无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0
Posted
技术标签:
【中文标题】无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd安全。返回故障【英文标题】:Could not handle mustUnderstand headers: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdSecurity. Returning fault无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd安全。返回故障 【发布时间】:2020-06-01 06:10:21 【问题描述】:我浏览了如下链接:SOAPFaultException "MustUnderstand headers (oasis-200401-wss-wssecurity-secext-1.0.xsd) are not understood",但仍在苦苦挣扎。
我正在使用Spring Boot v2.2.2..RELEASE and SOAP 项目。
我正在将两个不同的 WSDL 文件加载到我的项目中。一个 URL 生成到 http://localhost:8080/employee/employee-soap,它工作正常。但是http://localhost:8080/student/student-soap 这给出了以下错误。
2020-02-17 15:31:00.241 WARN 20236 --- [nio-8080-exec-5] o.s.w.soap.server.SoapMessageDispatcher:无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd安全。返回故障
Java代码:
@EnableWs
@Configuration
public class AppConfig extends WsConfigurerAdapter
@SuppressWarnings( "rawtypes", "unchecked" )
@Bean
public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext)
MessageDispatcherServlet servlet = new MessageDispatcherServlet();
servlet.setApplicationContext(applicationContext);
servlet.setTransformWsdlLocations(true);
return new ServletRegistrationBean(servlet, "/*");
@Bean
public SaajSoapMessageFactory messageFactory()
SaajSoapMessageFactory messageFactory = new SaajSoapMessageFactory();
messageFactory.setSoapVersion(SoapVersion.SOAP_11);
messageFactory.afterPropertiesSet();
return messageFactory;
@Bean("empXSD")
public XsdSchema organizationSchema()
return new SimpleXsdSchema(new ClassPathResource("/xsd/employee.xsd"));
@Bean(name = "employee")
public DefaultWsdl11Definition defaultWsdl11Definition(@Qualifier("empXSD") XsdSchema schema)
DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
wsdl11Definition.setPortTypeName("employee");
wsdl11Definition.setLocationUri("employee/employee-soap");
wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:employee");
wsdl11Definition.setSchema(schema);
wsdl11Definition.setCreateSoap11Binding(true);
return wsdl11Definition;
@Bean
@Qualifier(value="stuXSD")
public XsdSchema stuSchema()
return new SimpleXsdSchema(new ClassPathResource("/xsd/student.xsd"));
@Bean(name = "student")
public DefaultWsdl11Definition geographyWsdl11Definition(@Qualifier("stuXSD") XsdSchema schema)
DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
wsdl11Definition.setPortTypeName("student");
wsdl11Definition.setLocationUri("student-soap");
wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:student");
wsdl11Definition.setSchema(schema);
wsdl11Definition.setCreateSoap11Binding(true);
return wsdl11Definition;
@Override
public void addInterceptors(List<EndpointInterceptor> interceptors)
interceptors.add(new Interceptor(endpoints, req));
代码:
@Configuration
public class SimpleMustUnderstandEndpointInterceptor implements SoapEndpointInterceptor
private final String SAMPLE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
@Override
public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception
return true;
@Override
public boolean handleResponse(MessageContext messageContext, Object endpoint) throws Exception
return true;
@Override
public boolean handleFault(MessageContext messageContext, Object endpoint) throws Exception
return true;
@Override
public void afterCompletion(MessageContext messageContext, Object endpoint, Exception ex) throws Exception
@Override
public boolean understands(SoapHeaderElement header)
if(header.getName().getNamespaceURI().equalsIgnoreCase(SAMPLE_NS))
return true;
return false;
根据观察,看起来即使是这个 SoapEndpointInterceptor 也没有调用,在此之前只有它给出的错误。
在调用 SOAP 端点期间,下面的标头信息正在运行,并且它给出了我上面提到的错误。有什么指点吗?
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-
secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-
518482F2CDC2F635FF158202815227129"><wsse:Username>aispoc_usr1</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
username-token-profile-1.0#PasswordText">aispoc_usr1</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-
message-security-1.0#Base64Binary">/fdGCEilz/dkVeZE05b7LQ==</wsse:Nonce>
2020-02-18T12:15:52.271Z
【问题讨论】:
【参考方案1】:您可以尝试以下配置来解决问题。
@Bean
public Wss4jSecurityInterceptor securityInterceptor()
Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
security.setValidationActions("NoSecurity");
security.setValidateRequest(false);
security.setValidateResponse(true);
return security;
@Override
public void addInterceptors(List<EndpointInterceptor> interceptors)
interceptors.add(securityInterceptor());
【讨论】:
【参考方案2】:我通过查看https://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.html 和https://memorynotfound.com/spring-ws-username-password-authentication-wss4j/ 找到了解决方案。
我只是在下面使用了 bean,它开始工作正常。
@Bean
public Wss4jSecurityInterceptor securityInterceptor()
Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
security.setSecurementActions("NoSecurity");
security.setSecurementPasswordType(WSConstants.PW_TEXT);
return security;
【讨论】:
以上是关于无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0的主要内容,如果未能解决你的问题,请参考以下文章
从客户端请求中删除 Action (mustUnderstand)
任务“:cinteropAFNetworkingIOS”执行失败。 > 无法为 AFNetworking 执行 cinterop 处理:无法确定标头位置