java 将 BinarySecurityToken 添加到 cxf 标头
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5679547/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Adding a BinarySecurityToken to cxf header
提问by Jan Gorman
I've been pulling my hair out over this one and I just can't get it to work. I have a webservice I call that generates a security token which then needs to be passed to the subsequent service calls inside of the SOAP header. I got that part working just fine but the header part is tripping me up (I generated the client using cxf wsdl2java). This is the part that should be added:
我一直在把我的头发拉到这个上面,但我无法让它发挥作用。我有一个我调用的 web 服务,它生成一个安全令牌,然后需要将其传递给 SOAP 标头内的后续服务调用。我让那部分工作得很好,但标题部分让我感到困惑(我使用 cxf wsdl2java 生成了客户端)。这是应该添加的部分:
<wsse:BinarySecurityToken ValueType="XXXX" EncodingType="wsse:Base64Binary" wsu:Id="SecurityToken">
My token
</wsse:BinarySecurityToken>
I tried using a WSS4JOutInterceptor like this:
我尝试使用这样的 WSS4JOutInterceptor:
Endpoint endpoint = client.getEndpoint();
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put("SecurityToken", MY-TOKEN);
endpoint.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
but that didn't work. And I tried directly adding it to the header like this (as per this question):
但这没有用。我尝试像这样直接将它添加到标题中(根据这个问题):
List<Header> headers = new ArrayList<Header>();
SOAPFactory sf = SOAPFactory.newInstance();
SOAPElement authElement = sf.createElement(new QName(null, "wsse:BinarySecurityToken"));
authElement.setAttribute("ValueType", "XXXX");
authElement.setAttribute("EncodingType", "wsse:Base64Binary");
authElement.setAttribute("wsu:Id", "SecurityToken");
authElement.addTextNode(MY-TOKEN);
SoapHeader tokenHeader = new SoapHeader(
new QName(null, "wsse:BinarySecurityToken"), authElement);
headers.add(tokenHeader);
((BindingProvider) service).getRequestContext().put(Header.HEADER_LIST, headers);
and it looks almost ok
看起来几乎没问题
<soap:Header><BinarySecurityToken EncodingType="wsse:Base64Binary" ValueType="XXXX" wsu:Id="SecurityToken">MY-TOKEN</BinarySecurityToken></soap:Header>
The BinarySecurityToken part is missing the wsse: prefix though and the call fails.
BinarySecurityToken 部分缺少 wsse: 前缀,但调用失败。
Has anyone gotten something similar to work – or am I doing it completely wrong?
有没有人得到过与工作类似的东西——还是我做的完全错了?
采纳答案by Jan Gorman
@zengr Yes, I finally figured it out, it was missing the namespaces so what I did was this:
@zengr 是的,我终于想通了,它缺少命名空间,所以我所做的是:
private static final String XMLNS_WSU = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
private static final String XSD_WSSE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
final List<Header> headers = new ArrayList<Header>();
final SOAPFactory sf = SOAPFactory.newInstance();
final SOAPElement securityElement = sf.createElement("Security", "wsse", XSD_WSSE);
final SOAPElement authElement = sf.createElement("BinarySecurityToken", "wsse", XSD_WSSE);
authElement.setAttribute("ValueType", "WASP");
authElement.setAttribute("EncodingType", "wsse:Base64Binary");
authElement.setAttribute("wsu:Id", "SecurityToken");
authElement.addAttribute(new QName("xmlns:wsu"), XMLNS_WSU);
authElement.addTextNode(StringUtils.replace(SessionToken.getEncodedSessionToken(), "\n", ""));
securityElement.addChildElement(authElement);
final SoapHeader securityHeader = new SoapHeader(
new QName(null, "Security"), securityElement);
headers.add(securityHeader);
((BindingProvider) interactiveService).getRequestContext().put(Header.HEADER_LIST, headers);
And that did the trick
这就是诀窍
回答by Taavi Ilves
Thank you. I had similar case except I had to add token within an element of an element under header. This is trivial, but I paste solution here for more complete documentation.
谢谢你。我有类似的情况,除了我必须在标题下的元素的元素中添加标记。这是微不足道的,但我在这里粘贴解决方案以获得更完整的文档。
String token = "authentication token given from service";
SOAPFactory sf = SOAPFactory.newInstance();
SOAPElement authElement = sf.createElement(new QName("urn:example.com", "Authentication"));
SOAPElement tokenElement = sf.createElement(new QName(null, "AuthenticationToken"));
tokenElement.addTextNode(token);
authElement.addChildElement(tokenElement);
List<Header> headers = new ArrayList<Header>();
Header dummyHeader = new Header(new QName("urn:example.com"), authElement);
headers.add(dummyHeader);
which resulted in
这导致
<S:Header><Authentication xmlns="urn:example.com"><AuthenticationToken>authentication token given from service</AuthenticationToken></Authentication></S:Header>
