JAXB Header 安全 Spring-WS

Question

我正在尝试使用 JAXB 和 SpringWS 开发 Web 服务。但我有一个问题。我将 wss 安全性放在哪里以及如何创建 Header?

这是我的实际代码：

上下文SPRING客户端

    @Configuration
public class MonsterWSClientContext {

    private static final String URL = "AAA";
    private static final String TEST_URL = "TEST";
    private static final String WS_URL = TEST_URL + "/soap/WSOfferService";

    @Bean
    @Autowired
    public MonsterWSClient monsterClient(Jaxb2Marshaller marshaller) {
        MonsterWSClient client = new MonsterWSClient();
        client.setDefaultUri(WS_URL);
        client.setMarshaller(marshaller);
        client.setUnmarshaller(marshaller);
        return client;
    }


    @Bean
    public Jaxb2Marshaller marshaller() {
        Jaxb2Marshaller jaxb2Marshaller = new Jaxb2Marshaller();
        jaxb2Marshaller.setPackagesToScan(com.monster.schemas.monster.ObjectFactory.class.getPackage().getName(), 
                com.monster.schemas.monsterheader.ObjectFactory.class.getPackage().getName(), 
                com.monster.schemas.ObjectFactory.class.getPackage().getName(),
                com.monster.webservices.monsterportal.ObjectFactory.class.getPackage().getName());
        return jaxb2Marshaller;

    }

}

这是客户

public class MonsterWSClient extends WebServiceGatewaySupport {


    public JobsResponse updateJob(Job request) {

        return (JobsResponse) getWebServiceTemplate().marshalSendAndReceive(request,
                new SoapActionCallback(getDefaultUri() + "/createOffer"));
    }
}

这是主要的：

public class Test {
     public JobsResponse callMonster(String jobRefCode, String userName,
     InformazioniAnnuncio datiAnnuncio)
     {
         MonsterWSClient client = new MonsterWSClient();
         JobsResponse response = new JobsResponse();    
         return response = client.updateJob(createJob(jobRefCode, userName, datiAnnuncio));

     }
}

我已经创建了作业 object。
但我不明白我把 header 和我的凭证放在哪里。

谢谢。

Answer 1

您必须使用 spring-ws-security。使用此 link spring ws security 。此页面包含所有与安全相关的设置，您需要使用您的用户名和密码设置 Wss4jSecurityInterceptor。

像这样

    @Bean
    public Wss4jSecurityInterceptor securityInterceptor() {
    Wss4jSecurityInterceptor securityInterceptor = new   Wss4jSecurityInterceptor();
    securityInterceptor.setSecurementActions("UsernameToken");
    securityInterceptor.setSecurementUsername({username});
    securityInterceptor.setSecurementPassword({password});
    securityInterceptor.setSecurementPasswordType("PasswordText");
    securityInterceptor.setSecurementUsernameTokenElements("Created");
    return securityInterceptor;

JAXB Header 安全 Spring-WS

JAXB Header security with Spring-WS

java

spring

web-services

spring-ws

jaxb