Axis2 客户端抛出 AxisFault:Must Understand check failed for header Security
Axis2 Client Throws AxisFault: Must Understand check failed for header Security
我使用的是 Axis2-1.6.1,并且能够成功发送 SOAP 请求。这是请求的示例:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="true">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>***username***</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">***pass***</wsse:Password>
<wsse:Nonce Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">***nonce***</wsse:Nonce>
<wsu:Created Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">***datetime***</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
<wsa:Action xmlns:wsa="http://www.w3.org/2005/08/addressing">http://mysite/contract/users/v3/IUsers/EchoAuthenticated</wsa:Action>
</soapenv:Header>
<soapenv:Body>
<ns6:EchoAuthenticated xmlns:ns6="http://mysite/contract/users/v3">
<ns6:value>success</ns6:value>
</ns6:EchoAuthenticated>
</soapenv:Body>
</soapenv:Envelope>
收到响应后,抛出此异常:
org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security
我的印象是,在进行一些研究之后,Axis2 不喜欢响应中的某些内容。感到困惑,我复制了上面的请求并将其粘贴到 SoapUI 中并触发了它。它有效,我收到以下回复。我还使用 Fiddler 确认,这与我在 Eclipse 中发送此请求时得到的响应相同,只是 Axis2 不喜欢客户端,也许是 mustUnderstand?
这是回复:
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://mysite/contract/users/v3/IUsers/EchoAuthenticatedResponse</a:Action>
<a:RelatesTo>urn:uuid:***guid***</a:RelatesTo>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>***datetime***</u:Created>
<u:Expires>***datetime***</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body>
<EchoAuthenticatedResponse xmlns="http://mysite/contract/users/v3">
<EchoAuthenticatedResult>This is the Users service answering back. The value you sent was: success</EchoAuthenticatedResult>
</EchoAuthenticatedResponse>
</s:Body>
</s:Envelope>
我无法转移到较新版本的 Axis2,因为它与产品捆绑在一起,但我需要找出如何解决此错误。
我找到了一种解决方案,即在对 false
的响应中设置 mustUnderstand 个实例
为此我做了以下工作:
创建一个扩展 *org.apache.axis2.handlers.AbstractHandler
的处理程序 class
MustUnderstandHandler.java
import java.util.Iterator;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPHeader;
import org.apache.axiom.soap.SOAPHeaderBlock;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
public class MustUnderstandHandler extends org.apache.axis2.handlers.AbstractHandler {
@Override
public InvocationResponse invoke(MessageContext messageContext) throws AxisFault {
try{
System.out.println("RemoveMustUnderstandAll: invoke " + messageContext);
SOAPEnvelope env = messageContext.getEnvelope();
SOAPHeader header = env.getHeader();
if(header != null){
for(Iterator<?> itr = header.getChildElements(); itr.hasNext();){
SOAPHeaderBlock headerBlock = (SOAPHeaderBlock) itr.next();
if(headerBlock.getMustUnderstand()){
headerBlock.setMustUnderstand(false);
System.out.println("RemoveMustUnderstandAll (" + messageContext + "): setMustUnderstand(false) to " + headerBlock.getQName());
}
}
}
}
catch(Exception e){
System.out.println(e.toString());
}
return InvocationResponse.CONTINUE;
}
}
连接 AxisConfiguration 以使用处理程序 class
在生成的存根(从 WSDL2Java 创建)中,我找到了它正在执行客户端的实例,并且在每一行之前我包括了以下内容:
MyStub.java
AxisConfiguration axisConfiguration = _messageContext.getConfigurationContext().getAxisConfiguration();
ArrayList arrayList = new ArrayList();
arrayList.add(new MustUnderstandHandler());
axisConfiguration.setInPhasesUptoAndIncludingPostDispatch(arrayList);
// execute the operation client
_operationClient.execute(true);
我使用的是 Axis2-1.6.1,并且能够成功发送 SOAP 请求。这是请求的示例:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="true">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>***username***</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">***pass***</wsse:Password>
<wsse:Nonce Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">***nonce***</wsse:Nonce>
<wsu:Created Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">***datetime***</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
<wsa:Action xmlns:wsa="http://www.w3.org/2005/08/addressing">http://mysite/contract/users/v3/IUsers/EchoAuthenticated</wsa:Action>
</soapenv:Header>
<soapenv:Body>
<ns6:EchoAuthenticated xmlns:ns6="http://mysite/contract/users/v3">
<ns6:value>success</ns6:value>
</ns6:EchoAuthenticated>
</soapenv:Body>
</soapenv:Envelope>
收到响应后,抛出此异常:
org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security
我的印象是,在进行一些研究之后,Axis2 不喜欢响应中的某些内容。感到困惑,我复制了上面的请求并将其粘贴到 SoapUI 中并触发了它。它有效,我收到以下回复。我还使用 Fiddler 确认,这与我在 Eclipse 中发送此请求时得到的响应相同,只是 Axis2 不喜欢客户端,也许是 mustUnderstand?
这是回复:
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://mysite/contract/users/v3/IUsers/EchoAuthenticatedResponse</a:Action>
<a:RelatesTo>urn:uuid:***guid***</a:RelatesTo>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>***datetime***</u:Created>
<u:Expires>***datetime***</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body>
<EchoAuthenticatedResponse xmlns="http://mysite/contract/users/v3">
<EchoAuthenticatedResult>This is the Users service answering back. The value you sent was: success</EchoAuthenticatedResult>
</EchoAuthenticatedResponse>
</s:Body>
</s:Envelope>
我无法转移到较新版本的 Axis2,因为它与产品捆绑在一起,但我需要找出如何解决此错误。
我找到了一种解决方案,即在对 false
的响应中设置 mustUnderstand 个实例为此我做了以下工作:
创建一个扩展 *org.apache.axis2.handlers.AbstractHandler
的处理程序 class
MustUnderstandHandler.java
import java.util.Iterator;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPHeader;
import org.apache.axiom.soap.SOAPHeaderBlock;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
public class MustUnderstandHandler extends org.apache.axis2.handlers.AbstractHandler {
@Override
public InvocationResponse invoke(MessageContext messageContext) throws AxisFault {
try{
System.out.println("RemoveMustUnderstandAll: invoke " + messageContext);
SOAPEnvelope env = messageContext.getEnvelope();
SOAPHeader header = env.getHeader();
if(header != null){
for(Iterator<?> itr = header.getChildElements(); itr.hasNext();){
SOAPHeaderBlock headerBlock = (SOAPHeaderBlock) itr.next();
if(headerBlock.getMustUnderstand()){
headerBlock.setMustUnderstand(false);
System.out.println("RemoveMustUnderstandAll (" + messageContext + "): setMustUnderstand(false) to " + headerBlock.getQName());
}
}
}
}
catch(Exception e){
System.out.println(e.toString());
}
return InvocationResponse.CONTINUE;
}
}
连接 AxisConfiguration 以使用处理程序 class
在生成的存根(从 WSDL2Java 创建)中,我找到了它正在执行客户端的实例,并且在每一行之前我包括了以下内容:
MyStub.java
AxisConfiguration axisConfiguration = _messageContext.getConfigurationContext().getAxisConfiguration();
ArrayList arrayList = new ArrayList();
arrayList.add(new MustUnderstandHandler());
axisConfiguration.setInPhasesUptoAndIncludingPostDispatch(arrayList);
// execute the operation client
_operationClient.execute(true);