2013-10-04 1 views
1

Прежде всего, извините за этот длинный пост, но я чищу свой разум на этом с тех пор, пока не получится. Я действительно ищу вашу помощь. Я пытаюсь вызвать веб-сервис, который защищен OWSM. Ниже приведены утверждения политики, указанные в WSDL.Как webservice JAX RPC-клиент работает с сервисом, защищенным OWSM

************************************* 
<wsp:Policy wsu:Id="service.BindingQSPort_Fault_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
    <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/> 
    <sp:SignedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/> 
    <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/> 
    <sp:EncryptedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/> 
</wsp:Policy> 

<wsp:Policy wsu:Id="service.BindingQSPort_Input_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
    <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
     <sp:Body/> 
     <sp:Header Name="fmw-context" Namespace="http://xmlns.oracle.com/fmw/context/1.0"/> 
     <sp:Header Name="" Namespace="http://www.w3.org/2005/08/addressing"/> 
     <sp:Header Name="" Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing"/> 
    </sp:SignedParts> 
    <sp:SignedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/> 
    <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
     <sp:Header Name="fmw-context" Namespace="http://xmlns.oracle.com/fmw/context/1.0"/> 
    </sp:EncryptedParts> 
    <sp:EncryptedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/> 
</wsp:Policy> 

<wsp:Policy wsu:Id="service.BindingQSPort_Output_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
    <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
     <sp:Body/> 
    </sp:SignedParts> 
    <sp:SignedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/> 
    <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/> 
    <sp:EncryptedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/> 
</wsp:Policy> 

<wsp:Policy wsu:Id="wss10_x509_token_over_ssl_service_policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
    <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
     <wsp:Policy> 
      <sp:InitiatorToken> 
       <wsp:Policy> 
        <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always"> 
         <wsp:Policy> 
          <sp:WssX509V3Token10/> 
         </wsp:Policy> 
        </sp:X509Token> 
       </wsp:Policy> 
      </sp:InitiatorToken> 
      <sp:RecipientToken> 
       <wsp:Policy> 
        <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always"> 
         <wsp:Policy> 
          <sp:WssX509V3Token10/> 
         </wsp:Policy> 
        </sp:X509Token> 
       </wsp:Policy> 
      </sp:RecipientToken> 
      <sp:AlgorithmSuite> 
       <wsp:Policy> 
        <sp:Basic128/> 
       </wsp:Policy> 
      </sp:AlgorithmSuite> 
      <sp:Layout> 
       <wsp:Policy> 
        <sp:Lax/> 
       </wsp:Policy> 
      </sp:Layout> 
      <sp:IncludeTimestamp/> 
      <sp:OnlySignEntireHeadersAndBody/> 
      <sp:ProtectTokens/> 
     </wsp:Policy> 
    </sp:AsymmetricBinding> 
    <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
     <wsp:Policy/> 
    </sp:Wss10> 
</wsp:Policy> 

    <wsdl:message name="svcFault"> 
     <wsdl:part name="payload" element="WL5G3N2:fault"/> 
    </wsdl:message> 
    <wsdl:message name="sendSMS"> 
     <wsdl:part name="payload" element="WL5G3N1:sendSMS"/> 
    </wsdl:message> 
    <wsdl:message name="sendSMSResponse"> 
     <wsdl:part name="payload" element="WL5G3N1:sendSMSResponse"/> 
    </wsdl:message> 
    <wsdl:portType name="service"> 
     <wsdl:operation name="sendSMS"> 
      <wsdl:input message="WL5G3N1:sendSMS"/> 
      <wsdl:output message="WL5G3N1:sendSMSResponse"/> 
      <wsdl:fault name="svcFault" message="WL5G3N1:svcFault"/> 
     </wsdl:operation> 
    </wsdl:portType> 

    <wsdl:binding name="service.Binding" type="WL5G3N1:service"> 
     <WL5G3N3:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> 
     <wsp:PolicyReference URI="#wss10_x509_token_over_ssl_service_policy" wsdl:required="false" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"/> 

     <wsdl:operation name="sendEmail"> 
      <WL5G3N3:operation style="document" soapAction="sendEmail"/> 
      <wsdl:input> 
      <WL5G3N3:body use="literal"/> 
      <wsp:PolicyReference URI="#service.BindingQSPort_Input_Policy" wsdl:required="false" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"/> 
      </wsdl:input> 
      <wsdl:output> 
      <WL5G3N3:body use="literal"/> 
      <wsp:PolicyReference URI="#service.BindingQSPort_Output_Policy" wsdl:required="false" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"/> 
      </wsdl:output> 

      <wsdl:fault name="svcFault"> 
      <WL5G3N3:fault name="svcFault" use="literal"/> 
      <wsp:PolicyReference URI="#service.BindingQSPort_Fault_Policy" wsdl:required="false" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"/> 
      </wsdl:fault> 
     </wsdl:operation> 

    </wsdl:binding> 
************************************* 

I have written a JAX-RPC client which is using "weblogic.wsee.security.bst.ClientBSTCredentialProvider" to provide client credential as required by the service. Below is the security related code. 

************************************* 
serverCert.checkValidity(); 
cp   = new ClientBSTCredentialProvider(
        clientKeyStore, clientKeyStorePass, 
        clientKeyAlias, clientKeyPass, 
        "JKS", serverCert); 
l_credproviders.add(cp); 

Stub stub = (Stub)port; 
stub._setProperty(WSSecurityContext.CREDENTIAL_PROVIDER_LIST 
        , l_credproviders 
        ); 
stub._setProperty(WSSecurityContext.TRUST_MANAGER 
      , new TrustManager() { 
      public boolean certificateCallback(
      X509Certificate[] chain, 
      int validateErr) { 
       // Check that the server cert matches 
       boolean result = true;//chain[0].equals(serverCert); 

       return result; 
      } 
     } 
    ); 
************************************* 

I am testing my client using SOAPUI. However above client code is giving me below Exceptions. 

************************************** 
java.rmi.RemoteException: SOAPFaultException - FaultCode [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}InvalidSecurity] FaultString [Error on verifying message against security policy Error code:4206] FaultActor [null]No Detail; nested exception is: 
************************************** 

Can someone please help me to understand what my WSDL is specifying and why "ClientBSTCredentialProvider" is not able to attach the required policy? Or is is happening that since I am testing with SOAPUI, SOAPResponse is not as per the WSDL policy? Below are the SOAP requests and response for this. 

*************************************** 
~~SOAP REQUEST~~ 
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsa:MessageID wsu:Id="MessageID_HUf02VXDqusotArv" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">uuid:c7404e48f626d447:-246df928:14183ec2b7f:-8000</wsa:MessageID><wsa:Action wsu:Id="Action_CcS8Hy0hmQ2wVKHH" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">sendSMS</wsa:Action><wsa:To wsu:Id="To_bb3aIWjwG1Got1IZ" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">http://domainname:8090/sendSMS</wsa:To><wsa:ReplyTo wsu:Id="ReplyTo_w1ZItNbfV8se2kbF" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address></wsa:ReplyTo><wsse:Security env:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="bst_zM6y3VGAX9jZAaiV" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIICQTCCAaqgAwIBAgIEUixN4TANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJMQjEPMA0GA1UECBMGQmVpcnV0MRAwDgYDVQQHEwdMZWJhbm9uMQ0wCwYDVQQKEwRNRFNMMQ0wCwYDVQQLEwRNRFNMMRUwEwYDVQQDEwxNYXl1ciBDbGllbnQwHhcNMTMwOTA4MTAxMzUzWhcNMTMxMjA3MTAxMzUzWjBlMQswCQYDVQQGEwJMQjEPMA0GA1UECBMGQmVpcnV0MRAwDgYDVQQHEwdMZWJhbm9uMQ0wCwYDVQQKEwRNRFNMMQ0wCwYDVQQLEwRNRFNMMRUwEwYDVQQDEwxNYXl1ciBDbGllbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMeT5uG9IJFxUE8SP2eXxrW7Lvo0ZlEiv8NS2OzLHe4e4T1gZC6NZhsDk6G3GKt8z6yj8MlfIPzYTrXxNSgnW34WYZ2kFw6TrjakUr99i4sH5yi1Z0Bmm3nNq9/2WWrdMXVjeI5EwEdU/UUogb2Wdgh1HPZgGUuWhkLoDmVR36y1AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAlvFZVLJ2h0BNe7EFGDUtBmEPF8EkdQn1R2AyK5AQONLM2RwNJYhVdVGLI13y+XJbACiyrFz5Sxsgu46hk6Bk6P+K/ZAUWQwDiV0pLhLg7LuR/K33o2EGkXiUnwOdcScG040n2sUnbi7ed/5mPcNuOGlYMQL/PHHZ2QGGTLEOe2U=</wsse:BinarySecurityToken><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI="#MessageID_HUf02VXDqusotArv"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>oG0PCOutUmUrhIhjsHB2G9Nu7Qc=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#Action_CcS8Hy0hmQ2wVKHH"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>jwnM3Pu8lEpk7WLokAfW/LcR8bM=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#To_bb3aIWjwG1Got1IZ"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>9RzmvWQQJG853YKPzwoWDUjWze8=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#ReplyTo_w1ZItNbfV8se2kbF"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>FPYcJ1NcK6nX5nx5cF+Jj5I2PZE=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#Timestamp_H75m9X5C1O9rNV2E"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>ZAoaTp1B5yQv/ZGM6Pd8dfmNyPg=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#Body_q8jxTBg8ZRE0VjRO"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>tnn+BbvQz/kuDBocU8Po24hn8W4=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#bst_zM6y3VGAX9jZAaiV"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>IG2FZBY/Oqtsu4H6sl/6f2iHJx8=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>LaXCIcrxyatPzcAsKJGK28TEgaEOUdoXUrcmucjHrZDuErfGPS5fa9LrIX7irGYYDoYjJ5uQLq7a7nSRcazfNPznf03nISgr6Voc+23HON2E+fyRmHkKJzWe6OxHRPyHYmxbYQzgXkwGCKqLOZVLJsQLQykMiNV8YK3vuacDAdU=</dsig:SignatureValue><dsig:KeyInfo><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="str_gp0ybJxTKkZntAn1" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Reference URI="#bst_zM6y3VGAX9jZAaiV" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsse:SecurityTokenReference></dsig:KeyInfo></dsig:Signature><wsu:Timestamp wsu:Id="Timestamp_H75m9X5C1O9rNV2E" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsu:Created>2013-10-04T14:43:16Z</wsu:Created><wsu:Expires>2013-10-04T14:44:16Z</wsu:Expires></wsu:Timestamp></wsse:Security></env:Header><env:Body wsu:Id="Body_q8jxTBg8ZRE0VjRO" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><ent:sendSMS xmlns:ent="http://www.banqueaudi.com/evs/ent.msg.Notification"><util:header xmlns:util="http://www.banqueaudi.com/ebo/util.cmn.EBMHeader"><util:ebmSID>FCDB</util:ebmSID></util:header><ent:body><msg:smsNotification xmlns:msg="http://www.banqueaudi.com/ebo/msg.Notification"><msg:sender>98989898</msg:sender><msg:recipients><msg:recipient>78831471</msg:recipient></msg:recipients><msg:subject>SUBJECT</msg:subject><msg:message>My message</msg:message></msg:smsNotification></ent:body></ent:sendSMS></env:Body></env:Envelope> 
*************************************** 

*************************************** 
~~SOAP RESONSE~~ 

<soapenv:Envelope xmlns:ent="http://www.banqueaudi.com/evs/ent.msg.Notification" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:util="http://www.banqueaudi.com/ebo/util.cmn.EBMHeader" xmlns:util1="http://www.banqueaudi.com/ebo/util.cmn.Basic"> 
    <soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/></soapenv:Header> 
    <soapenv:Body wsu:Id="id-45" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedData Id="ED-2" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference URI="#EK-B692F44E26CFCF96A613807927256684"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>x6T1pLtqpeAyg8SNuQQi23Ok6ceQikgVKyj80ylEdecdZoNOs2tUwhaO+irKXYy0XbMrmM+t3mMHsi2nNX5fps/camDpP9yOlN8Hosd+vUWsI4RA/8mnJVePitR3pf2dLgJD44vBowH5bQZ8R8B1vxDDjUpU2DOpfIxaPaSMApXvYfmPOMiDNtM/tXRCHrbHcljTAFvRZG9ShUZM6419i0JtpSCr77EkxJiWcVu9NIVwkHZoXpS8zY+pjjaatKi2EMzB9zPMXhtEvCER5pnEXWzUdhb5s9mWJAGaTd8h0j5o93LY/Mnw/mWBlzhFlk6b8cyJw1IrDAl5Tar8isuCqR2FbFs0aWqS8ng1QPnnc4xtBmCdgViifiXP0877LmFEqW74vDXtEDZniAfiixWt0u0gVsSYurJdwCWdZrfON12jAW35j6fWtgmGprsb6yE2cwg+J2BJaODdxTMOwyBAswygdjJw+RPLOXxCcYddyKJiFb/K+U0WiDj41yl/v8dmkYX1g9f6/CzpHMz8zpDdb+ecp2WNu3ry3z7fksMzp/LLsC5x2eVdgchOdtNZqufgLv8WQ+Ae/Hmuw/zgQ2l+xjxP4gYWanOphJ92H1Lk5KC/VsB3VdR2uz6b+rQZl0fJnY45HL7mx9uGKwQeQB9FWO1LNwcSQZw2yq7CeqUgspyvNMvwu1EXlUiIkYTu9EU0yVC9OGsXnspD9J4AG1m4IwFAL9iFHy7tJfnn5P0pSuSAoa4HeI0zO73H2zyrxEvi7eurXABxo1fk+gtXKDHl+elDtbwC1eJSYpwWZKBcpJSDATa0RCn28YKVVXZVZf0WOA3pTZ9NQNPCNVF/FC9SW8rrQ/777CFcuSlYIsexqL2+D6/TWStLvhrZLZ3K/3CsY/mwsnLwh2aFql8RZCunLSAK2a91y7Z044VO5598KERgBw8gO5RJrmwnSixmPrBjPo1yLkYcmzquHMlqS0CpWpypt5iyDJuF91P39eqYcJHZnwjG7ni8S8RFr2H5Hi3JFNm/k+A4mH5YvtyBqqTfN4+QjJMDBZkVTGFYs6JiRRUJoUK17okXxs8Pq6VYW3iSwEB85CFiVHZlt1eWppveVSHZfQsZsUr+A/QrTdRMZIx+ChRuqmXYdXiYQ35TDPveYWhiIQcWeOXvumtIZRTqYMoA34KuB/9GaH0P+7HUNfeROw6knj5y1DO1w/uIC8x6Uuhr5gMyZSuuzSEfZGUhQ6aWFtSCmnJaoVq18hdAnxNG31Oqi2gy7daCLWDRleow25xGYI2Or+dxhal3khe9+37OceJEWhgmB8gTD2nGBvp7VWLptsoGBgXgqnXs6ab8mG9lLmXbO4ef2ECq84BN//oIiV570qY6OWTQwL1yjNDQ3+1h2bKQ4DE51xq5N1UcTRoGA9DycotHmrOzyhedAMQTndlaNMJr87cC+cRVHYE=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soapenv:Body> 
</soapenv:Envelope> 
*************************************** 

ответ

2

Я нашел решение своей проблемы, которое я успешно проверил с помощью SOAP-UI. Будут держать опубликованные, как только он работает на живых, хотя.

Перед тем, как написать клиент для защищенного веб-сервиса OWSM, мы должны знать следующее.

  1. Возможно использование услуги JAX-WS с использованием клиента JAX-RPC и наоборот.

  2. Возможно использование защищенного веб-сервиса OWSM с клиентом JAX-RPC без установки/настройки OWSM на стороне клиента.

  3. Ниже приведен код клиента (относящийся только к безопасности) для referecnce.


IST l_credproviders = новый ArrayList(); CredentialProvider cp = null;

cp   = new ClientBSTCredentialProvider(MyClientKeystore.pubCertAlias, MyClientKeystore.prvKeyAlias, MyClientKeystore.serverPubCertAlias); 
    l_credproviders.add(cp); 

    Stub stub = (Stub)port; 
    stub._setProperty(WSSecurityContext.CREDENTIAL_PROVIDER_LIST 
          , l_credproviders 
          ); 

    stub._setProperty(WLStub.POLICY_COMPATIBILITY_PREFERENCE 
          , JFProperties.getProperty(
            "POLICY.COMPATIBILITY.PREFERENCE") 
          ); 

    stub._setProperty(WSSecurityContext.TRUST_MANAGER 
          , new TrustManager() { 
            public boolean certificateCallback(
              X509Certificate[] chain, 
              int validateErr) { 
              // Check that the server cert matches 
               return true; 
              } 
              } 
         ); 

  1. Как клиент провайдера удостоверений API wotrks для защиты клиента: а) Он подключается к URL и анализировать WSDL. b) Получите утверждения политики из WSDL. c) создать сообщение с запросом SOAP с учетом утверждений политики клиента. d) отправлять и получать ответ с сервера. e) проверить ответ от сервера на соответствие утверждений политики ответа сервера из уже обработанного WSDL, если ответ сервера недействителен в отношении политик, выбирающих SecurityExceptions.

Надеется, что это поможет, и кто получают выгоду от моего истощенного опыта :)