通过 Java 从示例 XML 创建 SOAP 消息
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7046232/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-10-30 18:27:03 来源:igfitidea点击:
Creating SOAP message from Sample XML via Java
提问by Nidhi
I am really struggling with this . I have a webservice to call which is secured by certificate and digital signature . All this needs to be passed as a part of SOAP request which I am creating via Java code , but even after spending days on it the digital signature part which I am trying to create is not getting formed properly .
我真的很挣扎。我有一个要调用的网络服务,它由证书和数字签名保护。所有这些都需要作为我通过 Java 代码创建的 SOAP 请求的一部分传递,但即使在它上面花了几天时间,我试图创建的数字签名部分也没有正确形成。
The code creates the request properly till BinaryToken and breaks from "Name signatureToken". Looking for guidance as to what is not right in the code
代码正确创建请求,直到 BinaryToken 并从“Name signatureToken”中断。寻找有关代码中不正确之处的指导
This is the sample XML :
这是示例 XML:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1">
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="XWSSGID-1313056420712-845854837">MIIDVjCCAj6gAwIBAgIEThbQLTANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJnYjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEUMBIGA1UEChMLaGVhbHRoc29sdmUxFDASBgNVBAsTC2hlYWx0aHNvbHZlMQ4wDAYDVQQDEwVzaW1vbjAeFw0xMTA3MDgwOTM4NTNaFw0xMjA3MDIwOTM4NTNaMG0x</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="XWSSGID-13130564207092015610708">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse SOAP-ENV"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#XWSSGID-1313056421405-433059543">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>3wCcYA8m7LN0TLchG80s6zUaTJE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>ZkPCKEGpOmkhJA5Kq6oqUYU3OWQYyca676UhL
lOyRj7HQD7g0vS+wp70gY7Hos/2G7UpjmYDLPA==</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1313056421331317573418">
<wsse:Reference URI="#XWSSGID-1313056420712-845854837" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1313056421405-433059543">
</ns2:GetEhaStatusRequest>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
and the code which I have written to form the above XML via code is as :
我编写的通过代码形成上述 XML 的代码如下:
protected void setSecuritySection(SOAPFactory soapFactory, SOAPEnvelope envelope, SOAPPart soapPart) throws SOAPException, ECException {
String METHODNAME = "setSecuritySection";
KeyPairGenerator kpg;
boolean mustUnderstand = true;
SOAPHeader soapHeader = envelope.getHeader();
try {
Name securityName = soapFactory.createName("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd");
SOAPElement securityElement = soapHeader.addHeaderElement(securityName);
// SOAPHeaderElement securityElement =
// soapHeader.addHeaderElement(securityName);
// securityElement.setMustUnderstand(mustUnderstand);
Name binarySecurityToken = soapFactory.createName("BinarySecurityToken", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd");
SOAPElement binarySecurityTokenElement = securityElement.addChildElement(binarySecurityToken);
Certificate cert;
String trustStoreLocation = ServerInformation.getValueForWebsphereVariable("EHA_TRUSTSTORE");
String trustStorePwd = ServerInformation.getValueForWebsphereVariable("EHA_TRUSTSTORE_PWD");
InputStream path = new FileInputStream(trustStoreLocation);
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(path, new String(new BASE64Decoder().decodeBuffer(trustStorePwd)).toCharArray());
cert = ks.getCertificate("test");
binarySecurityTokenElement.addTextNode(new BASE64Encoder().encode(cert.getEncoded()));
kpg = KeyPairGenerator.getInstance("DSA");
Name idToken = soapFactory.createName("Id", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd");
SOAPElement idElement = binarySecurityTokenElement.addChildElement(idToken);
idElement.addTextNode("test");
Name valueTypeToken = soapFactory.createName("ValueType", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3");
SOAPElement valueTypeElement = binarySecurityTokenElement.addChildElement(valueTypeToken);
valueTypeElement.addTextNode("X509v3");
Name encodingTypeToken = soapFactory.createName("EncodingType", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
SOAPElement encodingTypeElement = binarySecurityTokenElement.addChildElement(encodingTypeToken);
encodingTypeElement.addTextNode("Base64Binary");
Name signatureToken = soapFactory.createName("Signature", "ds", "http://www.w3.org/2000/09/xmldsig#");
SOAPHeaderElement signElement = soapHeader.addHeaderElement(signatureToken);
Name id1 = soapFactory.createName("Id");
signElement.addAttribute(id1,"XWSSGID-13130564207092015610708");
Name signedInfo = soapFactory.createName("SignedInfo");
SOAPElement signInfoElement = signElement.addChildElement(signedInfo);
//SOAPHeaderElement signInfoElement = soapHeader.addHeaderElement(signedInfo);
Name canonicalToken = soapFactory.createName("CanonicalizationMethod");
SOAPElement canonicalTokenTokenElement = signInfoElement.addChildElement(canonicalToken);
Name alg = soapFactory.createName("Algorithm");
canonicalTokenTokenElement.addAttribute(alg,"http://www.w3.org/2001/10/xml-exc-c14n#");
Name InclusiveNamespaceToken = soapFactory.createName("InclusiveNamespaces", "wsse", "http://www.w3.org/2001/10/xml-exc-c14n#");
SOAPElement element = canonicalTokenTokenElement.addChildElement(InclusiveNamespaceToken);
Name prefixList = soapFactory.createName("PrefixList");
element.addAttribute(prefixList,"wsse SOAP-ENV");
Name signatureMethodToken = soapFactory.createName("SignatureMethod","ds", "http://www.w3.org/2000/09/xmldsig#rsa-sha1");
SOAPElement signatureMethodTokenElement = signInfoElement.addChildElement(signatureMethodToken);
Name alg2 = soapFactory.createName("Algorithm");
signatureMethodTokenElement.addAttribute(alg2,"http://www.w3.org/2000/09/xmldsig#rsa-sha1");
Name referenceToken = soapFactory.createName("Reference", "ds", "#XWSSGID-1313056421405-433059543");
SOAPElement referenceTokenElement = signatureMethodTokenElement.addChildElement(referenceToken);
Name uri = soapFactory.createName("URI");
referenceTokenElement.addAttribute(uri,"#XWSSGID-1313056421405-433059543");
Name digestMethodAlgToken = soapFactory.createName("DigestMethod");
SOAPElement digestMethodAlgTokenElement = referenceTokenElement.addChildElement(digestMethodAlgToken);
Name alg3 = soapFactory.createName("Algorithm");
digestMethodAlgTokenElement.addAttribute(alg3,"http://www.w3.org/2000/09/xmldsig#sha1");
Name digestValueToken = soapFactory.createName("DigestValue" ,"ds" , "3wCcYA8m7LN0TLchG80s6zUaTJE=");
SOAPElement digestValueTokenElement = referenceTokenElement.addChildElement(digestValueToken);
digestValueTokenElement.addTextNode("3wCcYA8m7LN0TLchG80s6zUaTJE=");
Name signValueToken = soapFactory.createName("SignatureValue");
SOAPElement signValueElement = signElement.addChildElement(signValueToken);
signValueElement.addTextNode("QlYfURFjcYPu41G31bXgP4JbFdg6kWH+8ofrY+oc22FvLqVMUW3zdtvZN==");
Name keyInfoToken = soapFactory.createName("KeyInfo") ;
SOAPElement keyInfoElement = signElement.addChildElement(keyInfoToken);
Name securityRefToken = soapFactory.createName("SecurityTokenReference" ,"wsse" , "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
SOAPElement securityRefElement = keyInfoElement.addChildElement(securityRefToken);
Name id2 = soapFactory.createName("Id","wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
securityRefElement.addAttribute(id2,"XWSSGID-1313056421331317573418");
Name referenceURIToken = soapFactory.createName("Reference", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-tokenprofile1.0#X509v3");
SOAPElement refElement = securityRefElement.addChildElement(referenceURIToken);
Name uri1 = soapFactory.createName("URI");
refElement.addAttribute(uri1,"#XWSSGID-1313056420712-845854837");
Name valType = soapFactory.createName("ValueType");
refElement.addAttribute(valType,"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3");
} catch (Exception ex) {
throw new SOAPException(ex);
}
回答by Koray Güclü
why don't you use spring web services security?
你为什么不使用spring web services security?
http://static.springsource.org/spring-ws/site/reference/html/security.html
http://static.springsource.org/spring-ws/site/reference/html/security.html
