当前位置:theitroad>在java中需要安全的头代码

在java中需要安全的头代码

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/18798179/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-12 11:10:13  来源:igfitidea点击:

Need secure header code in java

javaweb-servicescxfsoap-client

提问by user2777452

I need to access the secure webservice. I need to pass the secure header in the soap request.Please help me to provide the custom secure header code in java.

我需要访问安全网络服务。我需要在soap请求中传递安全标头。请帮助我在java中提供自定义安全标头代码。

Requirement:

要求:

   <soapenv:Header>

 <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext">

  <wsse:UsernameToken xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
    <wsse:Username>XYZ</wsse:Username>
    <wsse:Password Type="wsse:PasswordText">security</wsse:Password>
  </wsse:UsernameToken>

i Appreciate if any one help me on this.`

如果有人帮助我,我很感激。`

回答by Mohsen Heydari

Your question is not clear!
Take a look at the articleand this topic.
BTW
If you mean having security on transport level protocols like HTTPS , you may see Apache CXF SSl support.
If you mean WS-Security above and beyond transport level protocols, such as XML-Encryption or X509 you may see Apache CXF WS-Security

你的问题不清楚!
看看这篇文章这个话题
顺便说一句,
如果您的意思是在 HTTPS 等传输级协议上具有安全性,您可能会看到Apache CXF SSL 支持
如果您的意思是 WS-Security 超越传输级协议,例如 XML-Encryption 或 X509,您可能会看到Apache CXF WS-Security

回答by Dennis Sosnoski

Seems pretty clear that you want to add a UsernameToken security header. There are at least a couple of different ways of doing this. If you have a WSDL service definition which includes the WS-SecurityPolicy component you can just set the appropriate properties to define the username and password values, as shown in thisarticle

似乎很清楚您要添加 UsernameToken 安全标头。至少有几种不同的方法可以做到这一点。如果你有一个WSDL服务定义,其中包括你可以设置相应属性来定义用户名和密码值WS-安全组件,如图文章

If you want to set this up directly (without using a policy), you can do so in your client code. Here's a sample of how this would work:`

如果您想直接设置它(不使用策略),您可以在您的客户端代码中进行设置。这是如何工作的示例:`

    // create the client stub
    MyService service = new MyService();
    MyServicePort stub = service.getMyServicePort();

    // configure UsernameToken security handling
    Map<String, Object> props = new HashMap<String, Object>();
    props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
    props.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
    props.put(WSHandlerConstants.USER, "XYZ");
    props.put(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName());
    WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(props);
    Client client = ClientProxy.getClient(stub);
    client.getOutInterceptors().add(wssOut);

...

...

/**
 * Callback for password used by WS-Security UsernameToken.
 */
public static class PasswordHandler implements CallbackHandler
{
    public void handle(Callback[] callbacks) {
        for (int i = 0; i < callbacks.length; i++) {
            WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
            pc.setPassword("security");
        }
    }
}

`

`

回答by user2777452

thanks you for your support. I used the following code for secure header , it is working fine for me.

感谢您的支持。我将以下代码用于安全标头,它对我来说很好用。

SOAPHeaderElement wsseSecurity = new SOAPHeaderElement(new PrefixedQName("http://schemas.xmlsoap.org/ws/2002/07/secext","Security", "wsse"));
            wsseSecurity.setMustUnderstand(false);
            wsseSecurity.setActor(null);
            SOAPElement sub = wsseSecurity.addChildElement("UsernameToken");
            sub.setAttribute("xmlns:wsu", "http://schemas.xmlsoap.org/ws/2002/07/utility");
            SOAPElement userElement = sub.addChildElement("Username");
            userElement.addTextNode("XYZ");         
            SOAPElement pwdElement = sub.addChildElement("Password");
            pwdElement.setAttribute("Type", "wsse:PasswordText");
            pwdElement.addTextNode("security");
            _stub.setHeader(wsseSecurity);

相关推荐

Java PreparedStatement setNull(..)

Java PreparedStatement setNull(..)

Java Hibernate HQL Count Distinct 不起作用?

Java Hibernate HQL Count Distinct 不起作用?

Java spring-mvc - 找不到带有 URI 的 HTTP 请求的映射

Java spring-mvc - 找不到带有 URI 的 HTTP 请求的映射

Axis2 的 wsdl2java 在 RPC/Encoded 样式 Web 服务上失败

Axis2 的 wsdl2java 在 RPC/Encoded 样式 Web 服务上失败

相关推荐
最近更新
标签