gpt4 book ai didi

java - WSS4J 中 keystore 的可配置位置

转载 作者:塔克拉玛干 更新时间:2023-11-02 07:47:25 26 4
gpt4 key购买 nike

我有一个 spring 上下文,它初始化 CXF web 服务并用签名检查包装它:

<bean id="myProperties" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="ignoreResourceNotFound" value="true"/>
<property name="locations">
<list>
<value>classpath:my.properties</value>
</list>
</property>
</bean>

<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="ignoreResourceNotFound" value="true"/>
<property name="properties" ref="myProperties"/>
<property name="placeholderPrefix" value="!sp{"/>
<property name="placeholderSuffix" value="}"/>
</bean>

<bean id="inbound-security" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Signature"/>
<entry key="signaturePropFile" value="!sp{acq.signature.properties.location}"/>
</map>
</constructor-arg>
</bean>

我意识到 signaturePropFile 必须在类路径上,它不能从文件系统中读取:-(

Caused by: org.apache.ws.security.WSSecurityException: General security error (Cannot load the resource D:\Dev\Projekty\smartpos-backend-parent\smartpos-backend-acquirer\src\main\resources\signature.properties)
at org.apache.ws.security.components.crypto.CryptoFactory.getProperties(CryptoFactory.java:261) ~[wss4j-1.6.11.jar:1.6.11]
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:186) ~[wss4j-1.6.11.jar:1.6.11]
at org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor.loadCryptoFromPropertiesFile(AbstractWSS4JInterceptor.java:224) ~[cxf-rt-ws-security-2.7.5.jar:2.7.5]
at org.apache.ws.security.handler.WSHandler.loadCrypto(WSHandler.java:911) ~[wss4j-1.6.11.jar:1.6.11]

没关系,我让它成为部署的一部分,但我确实想外部化使用以下属性定义的 keystore :

org.apache.ws.security.crypto.merlin.keystore.file=server-keystore.jks

我尝试用一​​些配置属性 !sp{keystore.location}${keystore.location} 替换路径,但它不起作用。事实上,它失败并出现相同的异常,例如属性文件不存在:

Caused by: org.apache.ws.security.WSSecurityException: General security error (Cannot load the resource classpath:signature.properties)
at org.apache.ws.security.components.crypto.CryptoFactory.getProperties(CryptoFactory.java:261) ~[wss4j-1.6.11.jar:1.6.11]
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:186) ~[wss4j-1.6.11.jar:1.6.11]
at org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor.loadCryptoFromPropertiesFile(AbstractWSS4JInterceptor.java:224) ~[cxf-rt-ws-security-2.7.5.jar:2.7.5]
at org.apache.ws.security.handler.WSHandler.loadCrypto(WSHandler.java:911) ~[wss4j-1.6.11.jar:1.6.11]

配置 WSS4J keystore 位置的正确方法是什么?我不喜欢在部署前编辑 war 。 (我使用 maven 来构建它)。

最佳答案

这个问题已经solved lately .

当使用旧版本的 wss4j(v2.1.1 及更早版本)时,您可以通过覆盖 WSHandler.loadCrypto() 并注入(inject)创建的 Property 对象来传递属性文件(例如 WSHandlerConstants.SIG_PROP_REF_ID)的字符串引用的需要通过 Spring util,例如:

<util:properties id="wss4jCryptoProperties">
<prop key="org.apache.ws.security.crypto.merlin.keystore.file">!sp{keystore.file}</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.type">!sp{keystore.type}</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.password">!sp{keystore.password}</prop>
</util:properties>

通过示例覆盖 WSHandler.loadCrypto():

public class PropertiesWSS4JInInterceptor extends WSS4JInInterceptor {

private Properties cryptoProperties;

public PropertiesWSS4JInInterceptor(Map<String, Object> inProps,
Properties cryptoProperties) {
super(inProps);
this.cryptoProperties = cryptoProperties;
}

@Override
protected Crypto loadCrypto(String cryptoPropertyFile, String cryptoPropertyRefId,
RequestData requestData) throws WSSecurityException {
return CryptoFactory.getInstance(cryptoProperties);
}
}

此外,您可以在您的 customBean 中注入(inject) wss4jCryptoProperties(不要忘记在引用的类中创建名为 cryptoProperties 的字段和一个 setter):

<bean id="customBean" class="cz.company.CustomBean">
<property name="cryptoProperties" ref="wss4jCryptoProperties"/>
</bean>

最后,您可以将拦截器添加到您的端点:

endpoint.getInInterceptors().add(new PropertiesWSS4JInInterceptor(inProps, cryptoProperties));

关于java - WSS4J 中 keystore 的可配置位置,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/22346115/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com