XFire中实现WS-Security时出现的异常及原因


XFire中实现WS-Security时出现的异常及原因: 

1.缺包,在客户端添加xalan.jar 

Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/xml/utils/URI$MalformedURIException   
  
    at org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:350)   
  
    at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:703)   
  
    at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:54)   
  
    at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:192)   
  
    at org.codehaus.xfire.security.wss4j.WSS4JOutHandler.invoke(WSS4JOutHandler.java:158)   
  
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)   
  
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)   
  
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)   
  
    at org.codehaus.xfire.client.Client.invoke(Client.java:336)   
  
    at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)   
  
    at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)   
  
    at $Proxy0.test(Unknown Source)   
  
    at keytool.TestClient.main(TestClient.java:69)  

2.在调用服务端方法前未添加Handler,没有对报头添加信息 

Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: Request does not contain required Security header   
  
org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: Request does not contain required Security header   
  
    at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)   
  
    at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)   
  
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)   
  
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)   
  
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)   
  
    at org.codehaus.xfire.client.Client.onReceive(Client.java:406)   
  
    at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)   
  
    at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)   
  
    at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)   
  
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)   
  
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)   
  
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)   
  
    at org.codehaus.xfire.client.Client.invoke(Client.java:336)   
  
    at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)   
  
    at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)   
  
    at $Proxy0.getList(Unknown Source)   
  
    at keytool.TestClient.main(TestClient.java:46)  

如果是基于用户名密码的可能报的是这样的错:

Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: 请求必须包含验证信息   
org.codehaus.xfire.fault.XFireFault: 请求必须包含验证信息   
    at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)   
    at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)   
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)   
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)   
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)   
    at org.codehaus.xfire.client.Client.onReceive(Client.java:406)   
    at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)   
    at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)   
    at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)   
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)   
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)   
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)   
    at org.codehaus.xfire.client.Client.invoke(Client.java:336)   
    at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)   
    at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)   
    at $Proxy0.getUser(Unknown Source)   
    at test.ClientTest.main(ClientTest.java:35)  

就是代表验证不合法,拒绝提供服务。

3. 安装对应JDK 版本的Unlimited Strength Jurisdiction策略文件. 策略文件包括local_policy.jar和US_export_policy.jar文件,将其拷贝到<JAVA_HOME>/jre/lib/security目录下。 



你可以从http: //java.sun.com/j2se/1.5.0/download.jsp 或 http://java.sun.com/j2se/1.4.2/download.html页面的底部找到下载的链接。否则在使用WS- Security时,可以会抛出java.security.InvalidKeyException: Illegal key size的错误信息。 



4. 安装SecurityProvider 

WSS4J使用了BouncyCastle的SecurityProvider,所以需要事先在java.security文件中进行配置,否则运 行加密模式的XFire认证时,会抛出以下的出错信息:org.apache.ws.security.WSSecurityException: An unsupported signature or encryption algorithm was used unsupported key 

在java.security文件中(位于<JAVA_HOME>/jre/lib/security目录中)添加BouncyCastleProvider的配置: 

… 

security.provider.1=sun.security.provider.Sun 

security.provider.2=sun.security.rsa.SunRsaSign 

security.provider.3=com.sun.net.ssl.internal.ssl.Provider 

security.provider.4=com.sun.crypto.provider.SunJCE 

security.provider.5=sun.security.jgss.SunProvider 

security.provider.6=com.sun.security.sasl.Provider 

security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider 

… 


5.配置文件里缺少<inHandlers>.... </inHandlers>这段配置或者这段配置有问题。

Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Header {Security}http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd was not undertsood by the service.   
  
org.codehaus.xfire.fault.XFireFault: Header {Security}http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd was not undertsood by the service.   
  
    at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)   
  
    at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)   
  
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)   
  
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)   
  
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)   
  
    at org.codehaus.xfire.client.Client.onReceive(Client.java:406)   
  
    at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)   
  
    at org.codehaus.xfire.transport.http.HttpChannel.send(HttpChannel.java:48)   
  
    at org.codehaus.xfire.handler.OutMessageSender.invoke(OutMessageSender.java:26)   
  
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)   
  
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)   
  
    at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)   
  
    at org.codehaus.xfire.client.Client.invoke(Client.java:336)   
  
    at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)   
  
    at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)   
  
    at $Proxy0.test(Unknown Source)   
  
    at keytool.TestClient.main(TestClient.java:69)   
  
    
  
    
  
Fault occurred!   
  
org.codehaus.xfire.fault.XFireFault: Header {Security}http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd was not undertsood by the service.   
  
    at org.codehaus.xfire.soap.handler.ValidateHeadersHandler.assertUnderstandsHeader(ValidateHeadersHandler.java:76)   
  
    at org.codehaus.xfire.soap.handler.ValidateHeadersHandler.invoke(ValidateHeadersHandler.java:53)   
  
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)   
  
    at org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64)   
  
    at org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38)   
  
    at org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:304)   
  
    at org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:129)   
  
    at org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116)   
  
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)   
  
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)   
  
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)   
  
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)   
  
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)   
  
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)   
  
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)   
  
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)   
  
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)   
  
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)   
  
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)   
  
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)   
  
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)   
  
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)   
  
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)   
  
    at java.lang.Thread.run(Thread.java:595)   
  
    
  
6.配置文件。。.properties的org.apache.ws.security.crypto.merlin.file有错   
  
    
  
Exception in thread "main" org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: org.apache.ws.security.components.crypto.Merlin cannot create instance   
  
org.codehaus.xfire.fault.XFireFault: org.apache.ws.security.components.crypto.Merlin cannot create instance   
  
    at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:31)   
  
    at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)   
  
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.checkForFault(ReadHeadersHandler.java:111)   
  
    at org.codehaus.xfire.soap.handler.ReadHeadersHandler.invoke(ReadHeadersHandler.java:67)   
  
    at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)   
  
    at org.codehaus.xfire.client.Client.onReceive(Client.java:406)   
  
    at org.codehaus.xfire.transport.http.HttpChannel.sendViaClient(HttpChannel.java:139)  

7. Unexpected close tag </body>; expected </HR>.服务端缺少xalan.jar。 

15:27:36,062 ERROR [STDERR] org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>. 
at [row,col {unknown-source}]: [1,1013] 
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>. 
at [row,col {unknown-source}]: [1,1013] 
15:27:36,062 ERROR [STDERR]  at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89) 
15:27:36,062 ERROR [STDERR]  at org.codehaus.xfire.client.Client.onReceive(Client.java:386) 



8. java.lang.NoClassDefFoundError: org/apache/xml/serializer/TreeWalker错误 
原因:原本这个类是包含在xalan.jar中的,但是xalan-j2.7.0版的发布包中,将serializer包中的类单独打包成serializer.jar,不再包含在xalan.jar中,所以才会即使添加了xalan.jar也无法找到该类,添加后即可解决问题。添加到服务端。 



错误内容如下:Unrecognized xbean element mapping: services in namespace  http://xfire.codeh. 
经过分析得出XFire1.26需要xalan.jar包的支持.因此要添加xalan.jar 



错误一: 

15:27:36,062 ERROR [STDERR] org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>. 
at [row,col {unknown-source}]: [1,1013] 
15:27:36,062 ERROR [STDERR] org.codehaus.xfire.fault.XFireFault: Unexpected close tag </body>; expected </HR>. 
at [row,col {unknown-source}]: [1,1013] 
15:27:36,062 ERROR [STDERR]  at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89) 
15:27:36,062 ERROR [STDERR]  at org.codehaus.xfire.client.Client.onReceive(Client.java:386) 

解决方法:调用的地址写错了。这个原因好像不对,在我的项目中遇到这个问题,竟然是因为服务端缺少xalan.jar。 





错误二: 

Caused by: java.lang.IllegalAccessException: Class org.codehaus.xfire.service.invoker.LocalFactory can not access a member of class 

解决方法:接口实现类不是public 的,所以不能实例化。 





错误三:java.io.CharConversionException: Invalide char #a323 

解决方法:试试添加 xfire 1.1 miscellaneous 库 

你可能感兴趣的:(java,apache,tomcat,Security,SOAP)