java - 如何在spring ws客户端请求中添加证书链

Question

我只有 spring ws 客户端，它将请求发送到某个网址:

  @SuppressWarnings("unchecked")
  private JAXBElement<O> sendSyncSoapRequest(final JAXBElement<I> req, final String iszrUrl) {
    if (iszrUrl != null) {
      return (JAXBElement<O>) this.wsTemplate.marshalSendAndReceive(iszrUrl, req);
    } else {
      return (JAXBElement<O>) this.wsTemplate.marshalSendAndReceive(req);
    }
  }

现在我需要将证书链附加到肥皂请求中。我该怎么做？请帮忙

Answer 1

我不知道 Spring 中有任何在客户端上使用证书身份验证的语法糖。然而现在我可能错过了一些东西。在没有其他人指出有一个简单的注释可以应用于您的 Web 服务模板的情况下，这是我的想法。

这不是一个完整的分步答案，但它应该可以帮助您实现这一目标。通过使用 WebServiceMessageCallback，您可以在发送消息之前修改 SOAP 消息中的 header 。下面的代码演示了如何将用户名和密码添加到 header 。

您应该能够使用相同的机制以类似的方式将证书添加到安全 header 。请查看以下文档，其中解释了基于 SOAP 证书的身份验证，并在第 9 页上显示了该示例的安全 header 。

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0.pdf

Object response = getWebServiceTemplate().marshalSendAndReceive(
    exposureRequests,
    new WebServiceMessageCallback() {
    /**
     * The doWithMessage callback enables us to modify the message after it has
     * been built using the nice Spring/JAXB marshalling, just before it gets
     * sent out.
     */
    @Override
    public void doWithMessage(WebServiceMessage message)
        throws IOException, TransformerException {
            applySecurityHeaders(message, SOAP_ACTION);
        }
    }
);


/**
 * Add security headers to the outgoing message, so that the client is 
 * authenticated against the web service.
 */
private void applySecurityHeaders(WebServiceMessage message, String soapAction) 
        throws IOException, TransformerException {
    Assert.isInstanceOf(SoapMessage.class, message);

    SoapMessage soapMessage = (SoapMessage) message;
    soapMessage.setSoapAction(soapAction);
    SoapHeader header = soapMessage.getSoapHeader();
    Transformer transformer = TransformerFactory.newInstance().newTransformer();
    transformer.transform(getSecurityHeaderSource(), header.getResult());
    soapMessage.writeTo(new LoggingOutputStream(log));
}

/**
 * Returns the content required for a basic SOAP security header.
 */
private StringSource getSecurityHeaderSource() {
    return new StringSource(
            "<Security xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">\n "
                    + "<UsernameToken>\n"
                    + "<Username><![CDATA[" + username + "]]></Username>\n "
                    + "<Password><![CDATA[" + password + "]]></Password>\n "
                    + "</UsernameToken>\n"
                    + "</Security>\n");
}