1. 首頁
  2. 問答
  3. Axis2 + Rampart:在策略頭中指定密碼摘要

Axis2 + Rampart:在策略頭中指定密碼摘要

2011-10-20 20 views
0

我正嘗試通過使用axis2和rampart的Web服務發送用戶名和密碼。我想將密碼作爲摘要發送,但由於某些原因,密碼只能以明文形式發送。根據幾個來源,它應該發生,當我添加到services.xml和axis2.xml,但似乎沒有工作。我也嘗試在子標題下添加摘要。下面給出了services.xml(服務器端)和axis2.xml(客戶端)的相關部分。任何人都可以看到任何錯誤?Axis2 + Rampart:在策略頭中指定密碼摘要

我axis2.xml

<wsp:Policy wsu:Id="UTOverTransport" 
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> 
    <wsp:ExactlyOne> 
     <wsp:All> 
      <sp:SignedSupportingTokens 
       xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
       <wsp:Policy> 
        <sp:UsernameToken 
         sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> 
         <wsp:Policy> 
          <sp:HashPassword /> 
         </wsp:Policy> 
        </sp:UsernameToken> 
       </wsp:Policy> 
      </sp:SignedSupportingTokens> 
      <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
       <ramp:user>test</ramp:user> 
       <ramp:passwordCallbackClass>sec.PWCBHandler</ramp:passwordCallbackClass> 
      </ramp:RampartConfig> 
     </wsp:All> 
    </wsp:ExactlyOne> 

</wsp:Policy>

我的services.xml

<wsp:Policy wsu:Id="UTOverTransport" 
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> 
    <wsp:ExactlyOne> 
     <wsp:All> 
      <sp:SignedSupportingTokens 
       xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
       <wsp:Policy> 
        <sp:UsernameToken 
         sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> 
         <wsp:Policy> 
          <sp:HashPassword /> 
         </wsp:Policy> 
        </sp:UsernameToken> 
       </wsp:Policy> 
      </sp:SignedSupportingTokens> 
      <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
       <ramp:passwordCallbackClass>sec.PWCBHandler</ramp:passwordCallbackClass> 
      </ramp:RampartConfig> 

     </wsp:All> 
    </wsp:ExactlyOne> 
</wsp:Policy>

來源

2011-10-20 Tor-Erik

回答

1

我發現你可能需要添加這樣的事情:

<wsp:Policy wsu:Id="UsernameToken" xmlns:wsu= 
    "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> 
<wsp:ExactlyOne> 
    <wsp:All> 
    <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
    <wsp:Policy> 
     <sp:TransportToken> 
     <wsp:Policy> 
     <sp:HttpsToken RequireClientCertificate="false"/> 
     </wsp:Policy> 
     </sp:TransportToken> 
    </wsp:Policy> 
    </sp:TransportBinding> 
    <sp:SupportingTokens 
    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> 
    <wsp:Policy> 
    <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ 
      ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"/> 
    </wsp:Policy> 
    </sp:SupportingTokens> 
    </wsp:All> 
</wsp:ExactlyOne> 
</wsp:Policy>

編號:http://www.ibm.com/developerworks/java/library/j-jws4/index.html

來源

2012-03-27 11:51:46 Richard

+0

這不會強制使用摘要密碼,這會強制您在使用用戶名令牌時使用HTTPS傳輸。 – Wrench

2

您配置的問題在於您使用的命名空間建議Axis將其解釋爲WSS 1.1配置。據我可以從Axis來源得知,它不支持來自用戶名令牌的哈希密碼。可能它是WSS 1.2提供的一個功能。

您需要定義配套使用令牌WSS 1.2命名空間:

<sp:SignedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> 
    <wsp:Policy> 
     <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"> 
     <wsp:Policy> 
      <sp:HashPassword /> 
     </wsp:Policy> 
     </sp:UsernameToken> 
    </wsp:Policy> 
    </sp:SignedSupportingTokens>

這將哈希與現時的密碼,默認情況下創建的。

來源

2013-04-12 16:29:32

相關問題

 相關問題