wss4j

问题 Is someone with experience in using Wss4jSecurityInterceptor able to help figuring out if we are doing something wrong regarding a SAMLCallbackHandler for supplying the assertion for the security header of a SOAP call? Specifically: org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor Context: We are building a service bus using Spring Boot + Spring Integration, which needs to be able to consume and produce requests signed with SAML, not in the context of SSO. We have picked

问题 Is someone with experience in using Wss4jSecurityInterceptor able to help figuring out if we are doing something wrong regarding a SAMLCallbackHandler for supplying the assertion for the security header of a SOAP call? Specifically: org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor Context: We are building a service bus using Spring Boot + Spring Integration, which needs to be able to consume and produce requests signed with SAML, not in the context of SSO. We have picked

问题 I am implementing a SOAP client using Spring Boot for the below configuration to connect with third party web server. Below is my WS-security outgoing configuration used with SOAPUI Client. and timestamp and username configuration is as follows I have written Wss4jSecurityInterceptor for the above configuration which is as follows. @Configuration public class Config { private static final Logger LOGGER = LoggerFactory.getLogger(Config.class); @Bean public Jaxb2Marshaller marshaller() {

问题 I am writing a Java client application that needs to sign a SOAP message (with 2 parts in it) and send it to a remote server before fetching the response. I managed to make successful calls in SoapUI (see request and screenshot below). I have most of the code ready, but I keep getting an error message from the server saying: SECU3504: Digital signature verification failure. Signature failed core validation Signature validation status: true ref[#id-32e3db92-b6fd-42a5-b032-a0dc2a15ae82]

问题 I'm using security interceptors with Apache CXF WSS4JInInterceptor . Is there any way to pass data from interceptor to webservice? I've been searching for that in WebServiceContext but I can't find it. 回答1: You can use the CXF Exchange Map to store arbitrary key/value pairs. The Exchange is available to both input and output messages. In your interceptor, add the object to the Exchange, e.g. Object value = ...; message.getExchange().put("key", value); Within your service, you can use

问题 I have the luck to migrate a large monolithic system from Java7 and Scala 2.10 to Java8 and Scala 2.11. So far so good. The application is using SpringSecurity. After updating the spring libraries to the newest one we faced a null pointer exception thrown in Wss4jSecurityInterceptor in the validateMessage method here: if (validationActionsVector.contains(WSConstants.NO_SECURITY)) { return; } The exception occurs during running a test. However, before I post here tons of code (test

问题 trying to use the cxf+wss4j using maven. Created both the service and client without any compilation issues. The service runs fine in tomcat. Issue: When I run the client code, I get "java.lang.NoSuchMethodError: org.apache.xml.security.utils.I18n.init(Ljava/util/ResourceBundle;)V". This class is in xmlsec jar which comes along with cxf distribution. pom.xml for service project: <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi

问题 trying to use the cxf+wss4j using maven. Created both the service and client without any compilation issues. The service runs fine in tomcat. Issue: When I run the client code, I get "java.lang.NoSuchMethodError: org.apache.xml.security.utils.I18n.init(Ljava/util/ResourceBundle;)V". This class is in xmlsec jar which comes along with cxf distribution. pom.xml for service project: <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi

问题 I am using below configuration, for PayloadRootQNameEndpointMapping with Wss4jSecurityInterceptor <bean id="endpointMapping" class="org.springframework.ws.server.endpoint.mapping.PayloadRootQNameEndpointMapping"> <property name="mappings"> <props> <prop key="{http://com/clickandbuy/mywebservice/}employeeById_Request">serviceEndPoint</prop> <prop key="{http://com/clickandbuy/mywebservice/}employeeByFile_Request">serviceEndPoint</prop> <prop key="{http://com/clickandbuy/mywebservice/

问题 I want to generate "UsernameToken-28FE7B32CCC1AB2B22141113557641136"> in Java in order to send a request to a SOAP web service. Using SoapUI and the request is easy, because it will autogenerate, but how can i do this in java? I am currently sending the request from an external file, how can i do this from Java and autogenerate the UsernameToken? Here is my code: public class SampleHttpClient { public static String invokeWebService(String webServiceURL, String requestXMLPath) throws