我有一个需要使用的 SOAP Web 服务,它使用 WS Security 和一些安全策略。
当我第一次尝试使用以下代码时:
CMAdapterService cmAdapterService = new CMAdapterService(); CMAdapter port =
cmAdapterService.getCMAdapterPort();
// Use the BindingProvider's context to set the endpoint BindingProvider bp =
(BindingProvider)port;
Optional credentials
bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "myUser");
bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "myPass");
calling the webservice method CmReturn cmReturn =
port.getPersonalData("12345"); System.out.println(cmReturn);
byte[] imageData = port.getPersonalData("123") .getPersonalData()
.getData();
使用上面的代码,我遇到了类似于 here 的策略异常。 ,只不过我的策略不是 ssl_policy,而是 ATAlwaysCapability 策略。
我尝试了上面链接中解决方案中的代码,如下所示:
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(CMAdapter.class);
factory.setAddress("http://myHost:8080/bla/CMAdapter");
CMAdapter cmAdapter = (CMAdapter) factory.create();
Client client = ClientProxy.getClient(cmAdapter);
HTTPConduit http = (HTTPConduit) client.getConduit();
http.getAuthorization().setUserName("myUser");
http.getAuthorization().setPassword("myPass");
byte[] imageData = cmAdapter.getPersonalData("12345").getPersonalData().getData();
但是,上面的代码可以在桌面 Java 应用程序中运行,但当我将其作为 Java EE 应用程序 (war) 部署在 Wildfly 上时,它不起作用。
为了使其与 Wildfly 一起工作,我添加了以下 4 个依赖项,这些依赖项提供给 Maven 的 pom.xml:
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-policy</artifactId>
<version>3.3.1</version>
<scope>provided</scope>
</dependency>
<!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-tools-common -->
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-tools-common</artifactId>
<version>3.3.1</version>
<scope>provided</scope>
</dependency>
<!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-rt-frontend-jaxws -->
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>3.3.1</version>
<scope>provided</scope>
</dependency>
<!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-rt-transports-http -->
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>3.3.1</version>
<scope>provided</scope>
</dependency>
我还像这样编辑了 webapp/WEB-INF/jboss-deployment-struct.xml:
<?xml version="1.0" encoding="ISO-8859-1"?>
<jboss-deployment-structure xmlns="urn:jboss:deployment-structure:1.2">
<deployment>
<exclude-subsystems>
</exclude-subsystems>
<dependencies>
<module name="org.jboss.ws.cxf.jbossws-cxf-client" services="import" />
<module name="org.apache.cxf.impl">
<imports>
<include path="META-INF"/>
<include path="META-INF/cxf"/>
</imports>
</module>
</dependencies>
</deployment>
</jboss-deployment-structure>
但是,当我尝试从企业 Java 应用程序调用 Web 服务时,我在与 http://myHost:8080/bla/CMAdapter 通信时收到 org.apache.cxf.transport.http.HTTPException: HTTP 响应 '401: Unauthorized'
最佳答案
我按照this SO thread解决了这个问题
我需要添加以下代码:
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
//This is the magic line. Setting this to false solved the problem
httpClientPolicy.setAllowChunking(false);
http.setClient(httpClientPolicy);
不确定它为什么有效。看来 Wildfly 正在对请求进行分块,并且由于某种原因,用户名和密码已部分发送。
关于java - 尝试从 Java EE 应用程序使用 SOAP WS 时出现 401 未经授权,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56007095/