Используя Liberty 19.0.09, у меня есть это исключение "Неверное значение включения".
javax. xml .ws. soap .SOAPFaultException: Неверное значение включения: пусто. Вызывается: java .lang.RuntimeException - Неправильное значение включения: ноль в орг. apache .cxf.ws.security.policy.model.Token.setInclusion (Токен. java: 82)
Я пробовал несколько конфигураций без успеха. Вот код, который я использую для доступа к этому WS:
>DocumentMgmtHttpService service = new DocumentMgmtHttpService();
>HandlerResolver resolver = service.getHandlerResolver();
>DocumentMgmt docmgmt = service.getDocumentMgmtHttpPort();
>BindingProvider bp = (BindingProvider) docmgmt;
>bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "xxxx");
>bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "xxxxx");
>SearchDocumentResponseType response=null;
, затем запрос и вызов
Где мне искать?
Я настроил (3 функции ниже) + обработчики + CallBackHandler (как функция на сервере)
<wsSecurityClient id="default"
ws-security.callback-handler="com.xxx.xxxx.callbackhandler.CallBackHandler"
ws-security.signature.username="portal_certificate"
ws-security.username="CN=portalx509.xxxxxxxxxx, OU=IT, O=xxxxxxxxx, L=xxxxxxxx, ST=xxxxx, C=CA"
ws-security.encryption.username="portal_certificate">
<signatureProperties
org.apache.ws.security.crypto.merlin.keystore.type="jceks"
org.apache.ws.security.crypto.merlin.keystore.password="{xor}PDc+MTg6Nis="
org.apache.ws.security.crypto.merlin.keystore.alias="portal_certificate"
org.apache.ws.security.crypto.merlin.file="${server.config.dir}/resources/security/keystore-ti.jks"
org.apache.ws.security.crypto.merlin.truststore.file="${server.config.dir}/resources/security/keystore-ti.jks"
org.apache.ws.security.crypto.merlin.truststore.password="{xor}PDc+MTg6Nis="
org.apache.ws.security.crypto.merlin.truststore.type="jceks"
org.apache.ws.security.crypto.merlin.keystore.private.password="{xor}PDc+MTg6Nis="/>
<encryptionProperties
org.apache.ws.security.crypto.merlin.keystore.type="jceks"
org.apache.ws.security.crypto.merlin.keystore.password="{xor}PDc+MTg6Nis="
org.apache.ws.security.crypto.merlin.keystore.alias="portal_certificate"
org.apache.ws.security.crypto.merlin.file="${server.config.dir}/resources/security/keystore-ti.jks"
org.apache.ws.security.crypto.merlin.truststore.type="jceks"
org.apache.ws.security.crypto.merlin.truststore.file="${server.config.dir}/resources/security/keystore-ti.jks"
org.apache.ws.security.crypto.merlin.truststore.password="{xor}PDc+MTg6Nis="
org.apache.ws.security.crypto.merlin.keystore.private.password="{xor}PDc+MTg6Nis="
/>
- **ibm-ws-bnd.xml**
<ws:webservices-bnd xmlns:ws="http://websphere.ibm.com/xml/ns/javaee" xmlns:xml="http://www.w3.org/XML/1998/namespace" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://websphere.ibm.com/xml/ns/javaee http://websphere.ibm.com/xml/ns/javaee/ibm-ws-bnd_1_0.xsd" version="1.0">
<ws:webservice-endpoint-properties enableLoggingInOutInterceptor="true" />
<ws:service-ref name="service/DocumentMgmtHttpService">
<ws:port name="DocumentMgmtHttpPort" namespace="http://ibm.com/ws/jaxws/transport/security/" ssl-ref="SSL01" />
<ws:properties http.conduit.tlsClientParameters.disableCNCheck="true" />
</ws:service-ref>
</ws:webservices-bnd>
- клиент-политики-вложений. xml (в WEB-INF)
<?xml version="1.0" encoding="UTF-8"?>
<attachments
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"
xmlns:sp13="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:PolicyAttachment
wsdlNamespace="http://www.xxxxx.xx/EnterpriseMgmt/DocumentMgmt/V1">
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>https://xxxxxxxxxxxxxx:8442/ti/DocumentMgmt/V1
</wsa:Address>
</wsa:EndpointReference>
<wsp:URI>https://xxxxxxxxxxxxxxxx:8442/ti/DocumentMgmt/V1#wsdl11.service(DocumentMgmtHttpService)</wsp:URI>
</wsp:AppliesTo>
<wsp:Policy
wsu:Id="X509AsymmetricMutualAndUntAuthentication">
<wsp:ExactlyOne>
<wsp:All>
<wsam:Addressing wsp:Optional="true">
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All />
<wsam:AnonymousResponses />
<wsam:NonAnonymousResponses />
</wsp:ExactlyOne>
</wsp:Policy>
</wsam:Addressing>
<sp:SignedEncryptedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken11 />
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedEncryptedSupportingTokens>
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200712/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssX509V3Token11/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128Rsa15 />
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200712/IncludeToken/AlwaysToInitiator">
<wsp:Policy>
<sp:WssX509V3Token11 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:SupportingTokens>
<wsp:Policy wsu:Id="request:username_token">
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200712/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken11 />
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
<sp:SignedParts>
<sp:Body />
<sp:Header
Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing" />
<sp:Header
Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header
Namespace="http://www.nbfg.ca/fw/serviceHeaders" />
</sp:SignedParts>
<sp:SignedElements>
<sp:XPath>/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' and local-name()='Timestamp']</sp:XPath>
<sp:XPath>/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='UsernameToken']</sp:XPath>
<sp:XPath>/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' and local-name()='Timestamp']</sp:XPath>
<sp:XPath>/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='UsernameToken']</sp:XPath>
</sp:SignedElements>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsp:PolicyAttachment>
</attachments>
Любая помощь? Заранее большое спасибо.