使用Apache WSS4J / CXF使用XML转义字符修改BinarySecurityToken

Question

我正在使用基于操作的ws-security方法，因为我正在连接的WSDL不包含安全策略。拦截器和安全的代码如下。

我从服务器收到错误，表明我的二进制安全令牌不是base 64编码的。这是一个令人头疼的问题，因为它似乎是，并且表明它属于类型描述。然后我注意到一些字符被XML转义字符替换。如果我强行发送一条消息，其中这些字符被还原，服务器会响应，所以我怀疑他们在接收时没有优雅地将这些字符转换回来。

如何阻止标头转义？

以下是我用来配置客户端的代码：

    JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean( );
    factory.setServiceClass( Operations.class );
    factory.setAddress( serviceUrl );

    Map< String, Object > properties = Maps.newHashMap( );
    properties.put( "mtom-enabled", "false" );
    factory.setProperties( properties );

    outProps.put( "cryptoProperties", sig_props );

    outProps.put( WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT );
    outProps.put( WSHandlerConstants.USER, apiKeyPairAlias );
    outProps.put( WSHandlerConstants.SIG_PROP_REF_ID, "cryptoProperties" );
    outProps.put( WSHandlerConstants.ENC_PROP_REF_ID, "cryptoProperties" );
    outProps.put( WSHandlerConstants.SIG_KEY_ID, "DirectReference" );
    outProps.put( WSHandlerConstants.ENC_KEY_ID, "DirectReference" );
    outProps.put( WSHandlerConstants.SIGNATURE_USER, apiKeyPairAlias );
    outProps.put( WSHandlerConstants.ENCRYPTION_USER, apiKeyPairAlias );
    outProps.put( WSHandlerConstants.PW_CALLBACK_REF, new ClientPasswordHandler( ) );
    outProps.put( WSHandlerConstants.STORE_BYTES_IN_ATTACHMENT, "true" );
    outProps.put( WSHandlerConstants.USE_SINGLE_CERTIFICATE, "false" );

    WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor( outProps );
    factory.getOutInterceptors( ).add( wssOut );

    Map< String, Object > inProps = Maps.newHashMap( );
    inProps.put( WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE + " " + WSHandlerConstants.ENCRYPT );
    inProps.put( "cryptoProperties", sig_props );
    outProps.put( WSHandlerConstants.SIG_PROP_REF_ID, "cryptoProperties" );
    outProps.put( WSHandlerConstants.ENC_PROP_REF_ID, "cryptoProperties" );
    outProps.put( WSHandlerConstants.PW_CALLBACK_REF, new ClientPasswordHandler( ) );

    WSS4JInInterceptor wssIn = new WSS4JInInterceptor( inProps );
    factory.getInInterceptors( ).add( wssIn );