JAX-WS密码类型PasswordText [英] JAX-WS Password Type PasswordText
问题描述
我有一个简单的命令行Java JAX-WS应用程序来测试SOAP请求,但是服务器期望密码类型为PasswordText,而我对如何设置此密码感到困惑...
I've got a simple command line Java JAX-WS app to test a SOAP request, but the server is expecting the Password Type to be PasswordText and I'm stumped on how to set this...
代码如下:
@WebServiceRef
private static final HelloService helloService = new HelloService(url, new QName(
URL, "HelloService"));
public static void main(final String... args) {
try {
final HelloPort helloPort = helloService.getHelloPort();
final BindingProvider hB = ((BindingProvider) helloPort);
hB.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
END_POINT_ADDRESS);
hB.getRequestContext().put(BindingProvider.USERNAME_PROPERTY,
USERNAME);
hB.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY,
PASSWORD);
...
我已经使用SOAP-UI测试了请求,因此我知道它正在工作.设置密码类型的任何帮助将不胜感激.
I've tested the request using SOAP-UI so I know it's working. Any help on setting the password type would be appreciated.
谢谢.
推荐答案
这将设置基本HTTP身份验证的用户名和密码.如果您已经在SoapUI中进行了测试,那么我猜您在请求详细信息窗格中所说的'PasswordText'值就是'WSS-Password Type'.设置WSS安全性,而不是HTTP安全性.
That will set the username and password for Basic HTTP authentication. If you've tested it in SoapUI, I'm guessing the 'PasswordText' value you speak of is the 'WSS-Password Type' in the request details pane. That sets WSS security, not HTTP security.
使用Java6中的JAX-WS,您需要附加一个SOAPHandler来将WSS-Usertoken注入到SOAP Header中.关于这个网,有很多零碎的东西,但是我找不到要发布的单个链接,所以这里有一些代码可以代替您……
With JAX-WS in Java6 you need to attach a SOAPHandler to inject the WSS-Usertoken into the SOAP Header. There are plenty of bits and bobs about this round the net, but I couldn't find one single link to post, so here's some code instead to get you going...
要添加处理程序,您需要以下内容:
To add a handler you need something like:
final Binding binding = ((BindingProvider) servicePort).getBinding();
List<Handler> handlerList = binding.getHandlerChain();
if (handlerList == null)
handlerList = new ArrayList<Handler>();
handlerList.add(new SecurityHandler());
binding.setHandlerChain(handlerList); // <- important!
然后,SecurityHandler类将执行操作.处理程序是通用的,成功消息和错误消息都被调用,但是也许更重要的是,它们在两个消息方向上都被调用-传出请求,然后再次传入请求.您只想处理传出的消息.因此,您将需要以下内容:
Then the SecurityHandler class will do the deed. Handlers are general things and get called for both successful messages and for faults, but perhaps more importantly they get called in both message directions - for the outgoing request and then again for the incoming response. You only want to handle outgoing messages. So you'll need something like:
public final class SecurityHandler implements SOAPHandler<SOAPMessageContext> {
...
@Override
public boolean handleMessage(final SOAPMessageContext msgCtx) {
// Indicator telling us which direction this message is going in
final Boolean outInd = (Boolean) msgCtx.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
// Handler must only add security headers to outbound messages
if (outInd.booleanValue()) {
try {
// Get the SOAP Envelope
final SOAPEnvelope envelope = msgCtx.getMessage().getSOAPPart().getEnvelope();
// Header may or may not exist yet
SOAPHeader header = envelope.getHeader();
if (header == null)
header = envelope.addHeader();
// Add WSS Usertoken Element Tree
final SOAPElement security = header.addChildElement("Security", "wsse",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
final SOAPElement userToken = security.addChildElement("UsernameToken", "wsse");
userToken.addChildElement("Username", "wsse").addTextNode("MyWSSUsername");
userToken.addChildElement("Password", "wsse").addTextNode("MyWSSPassword");
} catch (final Exception e) {
LOG.error(e);
return false;
}
}
return true;
}
...
// Other required methods on interface need no guts
}
我在这里做了一些假设,但希望它能帮助您前进!
I've made a few assumptions here, but hopefully it'll get you going!
亲切的问候.
这篇关于JAX-WS密码类型PasswordText的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
