问题描述
我正在努力找出问题出在我身上。我需要解密来自客户端的请求。密钥库应该是正确的,因为我已经在spring WS上进行了测试,并且可以正常工作(但是由于soapAction不能在标题中提供,所以我无法使用spring WS。
这是我的WSS4JStaxInInterceptor:
@Bean
public WSS4JStaxInInterceptor wss4JStaxInInterceptor() throws Exception {
Properties properties;
Crypto crypto = CryptoFactory.getInstance(wss4jInProperties());
WSSSecurityProperties inProperties = new WSSSecurityProperties();
inProperties.addAction(WSSConstants.SIGNATURE);
inProperties.addAction(WSSConstants.TIMESTAMP);
inProperties.setSoap12(true);
inProperties.addAction(WSSConstants.ENCRYPTION);
inProperties.setEncryptionUser("xxxx");
Key privateKey = crypto.getPrivateKey(keystoreAlias,"xxx_passwordo");
inProperties.setDecryptionKey(privateKey);
inProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("softnet_keystore.jks"),"xxxt_keystore_passwordo".tochararray());
inProperties.setSignatureUser("cdb");
Crypto crypto1 = CryptoFactory.getInstance(wss4jInProperties());
crypto1.setDefaultX509Identifier("softnet");
inProperties.setDecryptionCrypto(crypto1);
inProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("softnet_keystore.jks"),"xxx_keystore_passwordo".tochararray());
inProperties.setDecryptionCrypto(crypto);
inProperties.setCallbackHandler(new ClientKeystorePasswordENCallback());
WSS4JStaxInInterceptor wss4JStaxInInterceptor = new WSS4JStaxInInterceptor(inProperties);
return wss4JStaxInInterceptor;
}
和我的回叫:
public class ClientKeystorePasswordENCallback implements CallbackHandler {
private Map<String,String> passwords =
new HashMap<String,String>();
public ClientKeystorePasswordENCallback() {
passwords.put("softnet","xxx_passwordo");
}
public void handle(Callback[] callbacks) throws IOException,UnsupportedCallbackException {
System.out.println("tessss");
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pc.getUsage() == WSPasswordCallback.DECRYPT){
System.out.println("DECRPYT");
pc.setPassword("xxx_passwordo");
}
System.out.println("passowrd: " + pass);
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}
}
我还要附加我的端点:
@Bean 公共端点endpoint(){
EndpointImpl endpoint = new EndpointImpl(springBus(),new HelloImpl(),SOAPBinding.soAP12HTTP_BINDING);
SOAPBinding.soAP12HTTP_BINDING);
endpoint.publish("/PortingNotification_WS");
Map<String,Object> properties = new HashMap<>();
properties.put("faultStackTraceEnabled",Boolean.TRUE);
properties.put("exceptionMessageCauseEnabled",Boolean.TRUE);
endpoint.setProperties(properties);
endpoint.getininterceptors().add(abstractPhaseInterceptor());
try{
endpoint.getininterceptors().add(wss4JStaxInInterceptor()); //wss4JStaxInInterceptor
}catch (Exception e){
System.out.print("Error getting interceptro: " + e);
}
return endpoint;
}
这是我的错误:
020-11-04 10:20:05.431信息17700 --- [main] s.softnet.mk.softnet.softnetApplication:在7.951秒内启动SoftnetApplication(JVM运行8.823) 必须了解 2020-11-04 10:20:06.988信息17700-[nio-9010-exec-1] org.ehcache.core.EhcacheManager:缓存在EhcacheManager中创建的'ws-security.timestamp.cache.instance-2067294935'。 2020-11-04 10:20:07.222信息17700-[nio-9010-exec-1] org.ehcache.core.EhcacheManager:缓存'org.apache.cxf.ws.security.tokenstore.TokenStore-2067294935'在EhcacheManager中创建。 苔丝 解密 passowrd:softnet_passwordo 2020-11-04 10:20:07.437 WARN 17700-[nio-9010-exec-1] oacxf.phase.PhaseInterceptorChain:{http://operator.services.np.aek.seavus.com/的拦截器} HelloImplService引发了异常,请立即解决
org.apache.cxf.binding.soap.soapFault:读取XMLStreamReader时出错:org.apache.wss4j.common.ext.WSSecurityException:验证消息时遇到安全错误 在org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor.handleMessage(StartBodyInterceptor.java:67)〜[cxf-rt-bindings-soap-3.4.0.jar:3.4.0] 在org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor.handleMessage(StartBodyInterceptor.java:38)〜[cxf-rt-bindings-soap-3.4.0.jar:3.4.0] 在org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)〜[cxf-core-3.4.0.jar:3.4.0] 在org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)〜[cxf-core-3.4.0.jar:3.4.0] 在org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)〜[cxf-rt-transports-http-3.4.0.jar:3.4.0] 在org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)〜[cxf-rt-transports-http-3.4.0.jar:3.4.0] 在org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)〜[cxf-rt-transports-http-3.4.0.jar:3.4.0] 在org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)〜[cxf-rt-transports-http-3.4.0.jar:3.4.0] 在org.apache.cxf.transport.servlet.CXFNonspringServlet.invoke(CXFNonspringServlet.java:225)〜[cxf-rt-transports-http-3.4.0.jar:3.4.0] 在org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:296)〜[cxf-rt-transports-http-3.4.0.jar:3.4.0] 在org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:215)〜[cxf-rt-transports-http-3.4.0.jar:3.4.0] 在javax.servlet.http.HttpServlet.service(HttpServlet.java:652)〜[tomcat-embed-core-9.0.38.jar:4.0.FR] 在org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:271)〜[cxf-rt-transports-http-3.4.0.jar:3.4.0] 在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)〜[tomcat-embed-websocket-9.0.38.jar:9.0.38] 在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)〜[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)〜[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)〜[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)〜[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)〜[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)〜[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE] 在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.coyote.AbstractProtocol $ ConnectionHandler.process(AbstractProtocol.java:868)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.tomcat.util.net.NioEndpoint $ SocketProcessor.doRun(NioEndpoint.java:1590)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在org.apache.tomcat.util.net.socketProcessorBase.run(SocketProcessorBase.java:49)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在java.base / java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)〜[na:na] 在java.base / java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:628)〜[na:na] 在org.apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61)〜[tomcat-embed-core-9.0.38.jar:9.0.38] 在java.base / java.lang.Thread.run(Thread.java:834)〜[na:na] 引起原因:javax.xml.stream.XMLStreamException:org.apache.wss4j.common.ext.WSSecurityException:验证消息时遇到安全错误 在org.apache.wss4j.stax.impl.WSSecurityStreamReader.next(WSSecurityStreamReader.java:56)〜[wss4j-ws-security-stax-2.3.0.jar:2.3.0] 在org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor.handleMessage(StartBodyInterceptor.java:60)〜[cxf-rt-bindings-soap-3.4.0.jar:3.4.0] ...省略了45个通用框架 由以下原因引起:org.apache.wss4j.common.ext.WSSecurityException:验证消息时遇到安全错误 ...省略了47个共同的框架
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)