如何在Java中将安全标头参数添加到SOAP请求

时间:2018-07-30 13:09:47

标签: java web-services soap soap-client webservices-client

默认标头为空,我必须向Soap请求添加安全标头,如下所示:

<soapenv:Envelope xmlns:end="http://endpoint.soap.esb.steg.com.tn/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soapenv:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:UsernameToken wsu:Id="UsernameToken-633D8322A7C327A0D5153295320052614">
            <wsse:Username>website</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">7MyXmdbbBuyiHQwGCAY2+NxYRH8=</wsse:Password>
            <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">sdc+Kcgj/aghCxpUCACCxQ==</wsse:Nonce>
            <wsu:Created>2018-07-30T12:20:00.526Z</wsu:Created>
        </wsse:UsernameToken></wsse:Security>    
    </soapenv:Header>
    <soapenv:Body>
        <end:consultInfoAboBT>
            <reference>00095013</reference>
        </end:consultInfoAboBT>
    </soapenv:Body>
</soapenv:Envelope>

这是我的代码

request = "<soapenv:Envelope xmlns:soapenv='http://schemas.xmlsoap.org/soap/envelope/' xmlns:end='http://endpoint.soap.esb.steg.com.tn/'>"+ "<soapenv:Header/>"+"<soapenv:Body>" + "<end:consultInfoAboBT>"
+ "<reference>"+reference+"</reference>" + "</end:consultInfoAboBT>" + "</soapenv:Body>"+ "</soapenv:Envelope>";
StringEntity param = new StringEntity(request);     
response = json.makeHttpRequestSteg(URLSWSTEG1, "POST", param, message);
Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(new StringReader(response)));

2 个答案:

答案 0 :(得分:0)

getHeader将返回带有用户名令牌的完整标题,您需要以字符串格式传递UserName,Password和created(日期和时间)。

像下面一样

       request = "<soapenv:Envelope xmlns:soapenv='http://schemas.xmlsoap.org/soap/envelope/' xmlns:end='http://endpoint.soap.esb.steg.com.tn/'>"

+ getHeader("website", "7MyXmdbbBuyiHQwGCAY2+NxYRH8=", "2018-07-30T12:20:00.526Z") +

    "<soapenv:Body>" + "<end:consultInfoAboBT>"
        + "<reference>"+reference+"</reference>" + "</end:consultInfoAboBT>" + "</soapenv:Body>"+ "</soapenv:Envelope>";
        StringEntity param = new StringEntity(request);     
        response = json.makeHttpRequestSteg(URLSWSTEG1, "POST", param, message);
        Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(new StringReader(response)));

GetHeader()函数将返回标头令牌。

  public String getHeader(String Username, String Password, String Created)
    {
        String Nonce;
        String authID = "";
        String nonceLocal = "";
        Random randGen = new Random();

        nonceLocal = "" + randGen.nextInt();

        authID = nonceLocal  + Created + Password;

        MessageDigest mDigest = null;
        try {
            mDigest = MessageDigest.getInstance("SHA1");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }

        mDigest.reset();
        byte[] digestResult = mDigest.digest(authID.getBytes());

       Password = Base64.getEncoder().encodeToString(digestResult);
       Nonce = Base64.getEncoder().encodeToString(nonceLocal.getBytes());


        return "<soapenv:Header>\n" +
                "<wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">\n" +
        "<wsse:UsernameToken wsu:Id=\"UsernameToken-633D8322A7C327A0D5153295320052614\">\n" +
            "<wsse:Username> + Username + </wsse:Username>\n" +
            "<wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest\">" + Password + "</wsse:Password>\n" +
            "<wsse:Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\">"+Nonce +"</wsse:Nonce>\n" +
            "<wsu:Created>" + Created +"</wsu:Created>\n" +
       "</wsse:UsernameToken></wsse:Security>\n" +    
    "</soapenv:Header>";
    }

答案 1 :(得分:0)

请参考以下示例。

HeaderHandlerResolver 标头类:

gst-launch-1.0 interleave name=i ! audioconvert ! wavenc ! filesink location=file.wav  filesrc location=first_audio_file.wav ! decodebin ! audioconvert ! "audio/x-raw,channels=1,channel-mask=(bitmask)0x1" ! queue ! i.sink_0   filesrc location=second_audio_file.wav ! decodebin ! audioconvert ! "audio/x-raw,channels=1,channel-mask=(bitmask)0x2" ! queue ! i.sink_1

HeaderHandler 类:

public class HeaderHandlerResolver implements HandlerResolver {
    @Override
    public List<Handler> getHandlerChain(PortInfo portInfo) {
        List handlerChain = new ArrayList();
        HeaderHandler hh = new HeaderHandler();
        handlerChain.add(hh);
        return handlerChain;
    }    
}

在SOAP Web服务客户端方法下执行以下操作。

HeaderHandlerResolver handlerResolver = new HeaderHandlerResolver(); service.setHandlerResolver(handlerResolver);

相关问题
最新问题