我想用JUnit和ApacheCXF编写一个简单的集成测试来测试一些支持WS-Security的服务。
MyService myService = new myWsService(MY_SERVICE_WSDL).getMyWs()
Client client = ClientProxy.getClient(myService);
Map<String, Object> ctx = ((BindingProvider) myService).getRequestContext();
ctx.put("ws-security.callback-handler", new KeystorePasswordCallback());
ctx.put("ws-security.signature.crypto", new MyMerlinImpl());
其中MyMerlinImpl只是在被重写loadProperties
方法中传递所需Merln.* 属性值,
我得到:
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InitiatorToken registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}WssX509V1Token11 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequireIssuerSerialReference registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RecipientToken registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AlgorithmSuite registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Basic256Sha256 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InclusiveC14N registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Layout registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Strict registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}OnlySignEntireHeadersAndBody registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Wss11 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}MustSupportRefIssuerSerial registered.
org.apache.cxf.ws.policy.PolicyException: None of the policy alternatives can be satisfied.
我做错了什么?这些似乎是相当标准的策略...事实上,我在一个JBoss EAP 6. 1 WS客户端上使用了相同的代码,它运行得很好。
6条答案
按热度按时间dsf9zpds1#
类路径上是否有cxf-rt-ws-security jar?
科尔姆
ui7jx7zq2#
Chetan给出的答案是有效的,但是,如果多个策略出现错误,则需要将它们添加到一个集中
This link explains the solution in detail
kfgdxczn3#
我自己的两分钱:在我自己特殊场景(JAX-WS、WS-Security、WS-SecurityPolicy)中,在执行client.getConduit()时会发生此错误,如下所示:
上述代码运行时没有引发任何异常(尽管我后来遇到了其他问题),当使用Apache CXF 2.7.18时-我在升级到Apache CXF 3.0.16时开始遇到Assert构建器的问题。现在cxt-rt-ws-security JAR在类路径上,但似乎这个版本的CXF中的WSS 4J被拆分成了多个JAR,因此我必须将wss 4j-policy JAR从CXF下载包包含到类路径中。
错误保持不变,但至少声明生成器中的一长串警告消失了(No assertion builder for type T registered),现在被替换为:
13:45:55,723警告WSSecurityPolicyLoader,main:112 -无法加载或注册与WS-SecurityPolicy相关的类。请检查Apache WSS 4J(的正确版本)是否位于类路径中:处理程序/WSH处理程序
13:45:55,753警告WSSecurityPolicyLoader,main:112 -无法加载或注册与WS-SecurityPolicy相关的类。请检查Apache WSS 4J(的正确版本)是否位于类路径中:基于策略的WSS 4JIn拦截器
长话短说,我收到了其他警告(我通过在CXF包的lib目录中执行盲grep来查找JAR,并逐个包含它们),
并最终包括所有wss 4j-*.jar文件
对getConduit()的调用现在至少通过了。
pbgvytdp4#
如果您使用的是Sping Boot ,则可以按如下方式禁用策略检查:
toiithl65#
最后通过添加WSS4JOutInterceptor解决了这个问题。似乎在JBoss中这个拦截器是自动添加的...
rwqw0loc6#
如果WSDL文件中定义的策略是非标准的,那么CXF将无法解析它。因此出现错误。
有两种方法-您可以忽略它(如果可以忽略的话)或提供一个备用提供程序。
若要忽略-请建立IgnorablePolicyInterceptorProvider的执行严修并注册它。
下面是忽略WSDL中定义的NtlmAuthentication策略的示例。注意:NtlmAuthentication的行程方式应该与设定soap信头的方式不同。