XFire中实现WS-Security时出现的异常及原因
XFire中实现WS-Security时出现的异常及原因:
1.缺包,在客户端添加xalan.jar
2.在调用服务端方法前未添加Handler,没有对报头添加信息
如果是基于用户名密码的可能报的是这样的错:
就是代表验证不合法,拒绝提供服务。
3. 安装对应JDK 版本的Unlimited Strength Jurisdiction策略文件. 策略文件包括local_policy.jar和US_export_policy.jar文件,将其拷贝到<JAVA_HOME>/jre/lib/security目录下。
你可以从http: //java.sun.com/j2se/1.5.0/download.jsp 或 http://java.sun.com/j2se/1.4.2/download.html页面的底部找到下载的链接。否则在使用WS- Security时,可以会抛出java.security.InvalidKeyException: Illegal key size的错误信息。
4. 安装SecurityProvider
WSS4J使用了BouncyCastle的SecurityProvider,所以需要事先在java.security文件中进行配置,否则运 行加密模式的XFire认证时,会抛出以下的出错信息:org.apache.ws.security.WSSecurityException: An unsupported signature or encryption algorithm was used unsupported key
在java.security文件中(位于<JAVA_HOME>/jre/lib/security目录中)添加BouncyCastleProvider的配置:
…
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider
…
5.配置文件里缺少<inHandlers>.... </inHandlers>这段配置或者这段配置有问题。
7. Unexpected close tag </body>; expected </HR>.服务端缺少xalan.jar。
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
15:27:36,062 ERROR [STDERR] at org.codehaus.xfire.client.Client.onReceive(Client.java:386)
8. java.lang.NoClassDefFoundError: org/apache/xml/serializer/TreeWalker错误
原因:原本这个类是包含在xalan.jar中的,但是xalan-j2.7.0版的发布包中,将serializer包中的类单独打包成serializer.jar,不再包含在xalan.jar中,所以才会即使添加了xalan.jar也无法找到该类,添加后即可解决问题。添加到服务端。
错误内容如下:Unrecognized xbean element mapping: services in namespace http://xfire.codeh.
经过分析得出XFire1.26需要xalan.jar包的支持.因此要添加xalan.jar
错误一:
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
15:27:36,062 ERROR [STDERR] at org.codehaus.xfire.client.Client.onReceive(Client.java:386)
解决方法:调用的地址写错了。这个原因好像不对,在我的项目中遇到这个问题,竟然是因为服务端缺少xalan.jar。
错误二:
Caused by: java.lang.IllegalAccessException: Class org.codehaus.xfire.service.invoker.LocalFactory can not access a member of class
解决方法:接口实现类不是public 的,所以不能实例化。
错误三:java.io.CharConversionException: Invalide char #a323
解决方法:试试添加 xfire 1.1 miscellaneous 库
1.缺包,在客户端添加xalan.jar
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/xml/utils/URI$MalformedURIException
at org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:350)
at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:703)
at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:54)
at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:192)
at org.codehaus.xfire.security.wss4j.WSS4JOutHandler.invoke(WSS4JOutHandler.java:158)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at $Proxy0.test(Unknown Source)
at keytool.TestClient.main(TestClient.java:69)
2.在调用服务端方法前未添加Handler,没有对报头添加信息
Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: Request does not contain required Security header
org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: Request does not contain required Security header
at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)
at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)
at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)
at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Client.onReceive(Client.java:406)
at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)
at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at $Proxy0.getList(Unknown Source)
at keytool.TestClient.main(TestClient.java:46)
如果是基于用户名密码的可能报的是这样的错:
Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: 请求必须包含验证信息
org.codehaus.xfire.fault.XFireFault: 请求必须包含验证信息
at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)
at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)
at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)
at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Client.onReceive(Client.java:406)
at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)
at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at $Proxy0.getUser(Unknown Source)
at test.ClientTest.main(ClientTest.java:35)
就是代表验证不合法,拒绝提供服务。
3. 安装对应JDK 版本的Unlimited Strength Jurisdiction策略文件. 策略文件包括local_policy.jar和US_export_policy.jar文件,将其拷贝到<JAVA_HOME>/jre/lib/security目录下。
你可以从http: //java.sun.com/j2se/1.5.0/download.jsp 或 http://java.sun.com/j2se/1.4.2/download.html页面的底部找到下载的链接。否则在使用WS- Security时,可以会抛出java.security.InvalidKeyException: Illegal key size的错误信息。
4. 安装SecurityProvider
WSS4J使用了BouncyCastle的SecurityProvider,所以需要事先在java.security文件中进行配置,否则运 行加密模式的XFire认证时,会抛出以下的出错信息:org.apache.ws.security.WSSecurityException: An unsupported signature or encryption algorithm was used unsupported key
在java.security文件中(位于<JAVA_HOME>/jre/lib/security目录中)添加BouncyCastleProvider的配置:
…
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider
…
5.配置文件里缺少<inHandlers>.... </inHandlers>这段配置或者这段配置有问题。
Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Header {Security}http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd was not undertsood by the service.
org.codehaus.xfire.fault.XFireFault: Header {Security}http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd was not undertsood by the service.
at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)
at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)
at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)
at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Client.onReceive(Client.java:406)
at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)
at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)
at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at $Proxy0.test(Unknown Source)
at keytool.TestClient.main(TestClient.java:69)
Fault occurred!
org.codehaus.xfire.fault.XFireFault: Header {Security}http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd was not undertsood by the service.
at org.codehaus.xfire.soap.handler.ValidateHeadersHandler.assertUnderstandsHeader(ValidateHeadersHandler.java:76)
at org.codehaus.xfire.soap.handler.ValidateHeadersHandler.invoke(ValidateHeadersHandler.java:53)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64)
at org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38)
at org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:304)
at org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:129)
at org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
6.配置文件。。.properties的org.apache.ws.security.crypto.merlin.file有错
Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: org.apache.ws.security.components.crypto.Merlin cannot create instance
org.codehaus.xfire.fault.XFireFault: org.apache.ws.security.components.crypto.Merlin cannot create instance
at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)
at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)
at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)
at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Client.onReceive(Client.java:406)
at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)
7. Unexpected close tag </body>; expected </HR>.服务端缺少xalan.jar。
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
15:27:36,062 ERROR [STDERR] at org.codehaus.xfire.client.Client.onReceive(Client.java:386)
8. java.lang.NoClassDefFoundError: org/apache/xml/serializer/TreeWalker错误
原因:原本这个类是包含在xalan.jar中的,但是xalan-j2.7.0版的发布包中,将serializer包中的类单独打包成serializer.jar,不再包含在xalan.jar中,所以才会即使添加了xalan.jar也无法找到该类,添加后即可解决问题。添加到服务端。
错误内容如下:Unrecognized xbean element mapping: services in namespace http://xfire.codeh.
经过分析得出XFire1.26需要xalan.jar包的支持.因此要添加xalan.jar
错误一:
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>.
at [row,col {unknown-source}]: [1,1013]
15:27:36,062 ERROR [STDERR] at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
15:27:36,062 ERROR [STDERR] at org.codehaus.xfire.client.Client.onReceive(Client.java:386)
解决方法:调用的地址写错了。这个原因好像不对,在我的项目中遇到这个问题,竟然是因为服务端缺少xalan.jar。
错误二:
Caused by: java.lang.IllegalAccessException: Class org.codehaus.xfire.service.invoker.LocalFactory can not access a member of class
解决方法:接口实现类不是public 的,所以不能实例化。
错误三:java.io.CharConversionException: Invalide char #a323
解决方法:试试添加 xfire 1.1 miscellaneous 库