如您所知,在wildfly ws-security配置中,有2个属性文件被绑定到Web服务。在服务器端,server.properties的绑定方式如下所示,
== server.properties
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=password123
org.apache.ws.security.crypto.merlin.keystore.alias=servicekey
org.apache.ws.security.crypto.merlin.keystore.file=META-INF/serviceKeystore.jks
== jaxws-endpoint-config.xml
<endpoint-config>
<config-name>Custom WS-Security Endpoint</config-name>
<property>
<property-name>ws-security.signature.properties</property-name>
<property-value>META-INF/server.properties</property-value>
</property>
<property>
<property-name>ws-security.callback-handler</property-name>
<property-value>
com.aaa.soap.KeystorePasswordCallback
</property-value>
</property>
</endpoint-config>
== HelloWorld.java
@WebService
@EndpointConfig(configFile = "WEB-INF/jaxws-endpoint-config.xml", configName = "Custom WS-Security Endpoint")
public class HelloWorld implements IHelloWorld {
@Override
public String sayHello(String name) {
// TODO Auto-generated method stub
return "Hello " + name;
}
}
在客户端,JSP文件将client.properties绑定到soap请求。
== client.properties
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=password123
org.apache.ws.security.crypto.merlin.keystore.alias=servicekey
org.apache.ws.security.crypto.merlin.keystore.file=META-INF/serviceKeystore.jks
== index.jsp
<body>
<%
String SERVICE_URL = "http://localhost:8080/SOAPEncryptWeb/HelloWorld";
try {
QName serviceName = new QName("http://soap.aaa.com/", "HelloWorldService");
URL wsdlURL;
wsdlURL = new URL(SERVICE_URL + "?wsdl");
Service service = Service.create(wsdlURL, serviceName);
IHelloWorld port = (IHelloWorld) service.getPort(IHelloWorld.class);
((BindingProvider) port).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, new KeystorePasswordCallback());
((BindingProvider) port).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/client.properties"));
((BindingProvider) port).getRequestContext().put(SecurityConstants.ENCRYPT_USERNAME, "servicekey");
out.println(port.sayHello("jina"));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
%>
</body>
因此,在soapui应用程序中,我重新制作了如下所示的这些客户端/服务器属性,
但是我被困在这部分上。这些服务器和客户机属性已在Eclipse IDE上成功绑定。但是,在SoapUI应用程序中,我不知道如何将这些属性与soap请求和响应绑定在一起。
To use WS Security on SOAPUI you've to use its specific WS-Security configuration as follows. First double click in your project name on Navigator window:
Here as you can see in the image above, there is a WS-Security Configurations tab.
First of all add your keystore which contains the key to perform the operations. To do so, click on the Keystores tab and add your keystore information, in your case based on your clients.properties
:
其次,基于您的代码,您似乎想加密到Web服务的传出消息,因此选择“传出WS-Security配置”选项卡并添加新配置。您的传出/传入属性位于WEB-INF/jaxws-endpoint-config.xml
配置文件中,您没有在问题中显示它,因此请根据此文件的内容配置此选项卡。配置完成后,它可能如下所示:
最后,检查您的配置,转到SOAP Request,右键单击请求面板,然后选择Outgoing wss> Apply [您的ws cfg名称]:
有关更多详细信息,请查看SOAPUI文档。
希望这能为您指明正确的方向。
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句