java 带有 Apache CXF 的 WS-Security UsernameToken
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/26599983/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
WS-Security UsernameToken with Apache CXF
提问by user1007895
I have a java application that interacts with a SOAP service. I used the WSDL to generate a java client via CXF, but I need to authenticate my calls using ws-security. I am looking for a code-only way to do this, and I don't have any xml configurations. This is what I have tried:
我有一个与 SOAP 服务交互的 Java 应用程序。我使用 WSDL 通过 CXF 生成 Java 客户端,但我需要使用 ws-security 验证我的调用。我正在寻找一种仅代码方式来执行此操作,并且我没有任何 xml 配置。这是我尝试过的:
Map ctx = ((BindingProvider)port).getRequestContext();
ctx.put("ws-security.username", "joe");
ctx.put("ws-security.password", "joespassword");
port.makeSoapCall();
But I get a parse error for invalid WS-Security header. What is the right way to do this?
但是我收到无效 WS-Security 标头的解析错误。这样做的正确方法是什么?
In SOAP UI, I can do this easily by right-clicking the soap header, clicking "Add WSS UsernameToken", and selecting "Password Text"
在 SOAP UI 中,我可以通过右键单击 soap 标头,单击“添加 WSS 用户名令牌”,然后选择“密码文本”来轻松完成此操作
回答by Sonali
You are using WS-SecurityPolicy as per the code you shared. How about using WS-Security only and sending across the usernametoken using WSS4JOutInterceptor?
您正在根据您共享的代码使用 WS-SecurityPolicy。如何仅使用 WS-Security 并使用 WSS4JOutInterceptor 跨用户名令牌发送?
Check the section "Adding the interceptors via the API" in apache cfx ws-security guide here : http://cxf.apache.org/docs/ws-security.html
在 apache cfx ws-security 指南中检查“通过 API 添加拦截器”部分:http: //cxf.apache.org/docs/ws-security.html
This is what needs to be done as per the above apache cxf documenation above. You might only need the out interceptor path.
这是根据上面的 apache cxf 文档需要完成的工作。您可能只需要 out 拦截器路径。
On the client side, you can obtain a reference to the CXF endpoint using the ClientProxy helper:
在客户端,您可以使用 ClientProxy 帮助程序获取对 CXF 端点的引用:
import org.apache.cxf.frontend.ClientProxy;
...
GreeterService gs = new GreeterService();
Greeter greeter = gs.getGreeterPort();
...
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(greeter);
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
Now you're ready to add the interceptors:
现在您已准备好添加拦截器:
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
...
Map<String,Object> inProps = new HashMap<String,Object>();
... // how to configure the properties is outlined below;
WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
cxfEndpoint.getInInterceptors().add(wssIn);
Map<String,Object> outProps = new HashMap<String,Object>();
outProps.put("action", "UsernameToken Timestamp");
outProps.put("passwordType", "PasswordDigest"); //remove this line if want to use plain text password
outProps.put("user", "abcd");
outProps.put("passwordCallbackClass", "demo.wssec.client.UTPasswordCallback");
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
You will need to write password callback class (UTPasswordCallback) in the example above.
您将需要在上面的示例中编写密码回调类 (UTPasswordCallback)。
Apache cxf has a complete sample for UserName token here: http://svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/ws_security/ut/
Apache cxf 有一个完整的用户名令牌示例:http: //svn.apache.org/repos/asf/cxf/trunk/distribution/src/main/release/samples/ws_security/ut/
From the above link browse to client folder (src/main/java/demo/wssec/client) for user name token and UTPasswordCallback code.
从上面的链接浏览到用户名令牌和 UTPasswordCallback 代码的客户端文件夹 (src/main/java/demo/wssec/client)。
EDIT: If your wsdl expects password as plain text then just remove this line from the code: outProps.put("passwordType", "PasswordDigest");
编辑:如果您的 wsdl 期望密码为纯文本,那么只需从代码中删除这一行: outProps.put("passwordType", "PasswordDigest");
回答by Colm O hEigeartaigh
You could take a look at the "ws-security/ut" demo that ships with CXF, this shows how to add a UsernameToken programmatically. Here is the client code:
您可以查看 CXF 附带的“ws-security/ut”演示,它展示了如何以编程方式添加 UsernameToken。这是客户端代码:
Colm.
科尔姆。
