1. 首頁
  2. 問答
  3. 在wso2esb中調用安全的Web服務

在wso2esb中調用安全的Web服務

2013-06-20 15 views
0

我在WSO2 ESB中創建了一個Web服務。安全性實現了只有特定的用戶角色才能訪問它。在wso2esb中調用安全的Web服務

現在,當我打這個服務使用SOAP-UI時,通過提供用戶名,密碼,密碼類型,我可以擊中服務。

現在,我想創建一個可以訪問這個SECURED WEB SERVICE的StandAlone Java Project。

我試圖爲此目的實現apache-rampart,但我擁有的信息是分散的。

任何人都可以請幫助我如何訪問此安全服務。

感謝和問候。

來源

2013-06-20 NGoyal

回答

1

訪問這樣一個安全的Web服務,我想你使用UT的場景:

String trustStore = null; 
ConfigurationContext ctx = null; 
String policyFilePath = "[file_system_path]/secure_sample_policy.xml"; 

trustStore = "[file_system_path]/wso2carbon.jks"; 
System.setProperty("javax.net.ssl.trustStore",trustStore); 
System.setProperty("javax.net.ssl.trustStorePassword","pass_store"); 

ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(null, 
     null); 
this.stub = new ProxyStub(ctx); 
stub._getServiceClient().engageModule("rampart"); 
stub._getServiceClient().engageModule("addressing"); 

Options options = this.stub._getServiceClient().getOptions(); 
options.setUserName("user"); 
     options.setPassword("pass"); 

options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(policyFilePath)); 
this.stub._getServiceClient().setOptions(options);

方法loadPolicy:

private static Policy loadPolicy(String xmlPath) throws Exception { 
    StAXOMBuilder builder = new StAXOMBuilder(xmlPath); 
    return PolicyEngine.getPolicy(builder.getDocumentElement()); 
}

和示例策略文件:

<?xml version="1.0" encoding="UTF-8"?> 

<wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> 
    <wsp:ExactlyOne> 
     <wsp:All> 
     <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
      <wsp:Policy> 
      <sp:TransportToken> 
       <wsp:Policy> 
       <sp:HttpsToken RequireClientCertificate="false"/> 
       </wsp:Policy> 
      </sp:TransportToken> 
      <sp:AlgorithmSuite> 
       <wsp:Policy> 
       <sp:Basic256/> 
       </wsp:Policy> 
      </sp:AlgorithmSuite> 
      <sp:Layout> 
       <wsp:Policy> 
       <sp:Lax/> 
       </wsp:Policy> 
      </sp:Layout> 
      <sp:IncludeTimestamp/> 
      </wsp:Policy> 
     </sp:TransportBinding> 
     <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
      <wsp:Policy> 
       <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"/> 
      </wsp:Policy> 
     </sp:SignedSupportingTokens> 

     </wsp:All> 
    </wsp:ExactlyOne> 
</wsp:Policy>

來源

2013-06-20 16:15:30

相關問題

 相關問題