Question

我正在测试基于CXF的网络服务

我已将以下内容添加到Soap标题中：

<soapenv:Header>
      <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <wsse:UsernameToken wsu:Id="UsernameToken-EFE11D3CEA7EFDCC4A14488809292421">
            <wsse:Username>abc</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">edfewdw</wsse:Password>
            <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">AmAK2EvHMZWobr6KBJ4nOA==</wsse:Nonce>
            <wsu:Created>2015-11-30T10:55:29.240Z</wsu:Created>
         </wsse:UsernameToken>
      </wsse:Security>
   </soapenv:Header>

但是，尽管如此，我得到了以下肥皂故障

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <soap:Body>
      <soap:Fault>
         <faultcode>soap:Client</faultcode>
         <faultstring>General security error (WSSecurityEngine: No password callback supplied)</faultstring>
      </soap:Fault>
   </soap:Body>
</soap:Envelope>

任何建议？

Answer 1

您需要在接收方定义CallbackHandler实现，以验证密码。如果您使用的是CXF，可以使用以下示例：http://cxf.apache.org/docs/ws-security.html

SoapUI密码回调

1 个答案: