无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0

Posted

技术标签:

【中文标题】无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd安全。返回故障【英文标题】:Could not handle mustUnderstand headers: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdSecurity. Returning fault无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd安全。返回故障 【发布时间】:2020-06-01 06:10:21 【问题描述】:

我浏览了如下链接:SOAPFaultException "MustUnderstand headers (oasis-200401-wss-wssecurity-secext-1.0.xsd) are not understood",但仍在苦苦挣扎。

我正在使用Spring Boot v2.2.2..RELEASE and SOAP 项目。

我正在将两个不同的 WSDL 文件加载到我的项目中。一个 URL 生成到 http://localhost:8080/employee/employee-soap,它工作正常。但是http://localhost:8080/student/student-soap 这给出了以下错误。

2020-02-17 15:31:00.241 WARN 20236 --- [nio-8080-exec-5] o.s.w.soap.server.SoapMessageDispatcher:无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd安全。返回故障

Java代码:

@EnableWs
@Configuration
public class AppConfig extends WsConfigurerAdapter 

    @SuppressWarnings( "rawtypes", "unchecked" )
    @Bean
    public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext) 
        MessageDispatcherServlet servlet = new MessageDispatcherServlet();
        servlet.setApplicationContext(applicationContext);
        servlet.setTransformWsdlLocations(true);
        return new ServletRegistrationBean(servlet, "/*");
    

    @Bean
    public SaajSoapMessageFactory messageFactory() 
        SaajSoapMessageFactory messageFactory = new SaajSoapMessageFactory();
        messageFactory.setSoapVersion(SoapVersion.SOAP_11);
        messageFactory.afterPropertiesSet();
        return messageFactory;
    

    @Bean("empXSD")
    public XsdSchema organizationSchema() 
        return new SimpleXsdSchema(new ClassPathResource("/xsd/employee.xsd"));
    


    @Bean(name = "employee")
    public DefaultWsdl11Definition defaultWsdl11Definition(@Qualifier("empXSD") XsdSchema schema) 
        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
        wsdl11Definition.setPortTypeName("employee");
        wsdl11Definition.setLocationUri("employee/employee-soap");
        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:employee");
        wsdl11Definition.setSchema(schema);
        wsdl11Definition.setCreateSoap11Binding(true);
        return wsdl11Definition;
    

    @Bean
    @Qualifier(value="stuXSD")
    public XsdSchema stuSchema() 
        return new SimpleXsdSchema(new ClassPathResource("/xsd/student.xsd"));
    

    @Bean(name = "student")
    public DefaultWsdl11Definition geographyWsdl11Definition(@Qualifier("stuXSD") XsdSchema schema) 
        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
        wsdl11Definition.setPortTypeName("student");
        wsdl11Definition.setLocationUri("student-soap");
        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:student");
        wsdl11Definition.setSchema(schema);
        wsdl11Definition.setCreateSoap11Binding(true);
        return wsdl11Definition;
    


    @Override
    public void addInterceptors(List<EndpointInterceptor> interceptors) 
        interceptors.add(new Interceptor(endpoints, req));
    

代码:

@Configuration
public class SimpleMustUnderstandEndpointInterceptor implements SoapEndpointInterceptor
    private final String SAMPLE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

    @Override
    public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception 
        return true;
    

    @Override
    public boolean handleResponse(MessageContext messageContext, Object endpoint) throws Exception 
        return true;
    

    @Override
    public boolean handleFault(MessageContext messageContext, Object endpoint) throws Exception 
        return true;
    

    @Override
    public void afterCompletion(MessageContext messageContext, Object endpoint, Exception ex) throws Exception 

    

    @Override
    public boolean understands(SoapHeaderElement header) 
        if(header.getName().getNamespaceURI().equalsIgnoreCase(SAMPLE_NS)) 
            return true;
        
        return false;
    


根据观察,看起来即使是这个 SoapEndpointInterceptor 也没有调用,在此之前只有它给出的错误。

在调用 SOAP 端点期间,下面的标头信息正在运行,并且它给出了我上面提到的错误。有什么指点吗?

<soapenv:Header><wsse:Security soapenv:mustUnderstand="1" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity- 
secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401- 
wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken- 
518482F2CDC2F635FF158202815227129"><wsse:Username>aispoc_usr1</wsse:Username> 
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- 
username-token-profile-1.0#PasswordText">aispoc_usr1</wsse:Password><wsse:Nonce 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap- 
message-security-1.0#Base64Binary">/fdGCEilz/dkVeZE05b7LQ==</wsse:Nonce> 

2020-02-18T12:15:52.271Z

【问题讨论】:

【参考方案1】:

您可以尝试以下配置来解决问题。

@Bean
public Wss4jSecurityInterceptor securityInterceptor() 
    Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
    security.setValidationActions("NoSecurity");
    security.setValidateRequest(false);
    security.setValidateResponse(true);
    return security;


@Override
public void addInterceptors(List<EndpointInterceptor> interceptors) 
    interceptors.add(securityInterceptor());

【讨论】:

【参考方案2】:

我通过查看https://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.html 和https://memorynotfound.com/spring-ws-username-password-authentication-wss4j/ 找到了解决方案。

我只是在下面使用了 bean,它开始工作正常。

@Bean
public Wss4jSecurityInterceptor securityInterceptor() 
  Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
  security.setSecurementActions("NoSecurity");
  security.setSecurementPasswordType(WSConstants.PW_TEXT);
  return security;

【讨论】:

以上是关于无法处理 mustUnderstand 标头:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0的主要内容,如果未能解决你的问题,请参考以下文章

SOAP Header中的mustUnderstand属性

从客户端请求中删除 Action (mustUnderstand)

任务“:cinteropAFNetworkingIOS”执行失败。 > 无法为 AFNetworking 执行 cinterop 处理:无法确定标头位置

使用 jest 时 axios mock 无法处理默认标头

WCF 错误 - 安全处理器无法在消息中找到安全标头

在PHP中使用文字xml的SOAP