java – web服务 – 用户名令牌 – 根据安全策略验证消息时出错错误代码:1000

2019年8月3日 147次阅读

我试图调用在wsdl中配置了用户名令牌的Web服务:

<sp:SupportingTokens><wsp:Policy><sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:HashPassword/>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>

soap请求包含以下用于身份验证的信息:

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>user</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>

我收到以下错误:

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body>
  <env:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
     <faultcode>wsse:InvalidSecurity</faultcode>
     <faultstring>Error on verifying message against security policy Error code:1000</faultstring>
  </env:Fault>
</env:Body>
</env:Envelope>

谁能告诉我我做错了什么?

谢谢.

最佳答案 你在调用webservice时提供了用户名和密码吗?

看起来它没有提供或用户名/密码不正确.

点赞