这将设置基本HTTP身份验证的用户名和密码。如果您已经在SoapUI中对其进行了测试,那么我猜您在请求详细信息窗格中所说的’PasswordText’值就是’WSS-
Password Type’。这将设置WSS安全性,而不是HTTP安全性。
使用Java6中的JAX-WS,您需要附加一个SOAPHandler来将WSS-Usertoken注入到SOAP
Header中。关于这一轮网络,有很多零碎的东西,但是我找不到要发布的单个链接,所以这里有一些代码可以帮助您前进…
要添加处理程序,您需要类似以下内容:
final Binding binding = ((BindingProvider) servicePort).getBinding();List<Handler> handlerList = binding.getHandlerChain();if (handlerList == null) handlerList = new ArrayList<Handler>();handlerList.add(new SecurityHandler());binding.setHandlerChain(handlerList); // <- important!
然后,SecurityHandler类将完成任务。处理程序是通用的东西,对于成功的消息和错误都被调用,但是也许更重要的是,它们在 两个 消息方向上
都 被调用-对于传出请求,然后又对于传入响应。您只想处理外发消息。因此,您将需要以下内容:
public final class SecurityHandler implements SOAPHandler<SOAPMessageContext> { ... @Override public boolean handleMessage(final SOAPMessageContext msgCtx) { // Indicator telling us which direction this message is going in final Boolean outInd = (Boolean) msgCtx.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY); // Handler must only add security headers to outbound messages if (outInd.booleanValue()) { try { // Get the SOAP Envelope final SOAPEnvelope envelope = msgCtx.getMessage().getSOAPPart().getEnvelope(); // Header may or may not exist yet SOAPHeader header = envelope.getHeader(); if (header == null) header = envelope.addHeader(); // Add WSS Usertoken Element Tree final SOAPElement security = header.addChildElement("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); final SOAPElement userToken = security.addChildElement("UsernameToken", "wsse"); userToken.addChildElement("Username", "wsse").addTextNode("MyWSSUsername"); userToken.addChildElement("Password", "wsse").addTextNode("MyWSSPassword"); } catch (final Exception e) { LOG.error(e); return false; } } return true; } ... // Other required methods on interface need no guts}
我在这里做了一些假设,但希望它能帮助您前进!
亲切的问候。