8
정말 고민 중입니다. 인증서 및 디지털 서명으로 보안이 설정된 웹 서비스가 있습니다. 이 모든 것은 자바 코드를 통해 SOAP 요청의 일부로 전달되어야하지만, 작성하려고하는 디지털 서명 부분이 제대로 형성되지는 않습니다.Java를 통해 샘플 XML에서 SOAP 메시지 만들기
코드는 BinaryToken까지 요청을 올바르게 만들고 "Name signatureToken"에서 나옵니다. 코드
이에서하지 못했습니다이 무엇인지에 관한 지침을 찾고하는 샘플 XML입니다 :
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1">
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="XWSSGID-1313056420712-845854837">MIIDVjCCAj6gAwIBAgIEThbQLTANBgkqhkiG9w0BAQUFADBtMQswCQYDVQQGEwJnYjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEUMBIGA1UEChMLaGVhbHRoc29sdmUxFDASBgNVBAsTC2hlYWx0aHNvbHZlMQ4wDAYDVQQDEwVzaW1vbjAeFw0xMTA3MDgwOTM4NTNaFw0xMjA3MDIwOTM4NTNaMG0x</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="XWSSGID-13130564207092015610708">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse SOAP-ENV"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#XWSSGID-1313056421405-433059543">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>3wCcYA8m7LN0TLchG80s6zUaTJE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>ZkPCKEGpOmkhJA5Kq6oqUYU3OWQYyca676UhL
lOyRj7HQD7g0vS+wp70gY7Hos/2G7UpjmYDLPA==</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1313056421331317573418">
<wsse:Reference URI="#XWSSGID-1313056420712-845854837" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1313056421405-433059543">
</ns2:GetEhaStatusRequest>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
내가 코드를 통해 위의 XML을 형성하기 위해 작성한 코드 것은있는 그대로 :
protected void setSecuritySection(SOAPFactory soapFactory, SOAPEnvelope envelope, SOAPPart soapPart) throws SOAPException, ECException {
String METHODNAME = "setSecuritySection";
KeyPairGenerator kpg;
boolean mustUnderstand = true;
SOAPHeader soapHeader = envelope.getHeader();
try {
Name securityName = soapFactory.createName("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd");
SOAPElement securityElement = soapHeader.addHeaderElement(securityName);
// SOAPHeaderElement securityElement =
// soapHeader.addHeaderElement(securityName);
// securityElement.setMustUnderstand(mustUnderstand);
Name binarySecurityToken = soapFactory.createName("BinarySecurityToken", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd");
SOAPElement binarySecurityTokenElement = securityElement.addChildElement(binarySecurityToken);
Certificate cert;
String trustStoreLocation = ServerInformation.getValueForWebsphereVariable("EHA_TRUSTSTORE");
String trustStorePwd = ServerInformation.getValueForWebsphereVariable("EHA_TRUSTSTORE_PWD");
InputStream path = new FileInputStream(trustStoreLocation);
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(path, new String(new BASE64Decoder().decodeBuffer(trustStorePwd)).toCharArray());
cert = ks.getCertificate("test");
binarySecurityTokenElement.addTextNode(new BASE64Encoder().encode(cert.getEncoded()));
kpg = KeyPairGenerator.getInstance("DSA");
Name idToken = soapFactory.createName("Id", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-secext-1.0.xsd");
SOAPElement idElement = binarySecurityTokenElement.addChildElement(idToken);
idElement.addTextNode("test");
Name valueTypeToken = soapFactory.createName("ValueType", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3");
SOAPElement valueTypeElement = binarySecurityTokenElement.addChildElement(valueTypeToken);
valueTypeElement.addTextNode("X509v3");
Name encodingTypeToken = soapFactory.createName("EncodingType", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
SOAPElement encodingTypeElement = binarySecurityTokenElement.addChildElement(encodingTypeToken);
encodingTypeElement.addTextNode("Base64Binary");
Name signatureToken = soapFactory.createName("Signature", "ds", "http://www.w3.org/2000/09/xmldsig#");
SOAPHeaderElement signElement = soapHeader.addHeaderElement(signatureToken);
Name id1 = soapFactory.createName("Id");
signElement.addAttribute(id1,"XWSSGID-13130564207092015610708");
Name signedInfo = soapFactory.createName("SignedInfo");
SOAPElement signInfoElement = signElement.addChildElement(signedInfo);
//SOAPHeaderElement signInfoElement = soapHeader.addHeaderElement(signedInfo);
Name canonicalToken = soapFactory.createName("CanonicalizationMethod");
SOAPElement canonicalTokenTokenElement = signInfoElement.addChildElement(canonicalToken);
Name alg = soapFactory.createName("Algorithm");
canonicalTokenTokenElement.addAttribute(alg,"http://www.w3.org/2001/10/xml-exc-c14n#");
Name InclusiveNamespaceToken = soapFactory.createName("InclusiveNamespaces", "wsse", "http://www.w3.org/2001/10/xml-exc-c14n#");
SOAPElement element = canonicalTokenTokenElement.addChildElement(InclusiveNamespaceToken);
Name prefixList = soapFactory.createName("PrefixList");
element.addAttribute(prefixList,"wsse SOAP-ENV");
Name signatureMethodToken = soapFactory.createName("SignatureMethod","ds", "http://www.w3.org/2000/09/xmldsig#rsa-sha1");
SOAPElement signatureMethodTokenElement = signInfoElement.addChildElement(signatureMethodToken);
Name alg2 = soapFactory.createName("Algorithm");
signatureMethodTokenElement.addAttribute(alg2,"http://www.w3.org/2000/09/xmldsig#rsa-sha1");
Name referenceToken = soapFactory.createName("Reference", "ds", "#XWSSGID-1313056421405-433059543");
SOAPElement referenceTokenElement = signatureMethodTokenElement.addChildElement(referenceToken);
Name uri = soapFactory.createName("URI");
referenceTokenElement.addAttribute(uri,"#XWSSGID-1313056421405-433059543");
Name digestMethodAlgToken = soapFactory.createName("DigestMethod");
SOAPElement digestMethodAlgTokenElement = referenceTokenElement.addChildElement(digestMethodAlgToken);
Name alg3 = soapFactory.createName("Algorithm");
digestMethodAlgTokenElement.addAttribute(alg3,"http://www.w3.org/2000/09/xmldsig#sha1");
Name digestValueToken = soapFactory.createName("DigestValue" ,"ds" , "3wCcYA8m7LN0TLchG80s6zUaTJE=");
SOAPElement digestValueTokenElement = referenceTokenElement.addChildElement(digestValueToken);
digestValueTokenElement.addTextNode("3wCcYA8m7LN0TLchG80s6zUaTJE=");
Name signValueToken = soapFactory.createName("SignatureValue");
SOAPElement signValueElement = signElement.addChildElement(signValueToken);
signValueElement.addTextNode("QlYfURFjcYPu41G31bXgP4JbFdg6kWH+8ofrY+oc22FvLqVMUW3zdtvZN==");
Name keyInfoToken = soapFactory.createName("KeyInfo") ;
SOAPElement keyInfoElement = signElement.addChildElement(keyInfoToken);
Name securityRefToken = soapFactory.createName("SecurityTokenReference" ,"wsse" , "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
SOAPElement securityRefElement = keyInfoElement.addChildElement(securityRefToken);
Name id2 = soapFactory.createName("Id","wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
securityRefElement.addAttribute(id2,"XWSSGID-1313056421331317573418");
Name referenceURIToken = soapFactory.createName("Reference", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-tokenprofile1.0#X509v3");
SOAPElement refElement = securityRefElement.addChildElement(referenceURIToken);
Name uri1 = soapFactory.createName("URI");
refElement.addAttribute(uri1,"#XWSSGID-1313056420712-845854837");
Name valType = soapFactory.createName("ValueType");
refElement.addAttribute(valType,"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3");
} catch (Exception ex) {
throw new SOAPException(ex);
}
정확히 "깨진"무엇입니까? – emboss
SOAP 메시지 구성이 샘플 1로 나오지 않습니다. xml 형성에 사용할 정확한 방법이 필요합니다. – Nidhi
서명 된 XML 문서를 "수동으로"만들고 있습니까? –