WS-Security(Web服务安全性)是一种协议,可让您保护自己的soap Web服务。 发出Soap请求的客户端必须在Soap标头中提供登录名和密码。
服务器接收到肥皂请求,检查凭据并验证请求是否正确。 使用Apache Camel,可以很容易地使用肥皂网络服务(特别是如果您使用Apache CXF),但是使用WS-Security进行处理可能很棘手。
这个想法是创建一个具有所有必需信息(包括登录名和密码)的xml模板,并将该模板添加到soap标头中。
public void addSoapHeader(Exchange exchange,String soapHeader){
List<SoapHeader> soapHeaders = CastUtils.cast((List<?>) exchange.getIn().getHeader(Header.HEADER_LIST));
SoapHeader newHeader;
if(soapHeaders == null){
soapHeaders = new ArrayList<SoapHeader>();
}
try {
newHeader = new SoapHeader(new QName("soapHeader"), DOMUtils.readXml(new StringReader(soapHeader)).getDocumentElement());
newHeader.setDirection(Direction.DIRECTION_OUT);
soapHeaders.add(newHeader);
exchange.getIn().setHeader(Header.HEADER_LIST, soapHeaders);
} catch (Exception e) {
//log error
}
}
Apache Camel使用Exchange
接口,该接口具有检索或更新标头的方法。 soapHeader
参数是包含xml模板的字符串。
我们检索当前的标头,并添加一个名为soapHeader
的新标头。 由于使用了DOMUtils
类,我们将soapHeader
属性从字符串转换为XML。
newHeader.setDirection(Direction.DIRECTION_OUT)
指令意味着该标头将应用于离开消费者端点或进入生产者端点的请求(即,它适用于通过路由传播的WS请求消息)。
现在,让我们创建xml模板并调用addSoapHeader
方法:
public void addWSSESecurityHeader(Exchange exchange,String login,String password){
String soapHeader = "<?xml version=\"1.0\" encoding=\"utf-8\"?><wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"+
"xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"><wsse:UsernameToken wsu:Id=\"UsernameToken-50\"><wsse:Username>"
+ login
+ "</wsse:Username><wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">"
+ password + "</wsse:Password></wsse:UsernameToken></wsse:Security>";
//Add wsse security header to the exchange
addSoapHeader(exchange, soapHeader);
}
如我们所见,我们在xml中需要两个名称空间(以使用WS-Security进行处理):
- http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
- http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
然后,我们可以在xml中使用有趣的标签:
- wsse:UsernameToken:包括用户名和密码信息
- wsse:Username:认证所需的用户名
- wsse:Password:认证所需的密码
接下来,我们只需要调用方法addSoapHeader
即可将xml添加到soap标头中。 这是完整的Apache Camel路由的完整代码:
package com.example.test;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.List;
import javax.xml.namespace.QName;
import org.apache.camel.Exchange;
import org.apache.camel.util.CastUtils;
import org.apache.cxf.binding.soap.SoapHeader;
import org.apache.cxf.headers.Header;
import org.apache.cxf.headers.Header.Direction;
import org.apache.cxf.helpers.DOMUtils;
public class MyRoute extends RouteBuilder {
public void addSoapHeader(Exchange exchange,String soapHeader){
List<SoapHeader> soapHeaders = CastUtils.cast((List<?>) exchange.getIn().getHeader(Header.HEADER_LIST));
SoapHeader newHeader;
if(soapHeaders == null){
soapHeaders = new ArrayList<SoapHeader>();
}
try {
newHeader = new SoapHeader(new QName("soapHeader"), DOMUtils.readXml(new StringReader(soapHeader)).getDocumentElement());
newHeader.setDirection(Direction.DIRECTION_OUT);
soapHeaders.add(newHeader);
exchange.getIn().setHeader(Header.HEADER_LIST, soapHeaders);
} catch (Exception e) {
//log error
}
}
public void addWSSESecurityHeader(Exchange exchange,String login,String password){
String soapHeader = "<?xml version=\"1.0\" encoding=\"utf-8\"?><wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"+
"xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"><wsse:UsernameToken wsu:Id=\"UsernameToken-50\"><wsse:Username>"
+ login
+ "</wsse:Username><wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">"
+ password + "</wsse:Password></wsse:UsernameToken></wsse:Security>";
//Add wsse security header to the exchange
addSoapHeader(exchange, soapHeader);
}
@Override
public void configure() throws Exception {
from("endpointIn")
.process(new Processor(){
@Override
public void process(Exchange exchange) throws Exception {
addWSSESecurityHeader(exchange, "login","password");
}
})
.to("endointOut") ;
}
}
翻译自: https://www.javacodegeeks.com/2014/06/adding-ws-security-over-soap-using-apache-camel.html