客户端请求包为:
<?xml version="1.0" encoding="UTF-8"?>
SOAP-ENV:Headerwsse:Usernameadmin/wsse:UsernameCVcFYtamWGT+GNHNkvjYZlYYgcE=/wsse:Passwordwsse:Nonce+DhmWVsLDBKokbEwNK7f/FIzRAQ=/wsse:Noncewsu:Created2017-07-12T14:58:00Z/wsu:Created/wsse:UsernameToken/wsse:Security/SOAP-ENV:HeaderSOAP-ENV:Bodyns13:GetCapabilities/ns13:GetCapabilities/SOAP-ENV:Body/SOAP-ENV:Envelope>
服务端返回:
<?xml version="1.0" ?>S:MustUnderstandMustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood/S:Fault/S:Body</S:Envelope>
这是由于缺少头部认证引起的,解决方法是在实现类上添加注解@HandlerChain(file = "handle-chain.xml"),并在配置文件handle-chain.xml中进行配置,(file = "handle-chain.xml"要把配置文件放到当前目录,即和实现类放到一个文件夹下(我尝试了用绝对了路径file = "D:/handle-chain.xml",D盘下也放置了该配置文件,但运行时还是报错,提示找不到这个配置文件,不是到为什么,网上搜索,有的说是配置文件必须和实现类放到同一目录下)),handle-chain.xml的内容如下:
<?xml version="1.0" encoding="UTF-8"?>
<handler-chains xmlns="http://java.sun.com/xml/ns/javaee">
<handler-chain>
<handler>
<handler-name>SecurityHandler</handler-name>
<handler-class>com.znv.simulation.onvif.handlers.SecurityHandler</handler-class>
</handler>
</handler-chain>
</handler-chains>
编写头部处理的类,实现SOAPHandle接口:
package com.znv.simulation.onvif.handlers;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.xml.namespace.QName;
import javax.xml.soap.Node;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPConstants;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPFault;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import javax.xml.ws.soap.SOAPFaultException;
/**
* @author Administrator
*
*/
public class SecurityHandler implements SOAPHandler<SOAPMessageContext> {
@Override
public boolean handleMessage(SOAPMessageContext messageContext) {
// TODO Auto-generated method stub
System.out.println("To handle SOAP message...");
boolean responseFlag = (Boolean) messageContext
.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
// for response message only, true for outbound messages, false for
// inbound
System.out.println("responseFlag=" + responseFlag);
if (!responseFlag) {
SOAPMessage soapMessage = messageContext.getMessage();
try {
SOAPEnvelope soapEnvelope = soapMessage.getSOAPPart()
.getEnvelope();
SOAPHeader soapHeader = soapEnvelope.getHeader();
if (null == soapHeader) {
System.out.println("No SOAP message header");
generateSOAPFault(soapMessage, "No SOAP message header");
return false;
}
Iterator iterator = soapHeader
.extractHeaderElements(SOAPConstants.URI_SOAP_ACTOR_NEXT);
if (null == iterator || null == iterator.next()) {
System.out.println("No header block for role next.");
generateSOAPFault(soapMessage,
"No header block for role next.");
return false;
}
Node next = (Node) iterator.next();
String value = (next == null) ? null : next.getValue();
if (null == value) {
System.out
.println("No authentication info in header block.");
generateSOAPFault(soapMessage,
"No authentication info in header block.");
return false;
}
// 只要有头部,就可以访问
return true;
} catch (Exception e) {
// TODO: handle exception
}
}
return true;
}
private void generateSOAPFault(SOAPMessage soapMessage, String reason) {
// TODO Auto-generated method stub
try {
SOAPBody soapBody = soapMessage.getSOAPBody();
SOAPFault soapFault = soapBody.getFault();
soapFault.setFaultString(reason);
throw new SOAPFaultException(soapFault);
} catch (SOAPException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
@Override
public boolean handleFault(SOAPMessageContext context) {
// TODO Auto-generated method stub
return false;
}
@Override
public void close(MessageContext context) {
// TODO Auto-generated method stub
}
@Override
public Set<QName> getHeaders() {
// TODO Auto-generated method stub
HashSet<QName> headers = new HashSet<QName>();
QName securityHeader = new QName(
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
"Security");
headers.add(securityHeader);
QName addressingHeader = new QName(
"http://www.w3.org/2005/08/addressing", "To");
headers.add(addressingHeader);
return headers;
}
}
其中要重写getHeaders()方法,加入缺少的QName即可。而对于头部的处理(如安全验证)在handleMessage()方法中处理。
soap消息拦截器SOAPHandler【handler-chain.xml】