XFire中实现WS-Security时出现的异常及原因

XFire中实现WS-Security时出现的异常及原因:

1.缺包,在客户端添加xalan.jar


Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/xml/utils/URI$MalformedURIException

    at org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:350)

    at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:703)

    at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:54)

    at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:192)

    at org.codehaus.xfire.security.wss4j.WSS4JOutHandler.invoke(WSS4JOutHandler.java:158)

    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)

    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)

    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)

    at org.codehaus.xfire.client.Client.invoke(Client.java:336)

    at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)

    at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)

    at $Proxy0.test(Unknown Source)

    at keytool.TestClient.main(TestClient.java:69)



2.在调用服务端方法前未添加Handler,没有对报头添加信息
Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: Request does not contain required Security header

org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: Request does not contain required Security header

    at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)

    at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)

    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)

    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)

    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)

    at org.codehaus.xfire.client.Client.onReceive(Client.java:406)

    at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)

    at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)

    at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)

    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)

    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)

    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)

    at org.codehaus.xfire.client.Client.invoke(Client.java:336)

    at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)

    at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)

    at $Proxy0.getList(Unknown Source)

    at keytool.TestClient.main(TestClient.java:46)



如果是基于用户名密码的可能报的是这样的错:
Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: 请求必须包含验证信息
org.codehaus.xfire.fault.XFireFault: 请求必须包含验证信息
    at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)
    at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
    at org.codehaus.xfire.client.Client.onReceive(Client.java:406)
    at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)
    at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)
    at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
    at org.codehaus.xfire.client.Client.invoke(Client.java:336)
    at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
    at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
    at $Proxy0.getUser(Unknown Source)
    at test.ClientTest.main(ClientTest.java:35)

就是代表验证不合法,拒绝提供服务。



3. 安装对应JDK 版本的Unlimited Strength Jurisdiction策略文件. 策略文件包括local_policy.jar和US_export_policy.jar文件,将其拷贝到<JAVA_HOME>/jre/lib/security目录下。



你可以从http: //java.sun.com/j2se/1.5.0/download.jsp 或 http://java.sun.com/j2se/1.4.2/download.html页面的底部找到下载的链接。否则在使用WS- Security时,可以会抛出java.security.InvalidKeyException: Illegal key size的错误信息。



4. 安装SecurityProvider

WSS4J使用了BouncyCastle的SecurityProvider,所以需要事先在java.security文件中进行配置,否则运 行加密模式的XFire认证时,会抛出以下的出错信息:org.apache.ws.security.WSSecurityException: An unsupported signature or encryption algorithm was used unsupported key

在java.security文件中(位于<JAVA_HOME>/jre/lib/security目录中)添加BouncyCastleProvider的配置:



security.provider.1=sun.security.provider.Sun

security.provider.2=sun.security.rsa.SunRsaSign

security.provider.3=com.sun.net.ssl.internal.ssl.Provider

security.provider.4=com.sun.crypto.provider.SunJCE

security.provider.5=sun.security.jgss.SunProvider

security.provider.6=com.sun.security.sasl.Provider

security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider





5.配置文件里缺少<inHandlers>.... </inHandlers>这段配置或者这段配置有问题。


Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Header {Security}http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd was not undertsood by the service.

org.codehaus.xfire.fault.XFireFault: Header {Security}http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd was not undertsood by the service.

    at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)

    at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)

    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)

    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)

    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)

    at org.codehaus.xfire.client.Client.onReceive(Client.java:406)

    at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)

    at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)

    at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)

    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)

    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)

    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)

    at org.codehaus.xfire.client.Client.invoke(Client.java:336)

    at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)

    at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)

    at $Proxy0.test(Unknown Source)

    at keytool.TestClient.main(TestClient.java:69)

 

 

Fault occurred!

org.codehaus.xfire.fault.XFireFault: Header {Security}http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd was not undertsood by the service.

    at org.codehaus.xfire.soap.handler.ValidateHeadersHandler.assertUnderstandsHeader(ValidateHeadersHandler.java:76)

    at org.codehaus.xfire.soap.handler.ValidateHeadersHandler.invoke(ValidateHeadersHandler.java:53)

    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)

    at org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64)

    at org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38)

    at org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:304)

    at org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:129)

    at org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)

    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)

    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)

    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)

    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)

    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)

    at java.lang.Thread.run(Thread.java:595)

 

6.配置文件。。.properties的org.apache.ws.security.crypto.merlin.file有错

 

Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: org.apache.ws.security.components.crypto.Merlin cannot create instance

org.codehaus.xfire.fault.XFireFault: org.apache.ws.security.components.crypto.Merlin cannot create instance

    at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)

    at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)

    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)

    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)

    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)

    at org.codehaus.xfire.client.Client.onReceive(Client.java:406)

    at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)







7. Unexpected close tag </body>; expected </HR>.服务端缺少xalan.jar。

15:27:36,062 ERROR [STDERR] org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR]  at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
15:27:36,062 ERROR [STDERR]  at org.codehaus.xfire.client.Client.onReceive(Client.java:386)



8. java.lang.NoClassDefFoundError: org/apache/xml/serializer/TreeWalker错误
原因:原本这个类是包含在xalan.jar中的,但是xalan-j2.7.0版的发布包中,将serializer包中的类单独打包成serializer.jar,不再包含在xalan.jar中,所以才会即使添加了xalan.jar也无法找到该类,添加后即可解决问题。添加到服务端。



错误内容如下:Unrecognized xbean element mapping: services in namespace  http://xfire.codeh.
经过分析得出XFire1.26需要xalan.jar包的支持.因此要添加xalan.jar



错误一:

15:27:36,062 ERROR [STDERR] org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR]  at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
15:27:36,062 ERROR [STDERR]  at org.codehaus.xfire.client.Client.onReceive(Client.java:386)

解决方法:调用的地址写错了。这个原因好像不对,在我的项目中遇到这个问题,竟然是因为服务端缺少xalan.jar。





错误二:

Caused by: java.lang.IllegalAccessException: Class org.codehaus.xfire.service.invoker.LocalFactory can not access a member of class

解决方法:接口实现类不是public 的,所以不能实例化。





错误三:java.io.CharConversionException: Invalide char #a323

解决方法:试试添加 xfire 1.1 miscellaneous 库

你可能感兴趣的:(java,apache,tomcat,Security,SOAP)