Ws- WSS4J拦截器中的安全属性
Ws- WSS4J拦截器中的安全属性
提问于 2014-04-17 10:00:42
我想知道我们是否可以在ws-security.signature.properties拦截器中设置WS安全属性,比如WSS4J。
我正在以这种方式配置WSS4J属性,但是WSHandler需要ws-security.signature.properties和ws-security.encryption.properties,但是它找不到。
Map<String, Object> outProps = new HashMap<String, Object>()
outProps.put(WSHandlerConstants.ACTION,
WSHandlerConstants.TIMESTAMP + " "
+ WSHandlerConstants.SIGNATURE + " "
+ WSHandlerConstants.ENCRYPT);
outProps.put(WSHandlerConstants.USER, "clientKey");
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientKeystorePasswordCallback.class.getName());
outProps.put(WSHandlerConstants.SIG_PROP_FILE,
"clientWSsec-PC165.properties");
outProps.put(WSHandlerConstants.ENC_PROP_FILE,
"clientWSsec-PC165-Srv.properties");
outProps.put(WSHandlerConstants.SIGNATURE_USER, "clientKey");
outProps.put(WSHandlerConstants.ENCRYPTION_USER, "serverKey");如何在WSS4J拦截器中添加这些属性?
谢谢!
回答 1
Stack Overflow用户
发布于 2014-04-18 07:39:08
如何在WSS4J拦截器中添加这些属性?
如果您在spring中使用cxf,请尝试如下:
ClientKeystorePasswordCallback:
/**
* @see <a href="https://github.com/gmazza/blog-samples/blob/master/cxf_x509_profile/client/src/main/java/client/ClientKeystorePasswordCallback.java">ClientKeystorePasswordCallback</a>
*/
public class ClientKeystorePasswordCallback implements CallbackHandler {
private Map<String, String> passwords =
new HashMap<String, String>();
public ClientKeystorePasswordCallback() {
passwords.put("myclientkey", "ckpass");
}
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}
}弹簧配置:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd">
<bean id="clientKeystorePasswordCallback" class="client.ClientKeystorePasswordCallback"/>
<bean id="wss4JInInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="#{T(org.apache.ws.security.handler.WSHandlerConstants).ACTION}"
value="#{T(org.apache.ws.security.handler.WSHandlerConstants).TIMESTAMP} #{T(org.apache.ws.security.handler.WSHandlerConstants).SIGNATURE} #{T(org.apache.ws.security.handler.WSHandlerConstants).ENCRYPT}"/>
<entry key="#{T(org.apache.ws.security.handler.WSHandlerConstants).USER}"
value="clientKey"/>
<entry key="#{T(org.apache.ws.security.handler.WSHandlerConstants).PASSWORD_TYPE}"
value="#{T(org.apache.ws.security.WSConstants).PW_TEXT}"/>
<entry key="#{T(org.apache.ws.security.handler.WSHandlerConstants).PW_CALLBACK_REF}"
value-ref="clientKeystorePasswordCallback"/>
<entry key="#{T(org.apache.ws.security.handler.WSHandlerConstants).SIG_PROP_FILE}"
value="clientWSsec-PC165.properties"/>
<entry key="#{T(org.apache.ws.security.handler.WSHandlerConstants).ENC_PROP_FILE}"
value="clientWSsec-PC165-Srv.properties"/>
<entry key="#{T(org.apache.ws.security.handler.WSHandlerConstants).SIGNATURE_USER}"
value="clientKey"/>
<entry key="#{T(org.apache.ws.security.handler.WSHandlerConstants).ENCRYPTION_USER}"
value="serverKey"/>
</map>
</constructor-arg>
</bean>
<jaxws:endpoint id="myServiceEndpoint" implementor="#myServiceImpl" address="/myServicePath">
<jaxws:inInterceptors>
<ref bean="wss4JInInterceptor"/>
</jaxws:inInterceptors>
</jaxws:endpoint>
<bean id="myServiceImpl" class="server.MyServiceImpl"/>
</beans>页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/23130077
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号