使用Metro 2.3以编程方式从Web服务读取加密的错误消息 [英] Programmatically read encrypted error messages from webservice using metro 2.3

问题描述

在具有WS-Security的Netbeans中使用METRO 2.3，我尝试读取加密的Web服务的错误消息.

Using METRO 2.3 in Netbeans with WS-Security I try to read error messages of an encrypted webservice.

通信正常，直到我的有效载荷包含错误为止.然后，服务器将发送一条加密的错误消息，其中包含发生问题的信息.我的客户端尝试对其解密，并理解该消息具有与预期不同的结构，并抛出XMLSignatureException:

The communication works fine until my payload contains errors. Then the server sends an encrypted error message with the information what went wrong. My client tries to decrypt it and understands that the message got another structure than expected and throws an XMLSignatureException:

javax.xml.crypto.dsig.XMLSignatureException: 
WSS1717: Error occurred while doing digest verification of body/payload

服务器发送的错误消息被隐藏.

The error message that was send by the server is hidden.

第146行抛出了异常:

The exception is thrown here in line 146:

如果启用了最好的日志记录级别，则可以读取第141行上记录的信息.

If I enable the finest logging level, I can read the information that is logged on line 141.

当我捕获到异常时，是否有可能读取xml流的canonicalizedData?

Is ist possible to read the canonicalizedData of the xml stream when I catch the exception?

推荐答案

由于似乎没有简单的方法可以做到这一点，所以我编写了一种解决方法.

Since It seems that there is no easy way to do this, I wrote a workaround.

如果我启用了最好的日志记录功能，则会报告过多的详细信息.因此，我编写了自己的日志消息过滤器.

If I enable Logging on the finest level, too many details are reported. So I wrote my own Log Message Filter.

Logger wsitlogger = Logger.getLogger("com.sun.xml.wss.logging.impl.opt.signature");
wsitlogger.setLevel(Level.FINEST);
TextAndLevelFilter logFilter= new TextAndLevelFilter(Level.INFO);
logFilter.addPrefix("WSS1764");
wsitlogger.setFilter(logFilter);

和我的TextLevelFilter.java:

and my TextLevelFilter.java:

public class TextAndLevelFilter implements Filter {
    private static final int offValue = Level.OFF.intValue();
    private final int levelValue;

    private final Collection<String> prefixes = new LinkedList<>();

    public TextAndLevelFilter(Level level) {
        this.levelValue = level.intValue();
    }

    public void addPrefix(String prefix) {
        prefixes.add(prefix);
    }

    @Override
    public boolean isLoggable(LogRecord record) {
        final String message = record.getMessage();
        for (String prefix : prefixes) {
            if (message.startsWith(prefix)) {
                return true;
            }
        }
        return record.getLevel().intValue() >= levelValue && levelValue != offValue;
    }
}

这篇关于使用Metro 2.3以编程方式从Web服务读取加密的错误消息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！