无法处理 mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd} 安全。返回故障
Could not handle mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. Returning fault
我浏览了如下链接:SOAPFaultException "MustUnderstand headers (oasis-200401-wss-wssecurity-secext-1.0.xsd) are not understood",但仍在挣扎。
我正在使用 Spring Boot v2.2.2..RELEASE and SOAP 项目。
我正在将两个不同的 WSDL 文件加载到我的项目中。一个 URL 生成到 http://localhost:8080/employee/employee-soap,效果很好。但是 http://localhost:8080/student/student-soap 这给出了以下错误。
2020-02-17 15:31:00.241 WARN 20236 --- [nio-8080-exec-5] o.s.w.soap.server.SoapMessageDispatcher : Could not handle mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. Returning fault
Java代码:
@EnableWs
@Configuration
public class AppConfig extends WsConfigurerAdapter {
@SuppressWarnings({ "rawtypes", "unchecked" })
@Bean
public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext) {
MessageDispatcherServlet servlet = new MessageDispatcherServlet();
servlet.setApplicationContext(applicationContext);
servlet.setTransformWsdlLocations(true);
return new ServletRegistrationBean(servlet, "/*");
}
@Bean
public SaajSoapMessageFactory messageFactory() {
SaajSoapMessageFactory messageFactory = new SaajSoapMessageFactory();
messageFactory.setSoapVersion(SoapVersion.SOAP_11);
messageFactory.afterPropertiesSet();
return messageFactory;
}
@Bean("empXSD")
public XsdSchema organizationSchema() {
return new SimpleXsdSchema(new ClassPathResource("/xsd/employee.xsd"));
}
@Bean(name = "employee")
public DefaultWsdl11Definition defaultWsdl11Definition(@Qualifier("empXSD") XsdSchema schema) {
DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
wsdl11Definition.setPortTypeName("employee");
wsdl11Definition.setLocationUri("employee/employee-soap");
wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:employee");
wsdl11Definition.setSchema(schema);
wsdl11Definition.setCreateSoap11Binding(true);
return wsdl11Definition;
}
@Bean
@Qualifier(value="stuXSD")
public XsdSchema stuSchema() {
return new SimpleXsdSchema(new ClassPathResource("/xsd/student.xsd"));
}
@Bean(name = "student")
public DefaultWsdl11Definition geographyWsdl11Definition(@Qualifier("stuXSD") XsdSchema schema) {
DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
wsdl11Definition.setPortTypeName("student");
wsdl11Definition.setLocationUri("student-soap");
wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:student");
wsdl11Definition.setSchema(schema);
wsdl11Definition.setCreateSoap11Binding(true);
return wsdl11Definition;
}
@Override
public void addInterceptors(List<EndpointInterceptor> interceptors) {
interceptors.add(new Interceptor(endpoints, req));
}
}
代码:
@Configuration
public class SimpleMustUnderstandEndpointInterceptor implements SoapEndpointInterceptor{
private final String SAMPLE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
@Override
public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception {
return true;
}
@Override
public boolean handleResponse(MessageContext messageContext, Object endpoint) throws Exception {
return true;
}
@Override
public boolean handleFault(MessageContext messageContext, Object endpoint) throws Exception {
return true;
}
@Override
public void afterCompletion(MessageContext messageContext, Object endpoint, Exception ex) throws Exception {
}
@Override
public boolean understands(SoapHeaderElement header) {
if(header.getName().getNamespaceURI().equalsIgnoreCase(SAMPLE_NS)) {
return true;
}
return false;
}
}
根据观察,看起来甚至这个 SoapEndpointInterceptor 都没有调用,在此之前它只是给出错误。
在调用 SOAP 端点期间,下面 header 信息正在运行,并且如我上面提到的那样给出错误。任何指针?
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-
secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-
518482F2CDC2F635FF158202815227129"><wsse:Username>aispoc_usr1</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
username-token-profile-1.0#PasswordText">aispoc_usr1</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-
message-security-1.0#Base64Binary">/fdGCEilz/dkVeZE05b7LQ==</wsse:Nonce>
2020-02-18T12:15:52.271Z
我在 https://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.html and https://memorynotfound.com/spring-ws-username-password-authentication-wss4j/ 中找到了解决方案。
我简单地使用 below 并且它开始工作正常。
@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
security.setSecurementActions("NoSecurity");
security.setSecurementPasswordType(WSConstants.PW_TEXT);
return security;
}
您可以尝试以下配置来解决问题。
@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
security.setValidationActions("NoSecurity");
security.setValidateRequest(false);
security.setValidateResponse(true);
return security;
}
@Override
public void addInterceptors(List<EndpointInterceptor> interceptors) {
interceptors.add(securityInterceptor());
}
我浏览了如下链接:SOAPFaultException "MustUnderstand headers (oasis-200401-wss-wssecurity-secext-1.0.xsd) are not understood",但仍在挣扎。
我正在使用 Spring Boot v2.2.2..RELEASE and SOAP 项目。
我正在将两个不同的 WSDL 文件加载到我的项目中。一个 URL 生成到 http://localhost:8080/employee/employee-soap,效果很好。但是 http://localhost:8080/student/student-soap 这给出了以下错误。
2020-02-17 15:31:00.241 WARN 20236 --- [nio-8080-exec-5] o.s.w.soap.server.SoapMessageDispatcher : Could not handle mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. Returning fault
Java代码:
@EnableWs
@Configuration
public class AppConfig extends WsConfigurerAdapter {
@SuppressWarnings({ "rawtypes", "unchecked" })
@Bean
public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext) {
MessageDispatcherServlet servlet = new MessageDispatcherServlet();
servlet.setApplicationContext(applicationContext);
servlet.setTransformWsdlLocations(true);
return new ServletRegistrationBean(servlet, "/*");
}
@Bean
public SaajSoapMessageFactory messageFactory() {
SaajSoapMessageFactory messageFactory = new SaajSoapMessageFactory();
messageFactory.setSoapVersion(SoapVersion.SOAP_11);
messageFactory.afterPropertiesSet();
return messageFactory;
}
@Bean("empXSD")
public XsdSchema organizationSchema() {
return new SimpleXsdSchema(new ClassPathResource("/xsd/employee.xsd"));
}
@Bean(name = "employee")
public DefaultWsdl11Definition defaultWsdl11Definition(@Qualifier("empXSD") XsdSchema schema) {
DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
wsdl11Definition.setPortTypeName("employee");
wsdl11Definition.setLocationUri("employee/employee-soap");
wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:employee");
wsdl11Definition.setSchema(schema);
wsdl11Definition.setCreateSoap11Binding(true);
return wsdl11Definition;
}
@Bean
@Qualifier(value="stuXSD")
public XsdSchema stuSchema() {
return new SimpleXsdSchema(new ClassPathResource("/xsd/student.xsd"));
}
@Bean(name = "student")
public DefaultWsdl11Definition geographyWsdl11Definition(@Qualifier("stuXSD") XsdSchema schema) {
DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
wsdl11Definition.setPortTypeName("student");
wsdl11Definition.setLocationUri("student-soap");
wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:student");
wsdl11Definition.setSchema(schema);
wsdl11Definition.setCreateSoap11Binding(true);
return wsdl11Definition;
}
@Override
public void addInterceptors(List<EndpointInterceptor> interceptors) {
interceptors.add(new Interceptor(endpoints, req));
}
}
代码:
@Configuration
public class SimpleMustUnderstandEndpointInterceptor implements SoapEndpointInterceptor{
private final String SAMPLE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
@Override
public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception {
return true;
}
@Override
public boolean handleResponse(MessageContext messageContext, Object endpoint) throws Exception {
return true;
}
@Override
public boolean handleFault(MessageContext messageContext, Object endpoint) throws Exception {
return true;
}
@Override
public void afterCompletion(MessageContext messageContext, Object endpoint, Exception ex) throws Exception {
}
@Override
public boolean understands(SoapHeaderElement header) {
if(header.getName().getNamespaceURI().equalsIgnoreCase(SAMPLE_NS)) {
return true;
}
return false;
}
}
根据观察,看起来甚至这个 SoapEndpointInterceptor 都没有调用,在此之前它只是给出错误。
在调用 SOAP 端点期间,下面 header 信息正在运行,并且如我上面提到的那样给出错误。任何指针?
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-
secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-
518482F2CDC2F635FF158202815227129"><wsse:Username>aispoc_usr1</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
username-token-profile-1.0#PasswordText">aispoc_usr1</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-
message-security-1.0#Base64Binary">/fdGCEilz/dkVeZE05b7LQ==</wsse:Nonce>
2020-02-18T12:15:52.271Z
我在 https://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.html and https://memorynotfound.com/spring-ws-username-password-authentication-wss4j/ 中找到了解决方案。
我简单地使用 below 并且它开始工作正常。
@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
security.setSecurementActions("NoSecurity");
security.setSecurementPasswordType(WSConstants.PW_TEXT);
return security;
}
您可以尝试以下配置来解决问题。
@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
security.setValidationActions("NoSecurity");
security.setValidateRequest(false);
security.setValidateResponse(true);
return security;
}
@Override
public void addInterceptors(List<EndpointInterceptor> interceptors) {
interceptors.add(securityInterceptor());
}