异常 Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: security processing failed
如果使用服务器端wss配置:
<bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler" />
<bean id="wss4jInHandler" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
<property name="properties">
<props>
<prop key="action">UsernameToken</prop><!-- 指定认证类型-->
<prop key="passwordCallbackClass"><!--指定一个密码回调实现类-->
com.szboeye.webservice.handler.PwdCallbackHandler
</prop>
</props>
</property>
</bean>
客户代码:
WSS4JOutHandler wsOut = new WSS4JOutHandler();
String actions =WSHandlerConstants.USERNAME_TOKEN;
wsOut.setProperty(WSHandlerConstants.ACTION, actions);//动作
wsOut.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PASSWORD_DIGEST);//WSConstants.PW_DIGEST表示密码以摘要方式发送,这可以保证密码的传输安全。设置为WSConstants.PW_TEXT表示密码以明文方式发送
wsOut.setProperty(WSHandlerConstants.USER, "server"); //指定用户
wsOut.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPwdCallbackHandler.class.getName());//密码回调类
client.addOutHandler(new DOMOutHandler());
client.addOutHandler(wsOut);
服务端和客户端的 PwdCallbackHandler 和 ClientPwdCallbackHandler 客户端的密码不一致将会导致以上异常,这个异常很正常,说明是非法用户和来校验用户密码,只要两个密码一样,就不会出现以上异常