HTTP-ответ «401: не авторизован» при обмене данными - PullRequest
Новая
       66

HTTP-ответ «401: не авторизован» при обмене данными

0 голосов
/ 23 января 2020

Вот мой Wsdl, в котором указана информация о безопасности. 

<WL5G3N0:Policy WL5G3N1:Id="Auth.xml">
<wssp:Identity xmlns:wssp="http://www.bea.com/wls90/security/policy">
<wssp:SupportedTokens>
<wssp:SecurityToken TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
<wssp:UsePassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"/>
</wssp:SecurityToken>
</wssp:SupportedTokens>
</wssp:Identity>
</WL5G3N0:Policy>
<wsp:UsingPolicy WL5G3N2:Required="true"/>

Вот мой код: 

public class SoapClientProxyBuilder<ServiceInterface> {

    public static final String PASSWORD_TYPE_TEXT = WSConstants.PW_TEXT;

    private JaxWsProxyFactoryBean jaxWsProxyFactoryBean;
    private Map<String, Object> properties = new HashMap<String, Object>();
    private boolean authenticationMechanismSet = false;

    private List<Interceptor<? extends Message>> inboundInterceptors = new ArrayList<>();
    private List<Interceptor<? extends Message>> outboundInterceptors = new ArrayList<>();

    public SoapClientProxyBuilder(JaxWsProxyFactoryBean jaxWsProxyFactoryBean) {
        this.jaxWsProxyFactoryBean = jaxWsProxyFactoryBean;
    }

    public static <ServiceInterface> SoapClientProxyBuilder<ServiceInterface> createJaxWsProxyBuilder(Class serviceClass, String serviceUrl) {
        JaxWsProxyFactoryBean jaxWsProxyFactoryBean = new JaxWsProxyFactoryBean();
        jaxWsProxyFactoryBean.setServiceClass(serviceClass);
        jaxWsProxyFactoryBean.setAddress(serviceUrl);
        return new SoapClientProxyBuilder(jaxWsProxyFactoryBean);
    }

    public ServiceInterface create() {
        inboundInterceptors.add(new LoggingInInterceptor());
        outboundInterceptors.add(new MaskingLoggingOutInterceptor());

        jaxWsProxyFactoryBean.setInInterceptors(inboundInterceptors);
        jaxWsProxyFactoryBean.setOutInterceptors(outboundInterceptors);
        jaxWsProxyFactoryBean.setProperties(properties);
        return (ServiceInterface) jaxWsProxyFactoryBean.create();

    }

    public SoapClientProxyBuilder<ServiceInterface> withUserNameTokenAuthentication(final String userId, final String password) {
        validateAuthenticationMechanismLimit();
        outboundInterceptors.add(createPasswordOutInterceptor(userId, password, PASSWORD_TYPE_TEXT));
        return this;
    }

    private WSS4JOutInterceptor createPasswordOutInterceptor(final String userId, final String password, String passwordType) {
        Map<String, Object> inProps = new HashMap<String, Object>();


        System.out.println("User Name ="+ userId);


        inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN + " " + WSHandlerConstants.TIMESTAMP);
        inProps.put(WSHandlerConstants.PASSWORD_TYPE, passwordType);
        inProps.put("user", userId);
        inProps.put("passwordCallbackRef", new CallbackHandler() {

            @Override
            public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
                WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
                if ( pc.getIdentifier().equals(userId)) {
                    System.out.println("password ="+ password);
                    pc.setPassword(password);
                } else {
                    throw new IOException("Invalid User Request. Identifier = " + pc.getIdentifier());
                }
            }

        });
        return new WSS4JOutInterceptor(inProps);
    }

    private void validateAuthenticationMechanismLimit() {
        if (authenticationMechanismSet) {
            new IllegalArgumentException("You can only have one authentication mechanism.");
        } else {
            authenticationMechanismSet = true;
        }
    }

Затем я вызываю службу, используя 

private OrderManagementWSPort getOSMService(String osmServiceUrl) {


        log.info("Entering getOSMService..." );

        log.debug("osmUserId= " + osmUserId );
        log.debug("osmPassword=" + osmPassword);    


        OrderManagementWSPort soapClient = SoapClientProxyBuilder
                .<OrderManagementWSPort>createJaxWsProxyBuilder(OrderManagementWSPort.class, osmServiceUrl)
                .withUserNameTokenAuthentication(osmUserId, osmPassword)
                .create();
        log.debug("XXXXXXXXXX" + soapClient.toString());
        Client client = ClientProxy.getClient(soapClient);
        client.getRequestContext().put(Message.MAINTAIN_SESSION, true);
        HTTPClientPolicy policy = new HTTPClientPolicy();
        policy.setReceiveTimeout(600000);
        policy.setAllowChunking(false);
        HTTPConduit conduit = (HTTPConduit) client.getConduit();
        conduit.setClient(policy);
        return soapClient;
        }

затем я звоню 

FindOrderResponseType findOrderResponseType = getOSMService(osmServiceUrl).findOrder(findOrderRequestType);

Я получаю ошибку 401. 

    Wed Jan 22 14:13:26 MST 2020
    There was an unexpected error (type=Internal Server Error, status=500).
    Could not send Message.
    javax.xml.ws.WebServiceException: Could not send Message.
     at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:150)
at com.sun.proxy.$Proxy140.findOrder(Unknown Source)
at com.spectrum.order.client.OSMClient.findOrder(OSMClient.java:54)
at com.spectrum.order.service.OrderDetailsService.findOrderByAccountId(OrderDetailsService.java:20)
at com.spectrum.order.controllers.OrderController.findOrder(OrderController.java:44)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:106)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:888)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:793)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:154)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter.doFilterInternal(DefaultLogoutPageGeneratingFilter.java:52)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:216)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:526)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:860)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1591)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)

Причина: org. apache .cxf.transport.http.HTTPException: HTTP response '401: неавторизовано 'при взаимодействии с http://XXXX?wsdl в орг. apache .cxf.transport.http.HTTPConduit $ WrappedOutputStream.doProcessResponseCode (HTTPConduit. java: 1605) в орг. apache .cxf.transport .http.HTTPConduit $ WrappedOutputStream.handleResponseInternal (HTTPConduit. java: 1612) в org. apache .cxf.transport.http.HTTPConduit $ WrappedOutputStream.handleResponse (HTTPConduit. * 10 * в 10 *: 10 или 1026 .cxf.transport.http.HTTPConduit $ WrappedOutputStream.close (HTTPConduit. java: 1358) в org. apache .cxf.transport.AbstractConduit.close (AbstractConduit. java: 56) в орг. apache .cxf.transport.http.HTTPConduit.close (HTTPConduit. java: 658) в орг. apache .cxf.interceptor.MessageSenderInterc eptor $ MessageSenderEndingInterceptor.handleMessage (MessageSenderInterceptor. java: 62) в org. apache .cxf.phase.PhaseInterceptorChain.doIntercept (PhaseInterceptorChain. java: 308) в точке org. * 1037f. doInvoke (ClientImpl. java: 516) в org. apache .cxf.endpoint.ClientImpl.invoke (ClientImpl. java: 425) в org. apache .cxf.endpoint.ClientImpl.invoke (ClientImpl. java: 326) в орг. apache .cxf.endpoint.ClientImpl.invoke (ClientImpl. java: 279) в орг. apache .cxf.frontend.ClientProxy.invokeSyn c (ClientProxy. java: 96) в орг. apache .cxf.jaxws.JaxWsClientProxy.invoke (JaxWsClientProxy. java: 139)

Добро пожаловать на сайт PullRequest, где вы можете задавать вопросы и получать ответы от других членов сообщества.

Похожие темы

...