我只使用 jaxws-maven-plugin(没有 Spring 或任何其他库)来生成我的 web 服务 从 WSDL 的客户端类,除了我需要之外它工作正常使用 WS-Security 加密我的请求的特定子元素。
能否请您指出任何文档或提示我如何配置它?是否有配置文件在哪里设置以下内容?还是我需要使用其他库,例如 Apache CXF?
WS-A 版本:200508
密钥标识符类型:二进制安全令牌
对称编码算法:AES256-CBC
密钥加密算法:RSA-OAEP-MGF1P
算法套件:Basic256Sha256
加密元素 XPath: //xxx/yyy
谢谢!
【问题讨论】:
标签: java web-services jax-ws ws-security jaxws-maven-plugin
我发现了什么:(注意我还是不明白发生了什么)
并配置对它的访问:
XxxService service = new XxxService();
BindingProvider bp = (BindingProvider) service.getXxxPort();
final Map<String, Object> rqc = bp.getRequestContext();
Properties p = new Properties();
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.file", ...);
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", ...);
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", ...);
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.alias", ...);
rqc.put("security.signature.properties", p);
rqc.put("security.encryption.properties", p);
WSDL 示例
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions ... >
...
<wsdl:binding name="..." type="...">
<wsaw:UsingAddressing wsdl:required="false" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" />
<wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" />
<!-- added to wsdl for encryption -->
<wsp:PolicyReference URI="#general_policy" />
<wsdl:operation name="xxx">
<wsdlsoap:operation soapAction="" />
<wsdl:input name="...">
<!-- added to wsdl for encryption -->
<wsp:PolicyReference URI="#xxx_policy" />
<wsdlsoap:body use="literal" />
</wsdl:input>
<wsdl:output ... >
</wsdl:operation>
</wsdl:binding>
<!-- added to wsdl for encryption -->
<wsp:Policy wsu:Id="general_policy"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<wsp:ExactlyOne>
<wsp:Policy>
<wsp:All>
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:AsymmetricBinding>
</wsp:All>
</wsp:Policy>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="xxx_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:ContentEncryptedElements
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:XPath>/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Body']/*[namespace-uri()='xxx' and local-name()='xxxRequest']/yyy</sp:XPath>
</sp:ContentEncryptedElements>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsdl:definitions>
【讨论】: