java org.apache.cxf.ws.policy.PolicyException:无法满足任何策略选择
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/31962342/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
org.apache.cxf.ws.policy.PolicyException: None of the policy alternatives can be satisfied
提问by Kamil Roman
I would like to write a simple integration test with JUnit and Apache CXF to test some WS-Security-enabled services. While I try to run my code:
我想用 JUnit 和 Apache CXF 编写一个简单的集成测试来测试一些支持 WS-Security 的服务。当我尝试运行我的代码时:
MyService myService = new myWsService(MY_SERVICE_WSDL).getMyWs()
Client client = ClientProxy.getClient(myService);
Map<String, Object> ctx = ((BindingProvider) myService).getRequestContext();
ctx.put("ws-security.callback-handler", new KeystorePasswordCallback());
ctx.put("ws-security.signature.crypto", new MyMerlinImpl());
Where MyMerlinImpl simply passes required Merln.* property values in overridden loadPropertiesmethod,
MyMerlinImpl 只是在重写loadProperties方法中传递所需的 Merln.* 属性值,
I get:
我得到:
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InitiatorToken registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}WssX509V1Token11 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequireIssuerSerialReference registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RecipientToken registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AlgorithmSuite registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Basic256Sha256 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InclusiveC14N registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Layout registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Strict registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}OnlySignEntireHeadersAndBody registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Wss11 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}MustSupportRefIssuerSerial registered.
org.apache.cxf.ws.policy.PolicyException: None of the policy alternatives can be satisfied.
What am I doing wrong? These seem to be rather standard policies... In fact, I use the same code on a JBoss EAP 6.1 WS client and it works well.
我究竟做错了什么?这些似乎是相当标准的策略……事实上,我在 JBoss EAP 6.1 WS 客户端上使用了相同的代码,并且运行良好。
采纳答案by Kamil Roman
Finally solved this by adding WSS4JOutInterceptor. It seems that in JBoss this interceptor is added automatically...
最后通过添加 WSS4JOutInterceptor 解决了这个问题。似乎在JBoss中这个拦截器是自动添加的......
Client client = ClientProxy.getClient(myService);
Endpoint endpoint = client.getEndpoint()
endpoint.getOutInterceptors().add(new WSS4JOutInterceptor())
回答by Colm O hEigeartaigh
Do you have the cxt-rt-ws-security jar on the classpath?
你在类路径上有 cxt-rt-ws-security jar 吗?
Colm.
科尔姆。
回答by Abhishek Galoda
Answer given by Chetan works, however, if you are getting error for multiple policies you need to add them in a Set
Chetan 给出的答案有效,但是,如果您收到多个策略的错误,则需要将它们添加到一个集合中
org.apache.cxf.endpoint.Client client =
org.apache.cxf.frontend.ClientProxy.getClient(port);
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
Bus bus = client.getBus();
PolicyInterceptorProviderRegistry reg = bus.getExtension(PolicyInterceptorProviderRegistry.class);
Set <QName> set = new HashSet<>();
set.add(new QName("http://schemas.xmlsoap.org/ws/2005/07/securitypolicy", "IncludeTimestamp") );
set.add(new QName("http://schemas.xmlsoap.org/ws/2005/07/securitypolicy", "TransportBinding"));
reg.register(new IgnorablePolicyInterceptorProvider(set));
回答by hello_earth
My own two cents : in my own special scenario (JAX-WS, WS-Security, WS-SecurityPolicy), this error was occuring when doing client.getConduit(), like below:
我自己的两分钱:在我自己的特殊场景(JAX-WS、WS-Security、WS-SecurityPolicy)中,在执行 client.getConduit() 时发生此错误,如下所示:
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(port);
HTTPConduit conduit = (HTTPConduit) client.getConduit();
The above code was running without throwing any exceptions (although I had other problems later), when using Apache CXF 2.7.18 - I started to have problems with assertion builder when upgrading to Apache CXF 3.0.16. Now cxt-rt-ws-security JAR WAS on the classpath, but it seems that WSS4J in this version of CXF was split into multiple JARs, therefore I had to include wss4j-policy JAR from the CXF downloaded bundle to the classpath.
当使用 Apache CXF 2.7.18 时,上面的代码运行时没有抛出任何异常(尽管我后来遇到了其他问题) - 升级到 Apache CXF 3.0.16 时,我开始遇到断言构建器的问题。现在 cxt-rt-ws-security JAR 在类路径上,但似乎这个版本的 CXF 中的 WSS4J 被拆分为多个 JAR,因此我不得不将 wss4j-policy JAR 从 CXF 下载包中包含到类路径中。
The error remained the same, but at least a long string of WARNings from assertion builder disappeared (No assertion builder for type T registered), being replaced now by:
错误保持不变,但至少一长串来自断言构建器的警告消失了(没有注册类型 T 的断言构建器),现在被替换为:
13:45:55,723 WARN WSSecurityPolicyLoader,main:112 - Could not load or register WS-SecurityPolicy related classes. Please check that (the correct version of) Apache WSS4J is on the classpath: org/apache/wss4j/dom/handler/WSHandler
13:45:55,753 WARN WSSecurityPolicyLoader,main:112 - Could not load or register WS-SecurityPolicy related classes. Please check that (the correct version of) Apache WSS4J is on the classpath: org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor
13:45:55,723 警告 WSSecurityPolicyLoader,main:112 - 无法加载或注册 WS-SecurityPolicy 相关类。请检查(正确版本)Apache WSS4J 是否在类路径上:org/apache/wss4j/dom/handler/WSHandler
13:45:55,753 警告 WSSecurityPolicyLoader,main:112 - 无法加载或注册 WS-SecurityPolicy 相关类。请检查(正确版本)Apache WSS4J 是否在类路径上:org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor
To make the story short, I received other warnings (I was finding the JARs by doing a blind grep inside the lib directory of the CXF bundle, and including them one by one),
and ended up including all wss4j-*.jar files
简而言之,我收到了其他警告(我通过在 CXF 包的 lib 目录中执行盲目的 grep 来查找 JAR,并将它们一个一个地包含在内),
最终包含所有 wss4j-*.jar 文件
And the call to getConduit() now passes at least. Whew.
对 getConduit() 的调用现在至少通过了。哇。
回答by Chetan
If the Policy defined in the WSDL file is non standard, then CXF will not be able resolve it.Hence the error.
如果 WSDL 文件中定义的策略是非标准的,则 CXF 将无法解决它。因此会出现错误。
There are two way - Either you can ignore it (if its okay to ignore) or provide an alternate provider.
有两种方法 - 您可以忽略它(如果可以忽略)或提供备用提供程序。
To ignore - create an instance of IgnorablePolicyInterceptorProvider and register it.
忽略 - 创建 IgnorablePolicyInterceptorProvider 的实例并注册它。
Below is example for ignoring NtlmAuthentication policy if defined in your WSDL. Note: NtlmAuthentication should be handled differently than setting soap header.
下面是忽略在 WSDL 中定义的 NtlmAuthentication 策略的示例。注意: NtlmAuthentication 的处理方式应与设置 soap 标头不同。
Client client = ClientProxy.getClient(port);
Bus bus = client.getBus();
PolicyInterceptorProviderRegistry pipr = bus.getExtension(PolicyInterceptorProviderRegistry.class);
QName ntmlIgnore = new QName("http://schemas.microsoft.com/ws/06/2004/policy/http", "NtlmAuthentication");
interceptorRegProvider.register(new IgnorablePolicyInterceptorProvider(ntmlIgnore));
