>com.mycompany.security.PWCHandler</ramp:passwordCallbackClass>
 </ramp:RampartConfig>
        </wsp:All>
    </wsp:ExactlyOne>
</wsp:Policy>
于 2015-05-22T19:53:15.173 回答