WSO2 ESB 无法在 DSS 调用之前删除响应中的 ws-security 标头 [英] WSO2 ESB unable to remove ws-security header in the response before DSS call
问题描述
我有一个代理服务,需要调用具有 ws 安全性的外部服务.我必须调用服务,根据响应,我需要提取一些信息然后调用数据服务来更新数据库.当我得到响应并创建有效载荷调用数据服务它也有 ws 安全标头,它以异常结束.
I have a proxy service which needs to call a exernal service with ws security. I have to call the service, and based on the response, I need to extract some information and then call a data service to update the database. As I get the response and create the payload to call the data service it is also having the ws security header which ends up in an exception.
我用过
<header action="remove" name="wsse:Security" scope="default"xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
在创建和调用数据服务时,但最终没有运气.
while creating and calling the data service but end up with no luck.
下面是我的代理服务.
<?xml version="1.0" encoding="UTF-8"?>
<proxy name="EDI_Test_Proxy_2" startOnLoad="true" trace="disable"
transports="http https" xmlns="http://ws.apache.org/ns/synapse">
<target>
<inSequence>
<header name="Action" scope="default" value="get_mcash_data" />
<property name="Content-Type" scope="transport" type="STRING"
value="application/soap+xml; charset=UTF-8; action=get_mcash_data" />
<call>
<endpoint>
<address trace="disable"
uri="http://localhost:9770/services/my_fetch_data_service" />
</endpoint>
</call>
<property expression="//mc:mcash/mc:tran_id/text()" name="tran_id"
scope="default" type="STRING" xmlns:mc="http://ws.wso2.org/dataservice"
xmlns:ns="http://org.apache.synapse/xsd" />
<log level="custom">
<property expression="$ctx:tran_id" name="tran_id" />
</log>
<filter xmlns:mc="http://ws.wso2.org/dataservice" xmlns:ns="http://org.apache.synapse/xsd"
xpath="boolean(//mc:mcash/mc:mobile_no)">
<then>
<property expression="//mc:mcash/mc:tran_id/text()" name="tran_id"
scope="default" type="STRING" />
<property expression="//mc:mcash/mc:mobile_no/text()"
name="mobile_no" scope="default" type="STRING" />
<property expression="//mc:mcash/mc:tran_amt/text()" name="tran_amt"
scope="default" type="STRING" />
<property expression="//mc:mcash/mc:tran_date/text()"
name="tran_date" scope="default" type="STRING" />
<property expression="//mc:mcash/mc:tran_time/text()"
name="tran_time" scope="default" type="STRING" />
<property expression="//mc:mcash/mc:part_tran_srl_num/text()"
name="part_tran_srl_num" scope="default" type="STRING" />
<log level="custom">
<property expression="$ctx:tran_id" name="tran_id" />
<property expression="$ctx:mobile_no" name="mobile_no" />
<property expression="$ctx:tran_amt" name="tran_amt" />
<property expression="$ctx:tran_date" name="tran_date" />
<property expression="$ctx:tran_time" name="tran_time" />
<property expression="$ctx:part_tran_srl_num" name="tran_time" />
</log>
<payloadFactory description="pf_mcash" media-type="xml">
<format>
<flw:purchaceFromMMR xmlns:flw="http://flw.mwt.mobitel.com/">
<!--Optional: -->
<bankPurchaseRequest xmlns="">
<amount>$1</amount>
<!--Optional: -->
<bankCode>XXX</bankCode>
<!--Optional: -->
<date>$2</date>
<!--Optional: -->
<mobile>$3</mobile>
<!--Optional: -->
<time>$4</time>
<!--Optional: -->
<transactionId>$5</transactionId>
</bankPurchaseRequest>
</flw:purchaceFromMMR>
</format>
<args>
<arg evaluator="xml" expression="$ctx:tran_amt" />
<arg evaluator="xml" expression="$ctx:tran_date" />
<arg evaluator="xml" expression="$ctx:mobile_no" />
<arg evaluator="xml" expression="$ctx:tran_time" />
<arg evaluator="xml" expression="$ctx:tran_id" />
</args>
</payloadFactory>
<call>
<endpoint>
<address trace="disable"
uri="https://my_external_web_service/to_be/called?wsdl">
<enableSec policy="gov:ws-policy/sample_policy.xml" />
</address>
</endpoint>
</call>
<loopback />
</then>
<else>
<log>
<property name="STATUS" value="*****No data available*****" />
</log>
</else>
</filter>
</inSequence>
<outSequence>
<header action="remove" name="wsse:Security" scope="default"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" />
<header action="remove" name="To" scope="default" />
<property expression="//return/mobile/text()" name="mobile"
scope="default" type="STRING" />
<property expression="//return/date/text()" name="date"
scope="default" type="STRING" />
<property expression="//return/recipetNo/text()" name="recipetNo"
scope="default" type="STRING" />
<property expression="//return/resultCode/text()" name="resultCode"
scope="default" type="STRING" />
<property expression="//return/resultDesc/text()" name="resultDesc"
scope="default" type="STRING" />
<payloadFactory description="pf_mcash_update"
media-type="xml">
<format>
<p:TestUpdate xmlns:p="http://ws.wso2.org/dataservice">
<!--Exactly 1 occurrence -->
<p:trf_status>$1</p:trf_status>
<!--Exactly 1 occurrence -->
<p:resp_code>$2</p:resp_code>
<!--Exactly 1 occurrence -->
<p:receipt>$3</p:receipt>
<!--Exactly 1 occurrence -->
<p:rsp_message>$4</p:rsp_message>
<!--Exactly 1 occurrence -->
<p:tran_id>$5</p:tran_id>
<!--Exactly 1 occurrence -->
<p:part_tran_srl_num>$6</p:part_tran_srl_num>
</p:TestUpdate>
</format>
<args>
<arg value="10" />
<arg evaluator="xml" expression="$ctx:resultCode" />
<arg evaluator="xml" expression="$ctx:recipetNo" />
<arg evaluator="xml" expression="$ctx:resultDesc" />
<arg value="SDC311521" />
<arg evaluator="xml" expression="$ctx:part_tran_srl_num" />
</args>
</payloadFactory>
<header name="Action" scope="default" value="TestUpdate" />
<property name="Content-Type" scope="transport" type="STRING"
value="application/soap+xml; charset=UTF-8; action=TestUpdate" />
<call>
<endpoint>
<address trace="disable"
uri="http://my_internal_data_service/which_ends_up_with/ws_sec_header" />
</endpoint>
</call>
</outSequence>
<faultSequence />
</target>
</proxy>
非常感谢任何建议.
推荐答案
问题是我在 axis2.xml 中找到了
.注释掉这一行后,异常消失了,dss 调用起作用了.我相信的原因是,如果启用了这行代码,ws-securiy 将在全局范围内使用,并且所有服务调用都将查找 ws-security 标头.如果我有任何错误,请纠正我.
The issue was I have engaged rampart module <module ref="rampart" />
in the axis2.xml found in <ESB_HOME>repository/conf/axis2/
. After commenting out this line the exception was gone and the dss call worked. The reason I believe, if this line of code is enabled, ws-securiy is engaged globally and all the service calls will look for ws-security header. Please correct me if I'm wrong in anyway.
这篇关于WSO2 ESB 无法在 DSS 调用之前删除响应中的 ws-security 标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!