英文:
Spring WS interceptor error - WSHandler: application provided null or empty password
问题
以下是您提供的内容的翻译:
我必须配置拦截器,以便在使用Spring WS的SOAP应用程序中使用Signature Timestamp操作。我使用已配置了签名的SOAP-UI项目进行请求。
为此,我在自定义配置文件中有以下bean:
@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
try {
Properties prop = new Properties();
prop.load(new FileInputStream(new File("F:/Develop/ODEC/CAECV/miscelanea/keystore.properties")));
CryptoFactoryBean cryptoFactoryBean = new CryptoFactoryBean();
cryptoFactoryBean.setConfiguration(prop);
cryptoFactoryBean.afterPropertiesSet();
Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
interceptor.setSecurementActions("Signature Timestamp");
interceptor.setSecurementSignatureUser("gestiona");
interceptor.setSecurementSignatureKeyIdentifier("DirectReference");
interceptor.setSecurementSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
interceptor.setSecurementSignatureParts("{Content}{" + InformeControlEndpoint.NAMESPACE_URI + "}getInformeControlResponse");
interceptor.setValidationSignatureCrypto(cryptoFactoryBean.getObject());
interceptor.setSecurementSignatureCrypto(cryptoFactoryBean.getObject());
interceptor.afterPropertiesSet();
return interceptor;
} catch(Exception e) {
throw new RuntimeException("Error en la configuración del interceptor");
}
}
@Override
public void addInterceptors(List<EndpointInterceptor> interceptors) {
try {
interceptors.add(securityInterceptor());
} catch (Exception e) {
throw new RuntimeException("could not initialize security interceptor");
}
}
当我发出请求时,抛出的错误是:
2020-05-05 09:52:49.107 ERROR 27228 --- [nio-8080-exec-1] o.s.w.s.s.w.Wss4jSecurityInterceptor : Could not secure response: WSHandler: application provided null or empty password; nested exception is org.apache.wss4j.common.ext.WSSecurityException: WSHandler: application provided null or empty password
org.springframework.ws.soap.security.wss4j2.Wss4jSecuritySecurementException: WSHandler: application provided null or empty password; nested exception is org.apache.wss4j.common.ext.WSSecurityException: WSHandler: application provided null or empty password
at org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor.secureMessage(Wss4jSecurityInterceptor.java:577) ~[spring-ws-security-3.0.8.RELEASE.jar:na]
...
Caused by: org.apache.wss4j.common.ext.WSSecurityException: WSHandler: application provided null or empty password
...
感谢您的帮助 
英文:
I have to configure the interceptor to use Signature Timestamp actions for an SOAP application using Spring WS.
I do the request with SOAP-UI with a configured project with the signature.
For that i have this beans in a custom config file:
@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
try {
Properties prop = new Properties();
prop.load(new FileInputStream(new File("F:/Develop/ODEC/CAECV/miscelanea/keystore.properties")));
CryptoFactoryBean cryptoFactoryBean = new CryptoFactoryBean();
cryptoFactoryBean.setConfiguration(prop);
cryptoFactoryBean.afterPropertiesSet();
Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
interceptor.setSecurementActions("Signature Timestamp");
interceptor.setSecurementSignatureUser("gestiona");
interceptor.setSecurementSignatureKeyIdentifier("DirectReference");
interceptor.setSecurementSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
interceptor.setSecurementSignatureParts("{Content}{"+InformeControlEndpoint.NAMESPACE_URI+"}getInformeControlResponse");
interceptor.setValidationSignatureCrypto(cryptoFactoryBean.getObject());
interceptor.setSecurementSignatureCrypto(cryptoFactoryBean.getObject());
interceptor.afterPropertiesSet();
return interceptor;
} catch(Exception e) {
throw new RuntimeException("Error en la configuración del interceptor");
}
}
@Override
public void addInterceptors(List<EndpointInterceptor> interceptors) {
try {
interceptors.add(securityInterceptor());
} catch (Exception e) {
throw new RuntimeException("could not initialize security interceptor");
}
}
And the error throwed when i do a request is that:
2020-05-05 09:52:49.107 ERROR 27228 --- [nio-8080-exec-1] o.s.w.s.s.w.Wss4jSecurityInterceptor : Could not secure response: WSHandler: application provided null or empty password; nested exception is org.apache.wss4j.common.ext.WSSecurityException: WSHandler: application provided null or empty password
org.springframework.ws.soap.security.wss4j2.Wss4jSecuritySecurementException: WSHandler: application provided null or empty password; nested exception is org.apache.wss4j.common.ext.WSSecurityException: WSHandler: application provided null or empty password
at org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor.secureMessage(Wss4jSecurityInterceptor.java:577) ~[spring-ws-security-3.0.8.RELEASE.jar:na]
at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleResponse(AbstractWsSecurityInterceptor.java:157) ~[spring-ws-security-3.0.8.RELEASE.jar:na]
at org.springframework.ws.server.MessageDispatcher.triggerHandleResponse(MessageDispatcher.java:371) [spring-ws-core-3.0.8.RELEASE.jar:na]
at org.springframework.ws.server.MessageDispatcher.dispatch(MessageDispatcher.java:239) [spring-ws-core-3.0.8.RELEASE.jar:na]
at org.springframework.ws.server.MessageDispatcher.receive(MessageDispatcher.java:176) [spring-ws-core-3.0.8.RELEASE.jar:na]
at org.springframework.ws.transport.support.WebServiceMessageReceiverObjectSupport.handleConnection(WebServiceMessageReceiverObjectSupport.java:89) [spring-ws-core-3.0.8.RELEASE.jar:na]
at org.springframework.ws.transport.http.WebServiceMessageReceiverHandlerAdapter.handle(WebServiceMessageReceiverHandlerAdapter.java:61) [spring-ws-core-3.0.8.RELEASE.jar:na]
at org.springframework.ws.transport.http.MessageDispatcherServlet.doService(MessageDispatcherServlet.java:293) [spring-ws-core-3.0.8.RELEASE.jar:na]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) [spring-webmvc-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909) [spring-webmvc-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:660) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) [spring-webmvc-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) [tomcat-embed-websocket-9.0.33.jar:9.0.33]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1594) [tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.33.jar:9.0.33]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [na:1.8.0_241]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [na:1.8.0_241]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.33.jar:9.0.33]
at java.lang.Thread.run(Unknown Source) [na:1.8.0_241]
Caused by: org.apache.wss4j.common.ext.WSSecurityException: WSHandler: application provided null or empty password
at org.apache.wss4j.dom.handler.WSHandler.getPasswordCB(WSHandler.java:1149) ~[wss4j-ws-security-dom-2.2.3.jar:2.2.3]
at org.apache.wss4j.dom.action.SignatureAction.execute(SignatureAction.java:59) ~[wss4j-ws-security-dom-2.2.3.jar:2.2.3]
at org.apache.wss4j.dom.handler.WSHandler.doSenderAction(WSHandler.java:238) ~[wss4j-ws-security-dom-2.2.3.jar:2.2.3]
at org.springframework.ws.soap.security.wss4j2.Wss4jHandler.doSenderAction(Wss4jHandler.java:63) ~[spring-ws-security-3.0.8.RELEASE.jar:na]
at org.springframework.ws.soap.security.wss4j2.Wss4jSecurityInterceptor.secureMessage(Wss4jSecurityInterceptor.java:574) ~[spring-ws-security-3.0.8.RELEASE.jar:na]
... 45 common frames omitted
Thanks for the help
答案1
得分: 0
设置安全拦截器的密码类型如下:
setSecurenmentPasswordType(WSConstants.PW_NONE)
如果您不想或不需要提供密码。
英文:
For your security interceptor you need to set the password type as follows:
setSecurenmentPasswordType(WSConstants.PW_NONE)
if you don't want or need to provide a password.
专注分享java语言的经验与见解,让所有开发者获益!
评论