来自 Java 的肥皂中的 UserNameToken
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1372466/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
UserNameToken in soap from Java
提问by Yusuf
I am trying to use a gSoap-generated wsdl from Netbeans. The webservice requires that the UserNameToken be passed in. When I use the wsdl from SoapUI (which works), it sends this:
我正在尝试使用来自 Netbeans 的 gSoap 生成的 wsdl。Web 服务要求传入 UserNameToken。当我使用 SoapUI(有效)中的 wsdl 时,它会发送以下内容:
<wsse:Username>myname</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">mypass</wsse:Password>
However, when I try it from Netbeans using a handler (referred to by How do I add a SOAP Header using Java JAX-WS) like this:
但是,当我使用处理程序从 Netbeans 尝试它时(参见How do I add a SOAP Header using Java JAX-WS),如下所示:
String prefix = "wsse";
String uri = "http://...wsssecurity...";
SOAPElement securityElem = factory.createElement("Security",prefix,uri);
SOAPElement UserNametokenElem = factory.createElement("UserNameToken",prefix,uri);
SOAPElement UsernameElem = factory.createElement("wsse:Username");
UsernameElem.addTextNode("myname");
SOAPElement PasswordElem = factory.createElement("Password");
PasswordElem.addTextNode("mypass");
UserNametokenElem.addChildElement(UsernameElem);
UserNametokenElem.addChildElement(PasswordElem);
securityElem.addChildElement(UserNametokenElem);
SOAPHeader header = envelope.addHeader();
header.addChildElement(securityElem);
it generates the soap headers like this:
它生成这样的肥皂头:
<wsse:Security xmlns:wsse="http://...wsssecurity...">
<wsse:UserNameToken xmlns:wsse="http://...wsssecurity...">
<Username xmlns="">myname</Username>
<Password xmlns="">mypass</Password>
</wsse:UserNameToken>
</wsse:Security>
which causes the webservice to reply with an authentication error.
这会导致 Web 服务以身份验证错误进行回复。
My questions are therefore:
因此,我的问题是:
- How do I generate the UserNameToken in the correct way (as SoapUi does)?
- Is it better to do it using a handler, or an external WSSE library like Apache WSS4J (can someone show me some sample code for this)
- 如何以正确的方式生成 UserNameToken(就像 SoapUi 那样)?
- 使用处理程序或外部 WSSE 库(如 Apache WSS4J)是否更好(有人可以向我展示一些示例代码)
回答by Yusuf
I eventually successfully used wss4j, and did something like this:
我最终成功地使用了 wss4j,并做了这样的事情:
SOAPPart soappart = message.getSOAPPart();
SOAPEnvelope envelope = soappart.getEnvelope();
SOAPHeader header = envelope.getHeader();
WSSecHeader wsheader = new WSSecHeader();
wsheader.insertSecurityHeader(soappart);
WSSecUsernameToken token = new WSSecUsernameToken();
token.setPasswordType(WSConstants.PASSWORD_DIGEST);
token.setUserInfo("myuser", "mypass");
token.build(soappart, wsheader);
wss4j had some nested dependencies, so watch out for that.
wss4j 有一些嵌套的依赖项,所以要注意这一点。
