使用 CXF 和 Camel 调用安全网络服务
Calling secure webservice using CXF and Camel
我正在尝试在 https URL 上调用 SOAP 网络服务,其中需要客户端身份验证 (SSL)。
现在我正在使用 spring 配置我的 camel 上下文(从蓝图切换)并使用 Camel CXF 组件创建我的端点,并使用码头作为传输。
我找不到任何好的例子。也许我应该使用 http4 而不是 Jetty。我试图设置一些 Camel sslContextParameters,但我看不到它与 CXF and/or Jetty 一起工作。
谁能给我指出正确的方向?
首先,如果您要调用 SOAP 服务,则需要使用 camel-cxf 组件,而不是 camel-cxfrs。后者用于 REST 端点。
您说需要客户端授权,但您没有指定是哪种类型。鉴于您谈论的是 SSL,我假设您需要同时配置 SSL 和 HTTP Auth。
对于 SSL,请查看:https://camel.apache.org/camel-configuration-utilities.html 和
https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.0/html/Security_Guide/files/CamelCXF-SecureClient.html.
对于 HTTP 基本身份验证,请查看此处的 username 和 password 选项:https://camel.apache.org/cxf.html.
多亏了 raulk,我才能够创建一个有效的 spring 配置来访问安全的网络服务。我使用 wsdl2java (CXF) 生成 Java 代码,用于为我正在调用的服务创建客户端端点。
这是我的spring配置:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://www.springframework.org/schema/beans"
xmlns:camel="http://camel.apache.org/schema/spring"
xmlns:cxf="http://camel.apache.org/schema/cxf"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xmlns:sec="http://cxf.apache.org/configuration/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
">
<!-- My camel routes -->
<bean id="myClientRoute" class="com.mycompany.myWebserviceClientRouteBuilder"/>
<!-- Name of conduit must match the target namespace and service name of the @WebService identifier in the autogenerated webservice interface -->
<http:conduit name="{targetNamespace}WebserviceName.http-conduit">
<http:tlsClientParameters>
<sec:keyManagers keyPassword="Test1234">
<sec:keyStore password="Test1234" type="JKS"
resource="classpath:certs/myKeystore.jks" />
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore password="Test1234" type="JKS"
resource="classpath:certs/myTruststore.jks" />
</sec:trustManagers>
<sec:cipherSuitesFilter>
<sec:include>.*_WITH_3DES_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:exclude>.*_WITH_NULL_.*</sec:exclude>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
<cxf:cxfEndpoint id="myRemoteWebserviceEndpoint"
address="{{HTTPS_ADDRESS_OF_REMOTE_WEBSERVICE_PROPERTYE}}"
serviceClass="com.autogenerated.ServiceClassFromWSDL">
</cxf:cxfEndpoint>
<camel:camelContext id="myCamelContext">
<camel:routeBuilder ref="myClientRoute"/>
</camel:camelContext>
</beans>
我的骆驼路线是这样的:
public void configure() throws Exception {
from("direct:in")
//Create SOAP request headers and body
.bean(RequestGenrator.class, "createRequest")
//Call webservice
.to("cxf:bean:myRemoteWebserviceEndpoint?dataFormat=MESSAGE")
.bean(ResponseHandler.class, "extractResponse");
}
我正在尝试在 https URL 上调用 SOAP 网络服务,其中需要客户端身份验证 (SSL)。
现在我正在使用 spring 配置我的 camel 上下文(从蓝图切换)并使用 Camel CXF 组件创建我的端点,并使用码头作为传输。
我找不到任何好的例子。也许我应该使用 http4 而不是 Jetty。我试图设置一些 Camel sslContextParameters,但我看不到它与 CXF and/or Jetty 一起工作。
谁能给我指出正确的方向?
首先,如果您要调用 SOAP 服务,则需要使用 camel-cxf 组件,而不是 camel-cxfrs。后者用于 REST 端点。
您说需要客户端授权,但您没有指定是哪种类型。鉴于您谈论的是 SSL,我假设您需要同时配置 SSL 和 HTTP Auth。
对于 SSL,请查看:https://camel.apache.org/camel-configuration-utilities.html 和 https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.0/html/Security_Guide/files/CamelCXF-SecureClient.html.
对于 HTTP 基本身份验证,请查看此处的 username 和 password 选项:https://camel.apache.org/cxf.html.
多亏了 raulk,我才能够创建一个有效的 spring 配置来访问安全的网络服务。我使用 wsdl2java (CXF) 生成 Java 代码,用于为我正在调用的服务创建客户端端点。
这是我的spring配置:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://www.springframework.org/schema/beans"
xmlns:camel="http://camel.apache.org/schema/spring"
xmlns:cxf="http://camel.apache.org/schema/cxf"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xmlns:sec="http://cxf.apache.org/configuration/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
">
<!-- My camel routes -->
<bean id="myClientRoute" class="com.mycompany.myWebserviceClientRouteBuilder"/>
<!-- Name of conduit must match the target namespace and service name of the @WebService identifier in the autogenerated webservice interface -->
<http:conduit name="{targetNamespace}WebserviceName.http-conduit">
<http:tlsClientParameters>
<sec:keyManagers keyPassword="Test1234">
<sec:keyStore password="Test1234" type="JKS"
resource="classpath:certs/myKeystore.jks" />
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore password="Test1234" type="JKS"
resource="classpath:certs/myTruststore.jks" />
</sec:trustManagers>
<sec:cipherSuitesFilter>
<sec:include>.*_WITH_3DES_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:exclude>.*_WITH_NULL_.*</sec:exclude>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
</http:tlsClientParameters>
</http:conduit>
<cxf:cxfEndpoint id="myRemoteWebserviceEndpoint"
address="{{HTTPS_ADDRESS_OF_REMOTE_WEBSERVICE_PROPERTYE}}"
serviceClass="com.autogenerated.ServiceClassFromWSDL">
</cxf:cxfEndpoint>
<camel:camelContext id="myCamelContext">
<camel:routeBuilder ref="myClientRoute"/>
</camel:camelContext>
</beans>
我的骆驼路线是这样的:
public void configure() throws Exception {
from("direct:in")
//Create SOAP request headers and body
.bean(RequestGenrator.class, "createRequest")
//Call webservice
.to("cxf:bean:myRemoteWebserviceEndpoint?dataFormat=MESSAGE")
.bean(ResponseHandler.class, "extractResponse");
}