当我只有 wsdl 时,如何处理 WS-Security?

发布于 2024-10-01 21:56:32 字数 431 浏览 4 评论 0原文

我正在尝试开发一个独立的客户端应用程序,该应用程序使用 Glassfish 容器(Metro)中的 Web 服务。我所要做的就是为我尝试使用的服务提供一个 wsdl。 wsdl 中充满了各种“wsp:Policy”标签。看起来IssuedToken、Trust13、加密都被利用了。 所以我从 netbeans 和 JAX-WS 生成了一些代码。一切都很顺利,但是当尝试运行客户端时,我得到: 'WST0029:无法从 IssuedToken 或用于访问服务的客户端配置获取 STS 位置 http://localhost:8080/ ....'

就在那时我突然意识到我对 WSS 一无所知。看起来没有生成任何代码来处理安全性。所以,我必须从头开始。 那么从哪里开始呢?图书?教程?

TIA

I'm trying to develop a stand-alone client app that uses web services in a Glassfish container (Metro). About all I have to work from is a wsdl for the wervices I'm trying to use. The wsdl is rife with all kinds of 'wsp:Policy' tags. Looks like IssuedToken, Trust13, ecryption are all utilized.
So I generated some code from netbeans and JAX-WS. Everything went well, but when trying to run the client I get:
'WST0029:STS location could not be obtained from either IssuedToken or from client configuration for accessing the service http://localhost:8080/ ....'

That's when it occured to me that I know nothing about WSS. It doesn't look like any code was generated to deal with security. So, I'll have to go from scratch.
So where to start? Books? Tutorials?

TIA

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

桃气十足 2024-10-08 21:56:32

Metro 在运行时从 WSDL 或 wsit-client.xml 配置文件应用策略。这就是为什么没有生成与策略相关的代码的原因。根据 这篇文章目前无法以编程方式完成。

本教程很好地解释了您可以使用 WSS 执行的一些操作,尽管一切都可以可能不适用于这种情况,但仍然值得一读。

我发现生成支持 WSS 的客户端的最简单方法是使用 Metro 中的 wsimport 脚本:

cd metro/bin/
mkdir src target
./wsimport.sh -s src -d target -extension -Xendorsed -verbose YourService.wsdl

然后将 Metro 安装到应用程序服务器中(将库复制到正确的位置或运行 ant 脚本) ):

ant -f metro-on-glassfish.xml

然后将本地 WSDL 文件放入您的类路径(例如您的资源文件夹)中,以便 Metro 可以在运行时获取它以应用生成的 YourService 类中的策略:

private final static URL YOURSERVICE_WSDL_LOCATION;

// This is enough, you don't need the wsdlLocation attribute 
// on the @WebServiceClient annotation if you have this.
static {
    YOURSERVICE_WSDL_LOCATION =
        CustomerService.class.getClassLoader().getResource("YourService.wsdl");
}

public YourService() {
    super(YOURSERVICE_WSDL_LOCATION, 
            new QName("http://tempuri.org/", "YourService"));
}

如果您想要 WS-Addressing 您可能需要手动将该功能添加到您的绑定方法中(Metro 从未为我生成过它) ,所以我总是必须自己添加)。

@WebEndpoint(name = "WSHttpBinding_IYourService")
public IYourService getWSHttpBindingIYourService() {
    WebServiceFeature wsAddressing = new AddressingFeature(true);

    IYourService service =
        super.getPort(new QName("http://xmlns.example.com/services/Your",
                "WSHttpBinding_IYourService"), IYourService.class, 
                wsAddressing);

    return service;
}

Metro applies the policy in runtime from either the WSDL or the wsit-client.xml config file. That's why no code is generated related to policies. According to this post it is not possible at the moment to do programatically.

This tutorial explains pretty well some of the things you can do with WSS, and though everything do probably not apply in this case it's still a good read.

The simplest way I've found of generating a client with WSS support is by using the wsimport script from Metro:

cd metro/bin/
mkdir src target
./wsimport.sh -s src -d target -extension -Xendorsed -verbose YourService.wsdl

Then install Metro into your application server (copy the libs to the correct places or run the ant script):

ant -f metro-on-glassfish.xml

Then put your local WSDL file in your classpath (e.g. your resource folder), so Metro can get it at runtime to apply the policies from your generated YourService class:

private final static URL YOURSERVICE_WSDL_LOCATION;

// This is enough, you don't need the wsdlLocation attribute 
// on the @WebServiceClient annotation if you have this.
static {
    YOURSERVICE_WSDL_LOCATION =
        CustomerService.class.getClassLoader().getResource("YourService.wsdl");
}

public YourService() {
    super(YOURSERVICE_WSDL_LOCATION, 
            new QName("http://tempuri.org/", "YourService"));
}

And if you want WS-Addressing you might need to add the feature manually to your binding method (Metro has never generated it for me, so I always have to add it myself).

@WebEndpoint(name = "WSHttpBinding_IYourService")
public IYourService getWSHttpBindingIYourService() {
    WebServiceFeature wsAddressing = new AddressingFeature(true);

    IYourService service =
        super.getPort(new QName("http://xmlns.example.com/services/Your",
                "WSHttpBinding_IYourService"), IYourService.class, 
                wsAddressing);

    return service;
}
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文