1. 首頁
  2. 問答
  3. CXF密鑰庫安全性 - org.apache.cxf.binding.soap.SoapFault:指定操作的空用戶名

CXF密鑰庫安全性 - org.apache.cxf.binding.soap.SoapFault:指定操作的空用戶名

2013-04-29 27 views
1

我正在嘗試使用密鑰庫安全性,但是,遇到以下問題並且不知道如何進一步處理。 org.apache.cxf.binding.soap.SoapFault:指定動作的空用戶名。 這是我的設置。CXF密鑰庫安全性 - org.apache.cxf.binding.soap.SoapFault:指定操作的空用戶名

我的證書是由下面的命令

keytool -genkeypair -alias aka -keypass myAliasPassword -keystore privatestore.jks -storepass keyStorePassword -dname "CN=aka" -keyalg RSA 

keytool -selfcert -alias aka -keystore privatestore.jks -storepass keyStorePassword -keypass myAliasPassword 

keytool -export -alias aka -file key.rsa -keystore privatestore.jks -storepass keyStorePassword 

keytool -import -alias aka -file key.rsa -keystore publicstore.jks -storepass keyStorePassword

產生的,他們看起來像這樣

C:\test\employee-usertoken>keytool -list -v -keystore privatestore.jks 
Enter keystore password: 

Keystore type: JKS 
Keystore provider: SUN 

Your keystore contains 1 entry 

Alias name: myalias 
Creation date: Apr 29, 2013 
Entry type: PrivateKeyEntry 
Certificate chain length: 1 
Certificate[1]: 
Owner: CN=myCN 
Issuer: CN=myCN 
Serial number: 517e8a5e 
Valid from: Mon Apr 29 10:57:34 EDT 2013 until: Sun Jul 28 10:57:34 EDT 2013 
Certificate fingerprints: 
     MD5: AE:D8:7E:89:33:55:82:41:30:88:6D:D3:F7:7E:CA:AD 
     SHA1: 02:A5:11:E7:D1:EB:61:0E:39:2C:8D:50:EF:EB:46:88:DF:86:34:94 
     Signature algorithm name: SHA1withRSA 
     Version: 3 


******************************************* 
******************************************* 

C:\test\employee-usertoken>keytool -list -v -keystore publicstore.jks 
Enter keystore password: 

Keystore type: JKS 
Keystore provider: SUN 

Your keystore contains 1 entry 

Alias name: myalias 
Creation date: Apr 29, 2013 
Entry type: trustedCertEntry 

Owner: CN=myCN 
Issuer: CN=myCN 
Serial number: 517e8a5e 
Valid from: Mon Apr 29 10:57:34 EDT 2013 until: Sun Jul 28 10:57:34 EDT 2013 
Certificate fingerprints: 
     MD5: AE:D8:7E:89:33:55:82:41:30:88:6D:D3:F7:7E:CA:AD 
     SHA1: 02:A5:11:E7:D1:EB:61:0E:39:2C:8D:50:EF:EB:46:88:DF:86:34:94 
     Signature algorithm name: SHA1withRSA 
     Version: 3 


******************************************* 
******************************************* 



C:\test\employee-usertoken>

我的客戶Spring配置如下

<?xml version="1.0" encoding="UTF-8"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:jaxws="http://cxf.apache.org/jaxws" 
    xsi:schemaLocation=" 
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> 

    <import resource="classpath:META-INF/cxf/cxf.xml" /> 
    <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> 

     <bean id="clientKeystoreTokenCallback" class="com.jpmorgan.ibanker.client.ClientKeyStoreTokenCallback" /> 

     <jaxws:client id="empGreetClient" 
        serviceClass="com.jpmorgan.ibanker.EmployeeGreet" 
        address="http://localhost:100/employee-usertoken/webservices/EmpGreet" >   
       <jaxws:outInterceptors> 
        <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> 
         <constructor-arg> 
          <map> 
           <entry key="action" value="Signature"/>      
           <entry key="signaturePropFile" value="client_sign.properties"/> 
           <entry key="passwordCallbackRef"> 
            <ref bean="clientKeystoreTokenCallback"/> 
           </entry> 
          </map> 
         </constructor-arg> 
        </bean> 
       </jaxws:outInterceptors> 
     </jaxws:client> 

</beans>

我的服務器側彈簧配置是如下

<?xml version="1.0" encoding="UTF-8" standalone="no"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:jaxws="http://cxf.apache.org/jaxws" 
    xsi:schemaLocation=" 
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd 
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> 

    <import resource="classpath:META-INF/cxf/cxf.xml" /> 
    <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> 

<bean id="keyStoreTokenCallback" class="com.jpmorgan.ibanker.ServerKeyStoreTokenCallback" /> 
     <jaxws:endpoint 
     id="empGreetSecure" 
     implementor="com.jpmorgan.ibanker.EmployeeGreetImpl" 
     address="/EmpGreet" > 
      <jaxws:inInterceptors> 
       <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> 
       <constructor-arg> 
        <map> 
         <entry key="action" value="Signature"/>      
         <entry key="signaturePropFile" value="server_sign.properties"/> 
         <entry key="passwordCallbackRef"> 
          <ref bean="keyStoreTokenCallback"/> 
         </entry> 
        </map> 
       </constructor-arg> 
       </bean> 
      </jaxws:inInterceptors> 

    </jaxws:endpoint> 

</beans>

的client_sign屬性文件是如下

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin 
org.apache.ws.security.crypto.merlin.keystore.type=JKS 
org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword 
org.apache.ws.security.crypto.merlin.keystore.alias=aka 
org.apache.ws.security.crypto.merlin.keystore.file=publicstore.jks

的server_sign性質是如下

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin 
org.apache.ws.security.crypto.merlin.keystore.type=JKS 
org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword 
org.apache.ws.security.crypto.merlin.keystore.alias=aka 
org.apache.ws.security.crypto.merlin.keystore.file=privatestore.jks

堆棧跟蹤如下:

2013-04-29 15:04:06,827 [Main Thread] INFO org.apache.cxf.service.factory.ReflectionServiceFactoryBean - Creating Service {http://ibanker.jpmorgan.com/}EmployeeGreetService from class com.jpmorgan.ibanker.EmployeeGreet 
2013-04-29 15:04:07,748 [Main Thread] WARN org.apache.cxf.phase.PhaseInterceptorChain - Interceptor for {http://ibanker.jpmorgan.com/}EmployeeGreetService#{http://ibanker.jpmorgan.com/}getEmployee has thrown exception, unwinding now 
org.apache.cxf.binding.soap.SoapFault: Empty username for specified action. 
    at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:226) 
    at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136) 
    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) 
    at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:532) 
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464) 
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367) 
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320) 
    at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:89) 
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134) 
    at $Proxy36.getEmployee(Unknown Source) 
    at com.jpmorgan.ibanker.client.EmpGreetClient.main(EmpGreetClient.java:20) 
Exception in thread "Main Thread" javax.xml.ws.soap.SOAPFaultException: Empty username for specified action. 
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:156) 
    at $Proxy36.getEmployee(Unknown Source) 
    at com.jpmorgan.ibanker.client.EmpGreetClient.main(EmpGreetClient.java:20) 
Caused by: org.apache.cxf.binding.soap.SoapFault: Empty username for specified action. 
    at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:226) 
    at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136) 
    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) 
    at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:532) 
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464) 
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367) 
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320) 
    at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:89) 
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134) 
    ... 2 more

我身邊有等,但沒有luck.Couple的郵件列表上類似的問題已經一派unanswered.I希望如果這裏有人能幫助我。

我使用的Java 1.6和CXF 2.7.x

來源

2013-04-29 Chetya

回答

0

因爲定的密鑰存儲可能包含你需要指定要使用的一個的名字不止一個關鍵。這是通過設置用戶屬性完成的,只需將以下內容添加到您的客戶端彈簧中:

<entry key="user" value="aliasOfKeytoUse"/>

來源

2013-08-01 12:34:58 cornergraf

相關問題

 相關問題