1
我试图创建一个启用了安全性的JAX-WS webservice。我跟着this 教程,并完成它与我以前建立的webservice我自己的。这只是一个简单的web服务,返回当前时间。因此,客户端是一个独立的Java应用程序和客户端代码去为:JAX-WS web服务安全问题
public class CallWS {
public static void main(String[] args) {
TimeService ts = new TimeService();
Time time = ts.getTimePort();
System.out.println(time.timeOfDay());
}
}
,但我发现以下异常:
SEVERE: WSSTUBE0023: Error in creating new instance of SecurityClientTube
java.lang.RuntimeException: WSSTUBE0016: TrustStore URL was obtained as NULL from ConfigAssertion.
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.populateTruststoreProps(SecurityTubeBase.java:1411)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.populateConfigProperties(SecurityTubeBase.java:1314)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.configureClientHandler(SecurityClientTube.java:779)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.<init>(SecurityClientTube.java:170)
at com.sun.xml.wss.provider.wsit.SecurityTubeFactory.createTube(SecurityTubeFactory.java:227)
at com.sun.xml.ws.assembler.TubeCreator.createTube(TubeCreator.java:77)
at com.sun.xml.ws.assembler.TubelineAssemblerFactoryImpl$MetroTubelineAssembler.createClient(TubelineAssemblerFactoryImpl.java:121)
at com.sun.xml.ws.client.Stub.createPipeline(Stub.java:224)
at com.sun.xml.ws.client.Stub.<init>(Stub.java:201)
at com.sun.xml.ws.client.Stub.<init>(Stub.java:174)
at com.sun.xml.ws.client.sei.SEIStub.<init>(SEIStub.java:81)
at com.sun.xml.ws.client.WSServiceDelegate.createEndpointIFBaseProxy(WSServiceDelegate.java:602)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:344)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:326)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:308)
at javax.xml.ws.Service.getPort(Service.java:99)
at wsclient.TimeService.getTimePort(TimeService.java:72)
at main.CallWS.main(CallWS.java:19)
Exception in thread "main" java.lang.RuntimeException: WSSTUBE0023: Error in creating new instance of SecurityClientTube
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.<init>(SecurityClientTube.java:175)
at com.sun.xml.wss.provider.wsit.SecurityTubeFactory.createTube(SecurityTubeFactory.java:227)
at com.sun.xml.ws.assembler.TubeCreator.createTube(TubeCreator.java:77)
at com.sun.xml.ws.assembler.TubelineAssemblerFactoryImpl$MetroTubelineAssembler.createClient(TubelineAssemblerFactoryImpl.java:121)
at com.sun.xml.ws.client.Stub.createPipeline(Stub.java:224)
at com.sun.xml.ws.client.Stub.<init>(Stub.java:201)
at com.sun.xml.ws.client.Stub.<init>(Stub.java:174)
at com.sun.xml.ws.client.sei.SEIStub.<init>(SEIStub.java:81)
at com.sun.xml.ws.client.WSServiceDelegate.createEndpointIFBaseProxy(WSServiceDelegate.java:602)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:344)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:326)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:308)
at javax.xml.ws.Service.getPort(Service.java:99)
at wsclient.TimeService.getTimePort(TimeService.java:72)
at main.CallWS.main(CallWS.java:19)
Caused by: java.lang.RuntimeException: WSSTUBE0016: TrustStore URL was obtained as NULL from ConfigAssertion.
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.populateTruststoreProps(SecurityTubeBase.java:1411)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.populateConfigProperties(SecurityTubeBase.java:1314)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.configureClientHandler(SecurityClientTube.java:779)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.<init>(SecurityClientTube.java:170)
... 14 more
Java Result: 1
我使用了相同的安全机制,如提教程(用对称密钥进行用户名认证),并遵循客户端和服务器端环境完全相同的步骤。
我使用
- 的Netbeans 7.0.1
- Glassfish的3.1
- 的Java EE 6
- JDK 7
- 地铁2.0库
WSIT-ws.Time
<?xml version="1.0" encoding="UTF-8"?>
<definitions
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" name="TimeService" targetNamespace="http%3A%2F%2Fns.soacookbook.com" xmlns:tns="http%3A%2F%2Fns.soacookbook.com" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:sc="http://schemas.sun.com/2006/03/wss/server" xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy" xmlns:wsp1="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsaw="http://www.w3.org/2005/08/addressing" xmlns:fi="http://java.sun.com/xml/ns/wsit/2006/09/policy/fastinfoset/service" xmlns:tcp="http://java.sun.com/xml/ns/wsit/2006/09/policy/soaptcp/service" xmlns:sp1="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
>
<message name="timeOfDay"/>
<message name="timeOfDayResponse"/>
<portType name="Time">
<operation name="timeOfDay">
<input message="tns:timeOfDay"/>
<output message="tns:timeOfDayResponse"/>
</operation>
</portType>
<binding name="TimePortBinding" type="tns:Time">
<wsp1:PolicyReference URI="#TimePortBindingPolicy"/>
<operation name="timeOfDay">
<input>
<wsp1:PolicyReference URI="#TimePortBinding_timeOfDay_Input_Policy"/>
</input>
<output>
<wsp1:PolicyReference URI="#TimePortBinding_timeOfDay_Output_Policy"/>
</output>
</operation>
</binding>
<service name="TimeService">
<port name="TimePort" binding="tns:TimePortBinding"/>
</service>
<wsp1:Policy wsu:Id="TimePortBindingPolicy">
<wsp1:ExactlyOne>
<wsp1:All>
<wsaw:UsingAddressing xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" wsp1:Optional="false"/>
<sp1:SymmetricBinding>
<wsp1:Policy>
<sp1:ProtectionToken>
<wsp1:Policy>
<sp1:X509Token sp1:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp1:Policy>
<sp1:WssX509V3Token10/>
<sp1:RequireIssuerSerialReference/>
</wsp1:Policy>
</sp1:X509Token>
</wsp1:Policy>
</sp1:ProtectionToken>
<sp1:Layout>
<wsp1:Policy>
<sp1:Strict/>
</wsp1:Policy>
</sp1:Layout>
<sp1:IncludeTimestamp/>
<sp1:OnlySignEntireHeadersAndBody/>
<sp1:AlgorithmSuite>
<wsp1:Policy>
<sp1:Basic128/>
</wsp1:Policy>
</sp1:AlgorithmSuite>
</wsp1:Policy>
</sp1:SymmetricBinding>
<sp1:Wss11>
<wsp1:Policy>
<sp1:MustSupportRefIssuerSerial/>
<sp1:MustSupportRefThumbprint/>
<sp1:MustSupportRefEncryptedKey/>
</wsp1:Policy>
</sp1:Wss11>
<sp1:SignedSupportingTokens>
<wsp1:Policy>
<sp1:UsernameToken sp1:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp1:Policy>
<sp1:WssUsernameToken10/>
</wsp1:Policy>
</sp1:UsernameToken>
</wsp1:Policy>
</sp1:SignedSupportingTokens>
<sc:KeyStore wspp:visibility="private" location="/home/oshadha/.netbeans/7.0/config/GF3_113/domain1/config/keystore.jks" type="JKS" storepass="changeit" alias="xws-security-server"/>
</wsp1:All>
</wsp1:ExactlyOne>
</wsp1:Policy>
<wsp1:Policy wsu:Id="TimePortBinding_timeOfDay_Input_Policy">
<wsp1:ExactlyOne>
<wsp1:All>
<sp1:EncryptedParts>
<sp1:Body/>
</sp1:EncryptedParts>
<sp1:SignedParts>
<sp1:Body/>
<sp1:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="AckRequested" Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
<sp1:Header Name="SequenceAcknowledgement" Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
<sp1:Header Name="Sequence" Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
<sp1:Header Name="CreateSequence" Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
</sp1:SignedParts>
</wsp1:All>
</wsp1:ExactlyOne>
</wsp1:Policy>
<wsp1:Policy wsu:Id="TimePortBinding_timeOfDay_Output_Policy">
<wsp1:ExactlyOne>
<wsp1:All>
<sp1:EncryptedParts>
<sp1:Body/>
</sp1:EncryptedParts>
<sp1:SignedParts>
<sp1:Body/>
<sp1:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp1:Header Name="AckRequested" Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
<sp1:Header Name="SequenceAcknowledgement" Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
<sp1:Header Name="Sequence" Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
<sp1:Header Name="CreateSequence" Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm"/>
</sp1:SignedParts>
</wsp1:All>
</wsp1:ExactlyOne>
</wsp1:Policy>
</definitions>
为什么在UT不需要TrustStore URL时抛出异常?我对这个问题没有太多的想法,但可能是你应该检查你的安全配置! – 2012-04-01 07:17:45