Could not handle mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. Returning fault

醉酒当歌 提交于 2020-03-09 04:44:56

问题


I went through links like: SOAPFaultException "MustUnderstand headers (oasis-200401-wss-wssecurity-secext-1.0.xsd) are not understood", but still struggling.

I'm using Spring Boot v2.2.2..RELEASE and SOAP project.

I am loading two different WSDL file into my project. One URL Generates to http://localhost:8080/employee/employee-soap which works fine. But http://localhost:8080/student/student-soap this gives below error.

2020-02-17 15:31:00.241 WARN 20236 --- [nio-8080-exec-5] o.s.w.soap.server.SoapMessageDispatcher : Could not handle mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. Returning fault

JavaCode:

@EnableWs
@Configuration
public class AppConfig extends WsConfigurerAdapter {

    @SuppressWarnings({ "rawtypes", "unchecked" })
    @Bean
    public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext) {
        MessageDispatcherServlet servlet = new MessageDispatcherServlet();
        servlet.setApplicationContext(applicationContext);
        servlet.setTransformWsdlLocations(true);
        return new ServletRegistrationBean(servlet, "/*");
    }

    @Bean
    public SaajSoapMessageFactory messageFactory() {
        SaajSoapMessageFactory messageFactory = new SaajSoapMessageFactory();
        messageFactory.setSoapVersion(SoapVersion.SOAP_11);
        messageFactory.afterPropertiesSet();
        return messageFactory;
    }

    @Bean("empXSD")
    public XsdSchema organizationSchema() {
        return new SimpleXsdSchema(new ClassPathResource("/xsd/employee.xsd"));
    }


    @Bean(name = "employee")
    public DefaultWsdl11Definition defaultWsdl11Definition(@Qualifier("empXSD") XsdSchema schema) {
        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
        wsdl11Definition.setPortTypeName("employee");
        wsdl11Definition.setLocationUri("employee/employee-soap");
        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:employee");
        wsdl11Definition.setSchema(schema);
        wsdl11Definition.setCreateSoap11Binding(true);
        return wsdl11Definition;
    }

    @Bean
    @Qualifier(value="stuXSD")
    public XsdSchema stuSchema() {
        return new SimpleXsdSchema(new ClassPathResource("/xsd/student.xsd"));
    }

    @Bean(name = "student")
    public DefaultWsdl11Definition geographyWsdl11Definition(@Qualifier("stuXSD") XsdSchema schema) {
        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
        wsdl11Definition.setPortTypeName("student");
        wsdl11Definition.setLocationUri("student-soap");
        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:student");
        wsdl11Definition.setSchema(schema);
        wsdl11Definition.setCreateSoap11Binding(true);
        return wsdl11Definition;
    }


    @Override
    public void addInterceptors(List<EndpointInterceptor> interceptors) {
        interceptors.add(new Interceptor(endpoints, req));
    }
}

Code:

@Configuration
public class SimpleMustUnderstandEndpointInterceptor implements SoapEndpointInterceptor{
    private final String SAMPLE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

    @Override
    public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception {
        return true;
    }

    @Override
    public boolean handleResponse(MessageContext messageContext, Object endpoint) throws Exception {
        return true;
    }

    @Override
    public boolean handleFault(MessageContext messageContext, Object endpoint) throws Exception {
        return true;
    }

    @Override
    public void afterCompletion(MessageContext messageContext, Object endpoint, Exception ex) throws Exception {

    }

    @Override
    public boolean understands(SoapHeaderElement header) {
        if(header.getName().getNamespaceURI().equalsIgnoreCase(SAMPLE_NS)) {
            return true;
        }
        return false;
    }

}

Per observation, looks like even this SoapEndpointInterceptor is not calling, before to that only its giving error.

During calling SOAP endpoint, below header information is going and its giving Fault as I mentioned above. Any pointers ?

<soapenv:Header><wsse:Security soapenv:mustUnderstand="1" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity- 
secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401- 
wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken- 
518482F2CDC2F635FF158202815227129"><wsse:Username>aispoc_usr1</wsse:Username> 
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- 
username-token-profile-1.0#PasswordText">aispoc_usr1</wsse:Password><wsse:Nonce 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap- 
message-security-1.0#Base64Binary">/fdGCEilz/dkVeZE05b7LQ==</wsse:Nonce> 

2020-02-18T12:15:52.271Z


回答1:


I was able to find the solution looking at https://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.html and https://memorynotfound.com/spring-ws-username-password-authentication-wss4j/.

I simply used below bean and its started working fine.

@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
  Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
  security.setSecurementActions("NoSecurity");
  security.setSecurementPasswordType(WSConstants.PW_TEXT);
  return security;
}


来源:https://stackoverflow.com/questions/60260277/could-not-handle-mustunderstand-headers-http-docs-oasis-open-org-wss-2004-01

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!