使用 SoapUI 测试自签名证书身份验证 Web 服务
Test self-signed certificate authentication webservice with SoapUI
我正在使用 Spring 网络服务 2.2.x 通过使用 <x509/>
实现自证书身份验证
这样,X509AuthenticationFilter 需要来自 javax.servlet.request.X509Certificate
的客户端证书
X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
如何配置 SoapUI 以将客户端证书放在那里?
我尝试将 JKS 或 PCS12 密钥库配置为:
- 显示项目视图 -> WS-Security 配置 -> keyStore
- 请求属性 -> SSL KeyStore
但它不起作用:请求中未找到客户端证书
11:58:10.001 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
11:58:10.004 [233950856@qtp-444127949-3] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No HttpSession currently exists
11:58:10.004 [233950856@qtp-444127949-3] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
11:58:10.005 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 2 of 10 in additional filter chain; firing Filter: 'HeaderWriterFilter'
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 3 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/services'; against '/logout'
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 4 of 10 in additional filter chain; firing Filter: 'X509AuthenticationFilter'
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.p.x.X509AuthenticationFilter - Checking secure context token: null
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.p.x.X509AuthenticationFilter - No client certificate found in request.
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.p.x.X509AuthenticationFilter - No client certificate found in request.
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.p.x.X509AuthenticationFilter - No pre-authenticated principal found in request
11:58:10.007 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
11:58:10.007 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
11:58:10.007 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
11:58:10.007 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9055e4a6: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
- 创建项目后
- 显示项目视图 -> WS-Security 配置 -> 密钥库
- 在此处添加客户端 PCKS12 密钥
- WS-Security 配置 -> 传出 WS-Secutity 配置 -> 新传出 WSS 配置 -> 使用任意名称
- 然后在->下找到"Sepcify unique name for configuration"填写Keystore,Alias和Password(如果有一般为空)
- 保存并完成配置
我正在使用 Spring 网络服务 2.2.x 通过使用 <x509/>
这样,X509AuthenticationFilter 需要来自 javax.servlet.request.X509Certificate
的客户端证书X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
如何配置 SoapUI 以将客户端证书放在那里? 我尝试将 JKS 或 PCS12 密钥库配置为:
- 显示项目视图 -> WS-Security 配置 -> keyStore
- 请求属性 -> SSL KeyStore
但它不起作用:请求中未找到客户端证书
11:58:10.001 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 1 of 10 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
11:58:10.004 [233950856@qtp-444127949-3] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No HttpSession currently exists
11:58:10.004 [233950856@qtp-444127949-3] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
11:58:10.005 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 2 of 10 in additional filter chain; firing Filter: 'HeaderWriterFilter'
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 3 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/services'; against '/logout'
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 4 of 10 in additional filter chain; firing Filter: 'X509AuthenticationFilter'
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.p.x.X509AuthenticationFilter - Checking secure context token: null
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.p.x.X509AuthenticationFilter - No client certificate found in request.
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.p.x.X509AuthenticationFilter - No client certificate found in request.
11:58:10.006 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.p.x.X509AuthenticationFilter - No pre-authenticated principal found in request
11:58:10.007 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
11:58:10.007 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
11:58:10.007 [233950856@qtp-444127949-3] DEBUG o.s.security.web.FilterChainProxy - /services at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
11:58:10.007 [233950856@qtp-444127949-3] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9055e4a6: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
- 创建项目后
- 显示项目视图 -> WS-Security 配置 -> 密钥库
- 在此处添加客户端 PCKS12 密钥
- WS-Security 配置 -> 传出 WS-Secutity 配置 -> 新传出 WSS 配置 -> 使用任意名称
- 然后在->下找到"Sepcify unique name for configuration"填写Keystore,Alias和Password(如果有一般为空)
- 保存并完成配置