2
我遇到axis2 + rampart WS-Security響應時出現服務器內部錯誤的問題。 當服務器返回「200 OK」時,一切似乎都沒問題。如果門戶有適當的時間戳,簽名並解密功能響應XML,則通過門限檢查響應。但是,當服務器返回「500內部服務器錯誤」的Axis2/rapart拋出異常:axis2 + rampart:必須瞭解檢查失敗的標頭安全
ERROR Thread-11 org.apache.axis2.engine.AxisEngine - Must Understand check failed for header
我以爲有一些錯誤的答案,並與soapUI的測試它。在安全和解密形式中都有類似的迴應。這些響應僅因HTTP狀態,指示錯誤的XML響應代碼以及SOAP標記的情況而有所不同。在良好的響應的情況下,存在
<SOAP-ENV:Envelope ...
在錯誤的情況下:
結構<soap:Envelope ...
其餘部分,包括mustUnderstand="1"是相同的。
在axis2.xml我配置InFlow和InFaultFlow是相同與秩序:
<phase name="Addressing">...</phase>
<phase name="Security"/>
<phase name="PreDispatch"/>
我使我的客戶的跟蹤和良好的效應初探的情況下,我看到:
DEBUG Thread-11 org.apache.rampart.RampartEngine - Enter process(MessageContext msgCtx)
DEBUG Thread-11 org.apache.axis2.engine.Phase - [MessageContext: logID=urn:uuid:UUID] Invoking Handler 'SecurityInHandler' in Phase 'Security'
...there is decrypted message
DEBUG Thread-11 org.apache.rampart.handler.WSDoAllReceiver - WSDoAllReceiver: exit invoke()
DEBUG Thread-11 org.apache.axis2.engine.Phase - [MessageContext: logID=urn:uuid:UUID] Checking post-conditions for phase "Security"
DEBUG Thread-11 org.apache.axis2.engine.Phase - [MessageContext: logID=urn:uuid:UUID] Checking pre-condition for Phase "PreDispatch"
...
沒有這種痕跡在出錯的情況下:
DEBUG Thread-11 org.apache.rampart.RampartEngine - Enter process(MessageContext msgCtx)
DEBUG Thread-11 org.apache.axis2.engine.Phase - [MessageContext: logID=urn:uuid:UUID] Checking post-conditions for phase "Security"
DEBUG Thread-11 org.apache.axis2.engine.Phase - [MessageContext: logID=urn:uuid:UUID] Checking pre-condition for Phase "PreDispatch"
...
DEBUG Thread-11 org.apache.axis2.engine.Phase - [MessageContext: logID=urn:uuid:UUID] Checking post-conditions for phase "soapmonitorPhase"
DEBUG Thread-11 org.apache.axis2.engine.AxisEngine - MustUnderstand header not processed or registered as understood{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
DEBUG Thread-11 org.apache.axis2.i18n.ProjectResourceBundle - org.apache.axis2.i18n.resource::handleGetObject(mustunderstandfailed)
ERROR Thread-11 org.apache.axis2.engine.AxisEngine - Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security
org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security
at org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:97)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
調用沒有SecurityInHandler。
我想看到解密消息,就像在「200 OK」狀態或soapUI中的情況一樣。 任何想法我的配置有什麼問題?
編輯
我檢查,我只在「500內部服務器錯誤」的情況下,得到了這樣的錯誤。如果服務器以「200 OK」和相同的加密內容回覆,那麼axis2能夠解密它!