我在查询使用 WS-Security 的 Web 服务时遇到问题。我使用由 axis2 和实现 WS-Security 的 rampard 模块创建的代码。我认为我提出了很好的查询并得到了回复,但该回复中有一些我的客户不理解的内容。异常看起来像:
INFO [main] (?:?) - Verification successful for URI "#element-113-1282904809584-289878786"
INFO [main] (?:?) - Verification successful for URI "#timestamp"
ERROR [main] (AxisEngine.java:209) - WSHandler: Check Signature confirmation: stored SV vector not empty
org.apache.axis2.AxisFault: WSHandler: Check Signature confirmation: stored SV vector not empty
at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:92)
at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160)
...
axis2.xml 中我的 rampard 配置:
<parameter name="InflowSecurity">
<action>
<items>Signature Encrypt</items>
<passwordCallbackClass>pl.firstdata.www.wdx.business.card.PWCallback</passwordCallbackClass>
<signaturePropFile>client.properties</signaturePropFile>
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
<signatureParts>{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body</signatureParts>
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
<encryptionUser>wdx_test</encryptionUser>
</action>
</parameter>
我可以在客户端做些什么来避免出现此类异常吗?
最佳答案
我更改了axis2.xml配置文件,并添加了:
<parameter name="InflowSecurity">
<action>
...
<enableSignatureConfirmation>false</enableSignatureConfirmation>
</action>
</parameter>
现在我的客户端不需要服务器响应中的签名确认。
关于java - 轴2问题: WSHandler: Check Signature confirmation: stored SV vector not empty,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/3583502/