使用CXF和Camel调用安全and服务

Question

我试图在https URL上调用SOAP SSL服务，其中需要客户端身份验证(SSL)。

现在，我正在使用spring (从蓝图中切换)配置骆驼上下文，并使用camel CXF组件创建端点，并将jetty作为传输。

我找不到这方面的好例子。也许我应该用http4代替Jetty。我试图设置一些Camel sslContextParameters，但我无法看到它与CXF和/或Jetty一起工作。

谁能给我指明正确的方向？

Answer 1

首先，如果调用SOAP服务，则需要使用camel-cxf组件，而不是camel-cxfrs。后者用于REST端点。

您说需要客户端授权，但没有指定哪种类型。考虑到您讨论了SSL，我将假设您需要同时配置SSL和HTTP。

对于SSL，请查看：https://camel.apache.org/camel-configuration-utilities.html和指南/文件/CamelCXF-SecureClient.html。

对于HTTP，请在这里查看username和password选项：https://camel.apache.org/cxf.html。

编辑：RedHat CXF安全指南6.1

Answer 2

多亏了raulk，我才能够为访问安全的webservice创建一个工作的spring配置。我使用wsdl2java (CXF)生成代码，用于为我正在调用的服务创建客户端点。

这是我的弹簧配置：

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns="http://www.springframework.org/schema/beans"
       xmlns:camel="http://camel.apache.org/schema/spring"
       xmlns:cxf="http://camel.apache.org/schema/cxf"
       xmlns:http="http://cxf.apache.org/transports/http/configuration"
       xmlns:sec="http://cxf.apache.org/configuration/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
         http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
         http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
         http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
         http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd
       ">

    <!-- My camel routes -->
    <bean id="myClientRoute" class="com.mycompany.myWebserviceClientRouteBuilder"/>

    <!-- Name of conduit must match the target namespace and service name of the @WebService identifier in the autogenerated webservice interface -->
    <http:conduit name="{targetNamespace}WebserviceName.http-conduit">
        <http:tlsClientParameters>
            <sec:keyManagers keyPassword="Test1234">
                <sec:keyStore password="Test1234" type="JKS"
                              resource="classpath:certs/myKeystore.jks" />
            </sec:keyManagers>
            <sec:trustManagers>
                <sec:keyStore password="Test1234" type="JKS"
                              resource="classpath:certs/myTruststore.jks" />
            </sec:trustManagers>
            <sec:cipherSuitesFilter>
                <sec:include>.*_WITH_3DES_.*</sec:include>
                <sec:include>.*_WITH_DES_.*</sec:include>
                <sec:exclude>.*_WITH_NULL_.*</sec:exclude>
                <sec:exclude>.*_DH_anon_.*</sec:exclude>
            </sec:cipherSuitesFilter>
        </http:tlsClientParameters>
    </http:conduit>

    <cxf:cxfEndpoint id="myRemoteWebserviceEndpoint"
                     address="{{HTTPS_ADDRESS_OF_REMOTE_WEBSERVICE_PROPERTYE}}"
                     serviceClass="com.autogenerated.ServiceClassFromWSDL">
    </cxf:cxfEndpoint>

    <camel:camelContext id="myCamelContext">
        <camel:routeBuilder ref="myClientRoute"/>
    </camel:camelContext>

</beans>

我的骆驼路线是这样的：

public void configure() throws Exception {
    from("direct:in")
            //Create SOAP request headers and body
            .bean(RequestGenrator.class, "createRequest")
            //Call webservice
            .to("cxf:bean:myRemoteWebserviceEndpoint?dataFormat=MESSAGE")
            .bean(ResponseHandler.class, "extractResponse");
}