2011-07-24 105 views
5

我有一個使用UsernameToken作爲認證機制的PHP構建的webservice。我有可以訪問這個Web服務的PHP客戶端代碼。現在我需要在Java中執行此操作。也許你可以幫助我!Java Webservice客戶端UsernameToken相當於PHP

該服務可以使用下面的PHP代碼訪問:

$password="super_secure_pass"; 
$timestamp=gmdate('Y-m-d\TH:i:s\Z'); 
$nonce=mt_rand(); 
$passdigest=base64_encode(pack('H*',sha1(pack('H*',$nonce).pack('a*',$timestamp).pack('a*',$password)))); 
$nonce=base64_encode(pack('H*',$nonce)) 

這些價值觀得到解析到這個SOAP頭。

<wsse:Security SOAP-ENV:mustUnderstand="0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> 
<wsse:UsernameToken> 
    <wsse:Username>'.$username.'</wsse:Username> 
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">'.$passdigest.'</wsse:Password> 
    <wsse:Nonce>'.$nonce.'</wsse:Nonce> 
    <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">'.$timestamp.'</wsu:Created> 
    </wsse:UsernameToken> 
</wsse:Security> 

使用此代碼,我可以毫無問題地訪問Web服務。 現在我需要用Java來做到這一點。

我已經創建了neccesary文件,實現了一個處理程序來添加帶有UsernameToken的soap頭文件。 但是,當我嘗試訪問WS時,我總是得到「未授權」錯誤。 我認爲我在創建passdigest或nonce條目時丟失了一些東西。

這是我如何計算它們:

SOAPEnvelope envelope = smc.getMessage().getSOAPPart().getEnvelope(); 
    SOAPHeader header = envelope.addHeader(); 
    SOAPElement security = header.addChildElement("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); 
    SOAPElement usernameToken = security.addChildElement("UsernameToken", "wsse"); 
    SOAPElement username = usernameToken.addChildElement("Username", "wsse"); 
    username.addTextNode(user); 

    SOAPElement password = usernameToken.addChildElement("Password", "wsse"); 
    password.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"); 
    password.addTextNode(encodedPass); 

    SOAPElement nonce = 
     usernameToken.addChildElement("Nonce", "wsse"); 
    nonce.addTextNode(Base64.encodeBytes(nonceString.getBytes())); 

    SOAPElement created = usernameToken.addChildElement("Created", "wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); 

    created.addTextNode(creatTime); 

這是造成SOAP頭的樣子:

<S:Header> 
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> 
     <wsse:UsernameToken> 
      <wsse:Username>myusername</wsse:Username> 
      <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">ZDM4MjkwNzNlNTc3MjNmMTY4MjgyYWQ1ZjllN2JlZmJmNGY2NDE4MA==</wsse:Password> 
      <wsse:Nonce>NTU5NzA2Mjkw</wsse:Nonce> 
      <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2011-07-24T11:41:55Z</wsu:Created> 
     </wsse:UsernameToken> 
    </wsse:Security> 
</S:Header> 
在創建SOAP頭

Random generator = new Random(); 
    String nonceString = String.valueOf(generator.nextInt(999999999)); 
    String createTime=localToGmtTimestamp();//Returns a date with format (SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'")) 
    String pass="super_secure_pass"; 
    String tmp = AeSimpleSHA1.SHA1(nonce + createTime + pass); 
    encodedPass = Base64.encodeBytes(tmp.getBytes()); 

這些值將使用

有人看到我做錯了嗎?

+0

感謝您發佈此代碼。我正在研究類似的東西。 – jjwdesign

回答

8

我找到了解決方案。我的問題是我忘了將十六進制編碼添加到NONCE值和串接字符串。 這是我的解決方案,也許有些需要這個。

職能,營造通等:

private String calculatePasswordDigest(String nonce, String created, String password) { 
     String encoded = null; 
     try { 
      String pass = hexEncode(nonce) + created + password; 
      MessageDigest md = MessageDigest.getInstance("SHA1"); 
      md.update(pass.getBytes()); 
      byte[] encodedPassword = md.digest(); 
      encoded = Base64.encodeBytes(encodedPassword); 
     } catch (NoSuchAlgorithmException ex) { 
      Logger.getLogger(HeaderHandler.class.getName()).log(Level.SEVERE, null, ex); 
     } 

     return encoded; 
    } 

    private String hexEncode(String in) { 
     StringBuilder sb = new StringBuilder(""); 
     for (int i = 0; i < (in.length() - 2) + 1; i = i + 2) { 
      int c = Integer.parseInt(in.substring(i, i + 2), 16); 
      char chr = (char) c; 
      sb.append(chr); 
     } 
     return sb.toString(); 
    } 

代碼來構建SOAP消息:

String timestamp = HeaderHandler.localToGmtTimestamp(); 
String pass = "password"; 
String user = "username"; 
String nonceString = getNonce(); 


String dig=calculatePasswordDigest(nonceString, timestamp, pass); 


SOAPEnvelope envelope = smc.getMessage().getSOAPPart().getEnvelope(); 
SOAPHeader header = envelope.addHeader(); 

SOAPElement security = 
header.addChildElement("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); 


SOAPElement usernameToken = 
security.addChildElement("UsernameToken", "wsse"); 


SOAPElement username = 
usernameToken.addChildElement("Username", "wsse"); 
username.addTextNode(user); 

SOAPElement password = 
usernameToken.addChildElement("Password", "wsse"); 
password.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"); 
password.addTextNode(dig); 

SOAPElement nonce = 
usernameToken.addChildElement("Nonce", "wsse"); 
nonce.addTextNode(Base64.encodeBytes(hexEncode(nonceString).getBytes())); 

SOAPElement created = usernameToken.addChildElement("Created", "wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); 
created.addTextNode(timestamp); 
+0

嗨,請給我一個提示getNonce()做什麼? 第二個問題:你使用哪個Base64類? Mine(來自apache.commons)沒有encodeBytes()函數。 此致敬禮 –