gpt4 book ai didi

java - Metro & StreamBuffer 命名空间错误——我理解正确吗?

转载 作者:行者123 更新时间:2023-11-29 09:25:20 24 4
gpt4 key购买 nike

全部, 我(仍在)致力于从 Java/Metro 2.0 调用 WSE 3.0 .NET Web 服务。我们已经设置了安全要求,因此我们正在加密消息的正文和 header 并对 header 进行签名。我能够向他们的服务发送请求并获得响应,但 Metro 无法验证签名并从 WSIT 代码中抛出错误。我从 CVS 获得了最新的 WSIT 代码,下面是该方法的代码片段:

来自 com.sun.xml.ws.security.opt.impl.incoming.GenericSecuredHeader:

private XMLStreamBuffer completeHeader;
public void writeTo(XMLStreamWriter w) throws XMLStreamException {
try {
// TODO what about in-scope namespaces
completeHeader.writeToXMLStreamWriter(w);
} catch (Exception e) {
throw new XMLStreamException(e);
}
}

如您所见,其中有一个 TODO,我认为这表明该方法无法处理我遇到的情况,但我不确定我是否知道“范围内”是什么意思命名空间。

这是它中断的 Web 服务响应中的 XML 片段:

<wsa:Action wsu:Id="Id-46282a5d-c7fa-403c-8ac9-f7df0dfdb0cf">
http://someAction</wsa:Action>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />

<Reference URI="#Id-46282a5d-c7fa-403c-8ac9-f7df0dfdb0cf">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>
/2ivNKDpYSLqPWHzrSxN/RuZ/e8=</DigestValue>
</Reference>

在堆栈跟踪(包括在下面)中,它提示无法验证引用 URI="#Id-46282a5d-c7fa-403c-8ac9-f7df0dfdb0cf"。 我不清楚的是 - 它失败是因为 Reference 元素没有命名空间属性或前缀吗? 是否应该允许它们从父 Signature 元素继承命名空间,或者StreamBuffer 类不能处理吗?

作为对比,这里有一个来 self 的请求(由 WSIT 生成)的类似 XML 片段,其中 ds 前缀是

xmlns:ds="http://www.w3.org/2000/09/xmldsig#"

<ds:Signature xmlns:ns10="http://www.w3.org/2003/05/soap-envelope" 
xmlns:ns11="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512"
xmlns:ns12="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity" Id="_1">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<exc14n:InclusiveNamespaces PrefixList="wsse S"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>

<ds:Reference URI="#_5002">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<exc14n:InclusiveNamespaces PrefixList="S"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>
vtf9n+OcI1nT0exavD4/ZQy6jm8=</ds:DigestValue>
</ds:Reference>

当 Metro 生成这些 block 时,所有内容都有一个命名空间前缀。

如果你还在读到这里 - 谢谢!以下是堆栈跟踪中的一些片段:

Error occurred while trying to cache START_ELEMENTcom.sun.xml.stream.buffer.stax
.StreamReaderBufferProcessor$InternalNamespaceContext
[16:12:54.026] WSS1759: Following error null occured while performing canonicali
zation null
[16:12:54.026] javax.xml.stream.XMLStreamException
[16:12:54.026] at com.sun.xml.ws.security.opt.impl.incoming.GenericSecuredHeade
r.writeTo(GenericSecuredHeader.java:303)
[16:12:54.026] at com.sun.xml.ws.security.opt.impl.incoming.StreamWriterData.wr
ite(StreamWriterData.java:101)
[16:12:54.026] at com.sun.xml.ws.security.opt.crypto.dsig.Exc14nCanonicalizer.t
ransform(Exc14nCanonicalizer.java:153)
[16:12:54.026] at com.sun.xml.ws.security.opt.crypto.dsig.Transform.transform(T
ransform.java:182)
[16:12:54.026] at com.sun.xml.ws.security.opt.crypto.dsig.Reference.transform(R
eference.java:183)
[16:12:54.026] at com.sun.xml.ws.security.opt.crypto.dsig.Reference.validate(Re
ference.java:102)
[16:12:54.026] at com.sun.xml.ws.security.opt.impl.incoming.processor.SignedInf
oProcessor.processReference(SignedInfoProcessor.java:422)
[16:12:54.026] at com.sun.xml.ws.security.opt.impl.incoming.processor.SignedInf
oProcessor.processReferences(SignedInfoProcessor.java:385)
[16:12:54.026] at com.sun.xml.ws.security.opt.impl.incoming.processor.SignedInf
oProcessor.process(SignedInfoProcessor.java:189)
[16:12:54.026] at com.sun.xml.ws.security.opt.impl.incoming.Signature.process(S
ignature.java:206)
[16:12:54.026] at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.h
andleSecurityHeader(SecurityRecipient.java:466)
[16:12:54.026] at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.c
acheHeaders(SecurityRecipient.java:281)
[16:12:54.026] at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.v
alidateMessage(SecurityRecipient.java:223)
[16:12:54.026] at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.verifyInboundMess
age(SecurityTubeBase.java:462)
[16:12:54.026] at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientRe
sponsePacket(SecurityClientTube.java:412)
[16:12:54.026] at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processResponse


javax.xml.ws.WebServiceException: com.sun.xml.wss.impl.WssSoapFaultException: WSS1722: Error occurred while validating Reference with URI: #Id-46282a5d-c7fa-403c-8ac9-f7df0dfdb0c
f

最佳答案

经过更多研究,我相信我对此的初步理解是正确的。调用 StreamBuffer 代码以流式传输来自 SOAP 响应的 XML 的 Metro/WSIT 代码无法处理没有命名空间前缀或属性的元素。对于那些对后续行动感兴趣的人,我已经提交了一个针对 WSIT 的问题:

https://wsit.dev.java.net/issues/show_bug.cgi?id=1423

关于java - Metro & StreamBuffer 命名空间错误——我理解正确吗?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/2761603/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com