10

我正在使用 SOAPUI 工具访问部署在 Weblogic 10.3.2 中的 JAX-WS Web 服务

要求:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ws="http://ws.pc3.polk.com/">
    <soapenv:Header>
        <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
        <wsu:Timestamp wsu:Id="Timestamp-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsu:Created>2010-12-03T21:10:43Z</wsu:Created>
            <wsu:Expires>2010-12-03T21:44:03Z</wsu:Expires>
        </wsu:Timestamp>
        <wsu:Timestamp wsu:Id="Timestamp-60" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsu:Created>2010-12-03T20:10:39Z</wsu:Created>
            <wsu:Expires>2010-12-03T20:43:59Z</wsu:Expires>
        </wsu:Timestamp>
        <wsse:UsernameToken wsu:Id="UsernameToken-59" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsse:Username>rwerqre</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">ewrqwrwerqer</wsse:Password>
            <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">Nmw0ksmiOX+hkiSoWb2Rjg==</wsse:Nonce>
            <wsu:Created>2010-12-03T20:10:39.649Z</wsu:Created>
        </wsse:UsernameToken>
    </wsse:Security>
    </soapenv:Header>
   <soapenv:Body>
      <ws:getMetadata/>
   </soapenv:Body>
</soapenv:Envelope>

回复:

<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
   <S:Body>
      <SOAP-ENV:Fault xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
         <faultcode>SOAP-ENV:MustUnderstand</faultcode>
         <faultstring>MustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood</faultstring>
      </SOAP-ENV:Fault>
   </S:Body>
</S:Envelope>
4

5 回答 5

10

您可以配置一个虚拟 SOAPHandler 来{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security将此标头标记为“已理解”。

或者,您可以更改 SOAP 请求(在调用方)以mustUnderstand="0"在安全标头中设置。

示例安全 SOAP 标头具有mustUnderstand="0"

<S:Header xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
   <wsse:Security S:mustUnderstand="0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
      <wsse:UsernameToken>
         <wsse:Username>USERNAME</wsse:Username>
         <wsse:Password wsse:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password>
      </wsse:UsernameToken>
   </wsse:Security>
</S:Header>
于 2010-12-07T15:51:45.250 回答
7

经过大量研究,本文解决了这个问题。

http://dwuysan.wordpress.com/2012/04/02/jax-ws-wsimport-and-the-error-mustunderstand-headers-not-understood/#comment-215

于 2014-02-14T22:46:41.537 回答
2

根据 WS 安全规范:处理器必须在解密加密的标头块后,根据 SOAP 处理指南处理解密的标头块。如果充分处理标头块所需的任何内容保持加密,或者如果解密的 SOAP 标头不被理解并且解密的标头块上的 S12:mustUnderstand 或 S11:mustUnderstand 属性的值为 true,则接收方必须引发错误。请注意,在这种情况下,为了遵守 SOAP 处理规则,处理器必须回滚处理安全标头的任何持久影响,例如存储接收到的令牌。所以请检查 CallbackHandlers 的配置。

于 2011-06-30T14:12:43.000 回答
2

问题在于处理程序。您需要在处理程序实现中添加以下内容

public Set<QName> getHeaders() {
    final QName securityHeader = new QName(
        "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
        "Security",
        "wsse");

    final HashSet headers = new HashSet();
    headers.add(securityHeader);
    return headers;
}
于 2017-12-20T13:46:24.893 回答
-2

在 SOAP UI 导航器中,

右键单击您的项目->显示项目视图->WS-Security Configurations->Outgoing WS-Security Configurations 取消选中必须理解,然后发送请求。

于 2016-11-16T08:02:36.493 回答