使用 java 的客户端的 cxf 安全性 headers
cxf security headers for client using java
我的要求是实现一种使用传入的用户名和密码生成 ws 安全性 headers 的方法。
所以有人可以通过提供用户名和密码从 xslt 调用我的方法,我的方法应该能够 return 安全性 headers 并且他们可以进一步附加此安全性 headers 在 soap 请求中调用第三方网络服务。
我正在寻找 api,它可以通过获取用户名和密码生成 soap 安全性 headers。
我发现 WSS4JOutInterceptor 需要端口和服务信息,但在我的例子中我只有 2 个参数(用户名、密码)。
除了创建 SoapEnvelop 并向其添加安全元素之外,如果还有其他 api/approach,请提出建议?
<oas:Security xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <oas:UsernameToken xmlns:oas1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" oas1:Id="UsernameToken-1"> <oas:Username> lakshmi </oas:Username><oas:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MTQ2NzA5NTg3MjM5Mw==</oas:Nonce> <oas:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">uSlFkVhDynZoCXFojlM1w4UrJYY=</oas:Password><oas1:Created>2016-06-28T06:37:52.425Z</oas1:Created></oas:UsernameToken></oas:Security>
您可以使用WSS4J生成安全性header
public Node buildSecurityHeader(String username, String password)
throws WSSecurityException, ParserConfigurationException, SAXException, IOException{
//XML Document builder with a root node
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
DocumentBuilder builder = factory.newDocumentBuilder();
InputSource inStream = new InputSource();
inStream.setCharacterStream(new StringReader("<root></root>"));
Document document = builder.parse(inStream);
//<wsse:UsernameToken>
WSSecUsernameToken usernametoken = new WSSecUsernameToken();
usernametoken.setPasswordType(WSConstants.PASSWORD_DIGEST);
usernametoken.setUserInfo(username, password);
//<wsse:Security>
WSSecHeader secHeader = new WSSecHeader(document);
secHeader.insertSecurityHeader();
//Generates the Document with <root><Header><wsse:Security>...
usernametoken.build(document, secHeader);
//Extract the desired node
Node securityNode = document.getElementsByTagName("wsse:Security").item(0);
return securityNode;
}
要将节点打印为字符串,请使用此
public String nodeToString(Node node) throws TransformerFactoryConfigurationError, TransformerException {
StringWriter sw = new StringWriter();
Transformer t = TransformerFactory.newInstance().newTransformer();
t.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
t.setOutputProperty(OutputKeys.INDENT, "yes");
t.transform(new DOMSource(node), new StreamResult(sw));
return sw.toString();
}
然后这样使用
String securityHeader = nodeToString(buildSecurityHeader(username,password));
结果将与此类似。在您方便时参数化 WSSecUsernameToken
和 WSSecHeader
代码
<wsse:Security xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-39dba965-c4a8-4b2d-826e-ade8c0931f3f">
<wsse:Username>username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">BxJH0G5PzPfBFbBGimF0bq3vjsY=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">iaO1xilL6qfuN2apbSdfPQ==</wsse:Nonce>
<wsu:Created>2016-06-30T07:17:26.552Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
我的要求是实现一种使用传入的用户名和密码生成 ws 安全性 headers 的方法。
所以有人可以通过提供用户名和密码从 xslt 调用我的方法,我的方法应该能够 return 安全性 headers 并且他们可以进一步附加此安全性 headers 在 soap 请求中调用第三方网络服务。
我正在寻找 api,它可以通过获取用户名和密码生成 soap 安全性 headers。
我发现 WSS4JOutInterceptor 需要端口和服务信息,但在我的例子中我只有 2 个参数(用户名、密码)。
除了创建 SoapEnvelop 并向其添加安全元素之外,如果还有其他 api/approach,请提出建议?
<oas:Security xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <oas:UsernameToken xmlns:oas1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" oas1:Id="UsernameToken-1"> <oas:Username> lakshmi </oas:Username><oas:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MTQ2NzA5NTg3MjM5Mw==</oas:Nonce> <oas:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">uSlFkVhDynZoCXFojlM1w4UrJYY=</oas:Password><oas1:Created>2016-06-28T06:37:52.425Z</oas1:Created></oas:UsernameToken></oas:Security>
您可以使用WSS4J生成安全性header
public Node buildSecurityHeader(String username, String password)
throws WSSecurityException, ParserConfigurationException, SAXException, IOException{
//XML Document builder with a root node
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
DocumentBuilder builder = factory.newDocumentBuilder();
InputSource inStream = new InputSource();
inStream.setCharacterStream(new StringReader("<root></root>"));
Document document = builder.parse(inStream);
//<wsse:UsernameToken>
WSSecUsernameToken usernametoken = new WSSecUsernameToken();
usernametoken.setPasswordType(WSConstants.PASSWORD_DIGEST);
usernametoken.setUserInfo(username, password);
//<wsse:Security>
WSSecHeader secHeader = new WSSecHeader(document);
secHeader.insertSecurityHeader();
//Generates the Document with <root><Header><wsse:Security>...
usernametoken.build(document, secHeader);
//Extract the desired node
Node securityNode = document.getElementsByTagName("wsse:Security").item(0);
return securityNode;
}
要将节点打印为字符串,请使用此
public String nodeToString(Node node) throws TransformerFactoryConfigurationError, TransformerException {
StringWriter sw = new StringWriter();
Transformer t = TransformerFactory.newInstance().newTransformer();
t.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
t.setOutputProperty(OutputKeys.INDENT, "yes");
t.transform(new DOMSource(node), new StreamResult(sw));
return sw.toString();
}
然后这样使用
String securityHeader = nodeToString(buildSecurityHeader(username,password));
结果将与此类似。在您方便时参数化 WSSecUsernameToken
和 WSSecHeader
代码
<wsse:Security xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-39dba965-c4a8-4b2d-826e-ade8c0931f3f">
<wsse:Username>username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">BxJH0G5PzPfBFbBGimF0bq3vjsY=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">iaO1xilL6qfuN2apbSdfPQ==</wsse:Nonce>
<wsu:Created>2016-06-30T07:17:26.552Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>