在 Web 服务调用上传递 LPTA 令牌不起作用
我有一个使用 j2ee 安全性的 j2ee Web 应用程序,因此用户的身份从 WebSEAL 传播到在 WAS7 中运行的应用程序。我现在尝试进行 SOAP Web 服务调用并在该 Web 服务调用中传播用户身份。为此,我使用 WSSubject 调用获取 LTPA (WSCredential) 和 LPTA2 (SingleSignOnToken),并将它们附加到使用的 Web 服务调用。
bp.getRequestContext().put(Constants.REQUEST_TRANSPORT_PROPERTIES,sendTransportHeaders);
其中 bp 是我的 BindingProvider。这一切都应该有效。但是当我进行网络服务调用时,我得到了这个异常。
Cause =java.io.IOException: Unable to deserialize the Subjects in this Context
我查看了 LTPA 令牌中的字段,一切似乎都是正确的(令牌和我调用的 j2ee 安全领域 Web 服务之间的领域相同,令牌是可转发的,等等),并且我在网上找不到太多有关此错误的信息,除了(这似乎是一个不相关的)尝试将其传递到 EJB 的情况以及领域不匹配的情况。
有什么想法吗?谢谢。
I've got a j2ee web application using j2ee security, so the identity of the user is propagated from WebSEAL to the application, running in WAS7. I'm now trying to make a SOAP webservices call and propogate the user identity in that webservices call. To do this, I grab the LTPA (WSCredential) and LPTA2 (SingleSignOnToken) using the WSSubject calls and attach them to the webservices call using.
bp.getRequestContext().put(Constants.REQUEST_TRANSPORT_PROPERTIES,sendTransportHeaders);
where bp is my BindingProvider. This all should work. But when I make a webservices call, I get back this exception.
Cause =java.io.IOException: Unable to deserialize the Subjects in this Context
I looked at the fields within the LTPA token and all seems right (same realm between the token and the j2ee security realm webservice I'm calling, the token is forwardable, etc), and I cannot find much about this error online, except for (what seems to be an unrelated) case when trying to pass it into the EJB and one case where the realms don't match.
Any ideas? Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您能清楚地说明您想在这里做什么吗?
您应该能够仅通过配置透明地传递 LTPA 令牌,而不是尝试编写一些代码来实现相同的目的。
Web 应用程序对另一个 WebSphere 服务器进行 Web 服务调用。
快速阅读一下。
http://www.ibm.com/developerworks/websphere/techjournal/0607_desprets /0607_desprets.html
WAS7 中的东西应该与 WAS V6 非常相似。
HTH
曼格鲁
Can you state clearly as to what you are trying to do here?
You should be able to pass the LTPA tokens across transparently with just configuration instead of trying to write some code to achieve the same.
The Web Applications making the Web Service calls to another WebSphere server.
have a quick read at this.
http://www.ibm.com/developerworks/websphere/techjournal/0607_desprets/0607_desprets.html
Things in WAS7 should be very similar to WAS V6.
HTH
Manglu
@jeffsix:您是否正在尝试从一台 websphere 服务器中运行的应用程序向另一台 websphere 服务器中运行的应用程序进行 web 服务调用?确保两台服务器上的 LTPA 密钥相同。
@jeffsix: are you trying to make a webservice call from application running in one websphere server to another application in another websphere server? Make sure LTPA keys are same on both server.