5

请帮助:我正在尝试从 SOAPUI 调用 WebService,我注意到该服务需要我通过请求参数提供的用户名和密码。我注意到原始 XML 包含添加到 SOAPHeader 的用户/密码片段。片段如下:

<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-3" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Username>testuser</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testpassword&amp;</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">RYadQak91mr7dB+5hyt8yw==</wsse:Nonce><wsu:Created>2011-10-24T20:13:43.039Z</wsu:Created></wsse:UsernameToken>
</wsse:Security>

现在,我想通过添加用户/密码详细信息来实现相同的目标,如下面的代码:代码片段是:

org.tempuri.myService.MyServiceStub stub = new  org.tempuri.myService.MyServiceStub();

ServiceClient sc = stub._getServiceClient();
HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
auth.setUsername("testuser");
auth.setPassword("password$");

sc.getOptions().setProperty(org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE,auth);

org.tempuri.myService.MyServiceDocument myService4 = (org.tempuri.myService.MyServiceDocument)getTestObject(org.tempuri.myService.MyServiceDocument.class);

MyService lval = MyService4.addNewMyService();

MyServiceParameters lvParams = lval.addNewParameters();
lvParams.setA("24");
lvParams.setB("10");

lval.setParameters(lvParams);
myService4.setMyService(lval);

但是我得到以下轴故障异常,需要帮助解决我对上述代码所做的错误。轴故障异常详细信息:

org.apache.axis2.AxisFault: Exception occurred while executing service 'MyService'.
    at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.tempuri.myService.MyServiceStub.myService(MyServiceStub.java:182)
    at org.tempuri.myService.MyServiceTest.main(MyServiceTest.java:55)

MyServiceResponseDocument lvdoc = stub.myService(myService4);
4

3 回答 3

15

我自己解决了这个问题,这个片段可能会帮助一些想要添加额外参数的人(至少这对我有用):

代码片段如下:

OMFactory omFactory = OMAbstractFactory.getOMFactory();
OMElement omSecurityElement = omFactory.createOMElement(new QName( "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security", "wsse"), null);


OMElement omusertoken = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "UsernameToken", "wsu"), null);

OMElement omuserName = omFactory.createOMElement(new QName("", "Username", "wsse"), null);
omuserName.setText("myusername");

OMElement omPassword = omFactory.createOMElement(new QName("", "Password", "wsse"), null);
omPassword.addAttribute("Type","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText",null );
omPassword.setText("mypassword");

omusertoken.addChild(omuserName);
omusertoken.addChild(omPassword);
omSecurityElement.addChild(omusertoken);
stub._getServiceClient().addHeader(omSecurityElement);
于 2011-10-28T00:43:36.000 回答
1

对于其他在无效安全标头中苦苦挣扎的人-Shiv Gopal 的答案对我不起作用-我收到了 WSS1613:不支持安全标头中的元素 UsernameToken。

在将我的 Metro 客户端与我的 axis2 客户端进行基本比较并将每个片段修改为 1:1 之后,它归结为:

改变

OMElement omusertoken = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "UsernameToken", "wsu"), null);


OMElement omusertoken = omFactory.createOMElement(new QName(null, "wsse:UsernameToken", "wsse"), null);

现在身份验证有效

于 2015-03-18T10:58:18.517 回答
0

由axis2:wsdl2code生成的存根类中的脏代码帮助了我:

    public void addWsSecurityHeader(String wsUser, String wsPass)
        {

    OMFactory omFactory = OMAbstractFactory.getOMFactory();
    OMElement omSecurityElement = omFactory.createOMElement(new QName( "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security", "wsse"), null);
            omSecurityElement.addAttribute("xmlns:wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-%20wssecurity-utility-1.0.xsd",  null);


    OMElement omusertoken = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken", "wsse"), null);
    omusertoken.addAttribute("wsu:Id","UsernameToken-87",null );

    OMElement omuserName = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd","Username", "wsse"), null);
    omuserName.setText(wsUser);

    OMElement omPassword = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd","Password", "wsse"), null);
    omPassword.addAttribute("Type","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText",null );
    omPassword.setText(wsPass);

    omusertoken.addChild(omuserName);
    omusertoken.addChild(omPassword);
    omSecurityElement.addChild(omusertoken);
    this._getServiceClient().addHeader(omSecurityElement);
}

它产生了正确的值

 ...<wsse:UsernameToken wsu:Id="UsernameToken-87">

啊……

因为当子元素的命名空间与父元素的命名空间一致时,输出的子元素就没有它。所以你不应该使用空的命名空间来生成没有它的标签。但是我还没有找到如何为同一个标签设置几个 xmlns,所以我做了一个肮脏的黑客来创建第二个 xmlns 作为标签属性。可能是我错了,但它奏效了。

于 2019-01-30T21:59:53.103 回答