我已经配置了一个部署在Weblogic上的服务,该服务使用WSSE安全标头身份验证。安全标头(用户名和密码(用于传递给 LDAP 以检查客户端的身份验证。
安全标头嵌入在我的请求的 SOAP 信封中,如下所示。
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>iam-uid=xxx,ou=zzz,dc=ccc,dc=vvv,dc=qqq</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">heeey</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
但是,该请求甚至没有到达我的服务。它无法在Weblogic本身上处理。收到以下异常。
<Sep 6, 2018 5:29:46 PM CEST> <Error> <com.sun.xml.ws.transport.http.HttpAdapter> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <BEA-000000> <null
java.lang.AbstractMethodError
at com.sun.xml.ws.util.xml.XmlUtil.newTransformerFactory(XmlUtil.java:392)
at com.sun.xml.ws.util.xml.XmlUtil.newTransformerFactory(XmlUtil.java:400)
at com.sun.xml.ws.message.stream.StreamHeader.writeTo(StreamHeader.java:212)
at weblogic.wsee.jaxws.security.SCTIDRoutingInfoFinder.findRoutingInfo(SCTIDRoutingInfoFinder.java:63)
at weblogic.wsee.jaxws.cluster.BaseSOAPRouter.route(BaseSOAPRouter.java:153)
at weblogic.wsee.jaxws.cluster.InPlaceSOAPRouter.route(InPlaceSOAPRouter.java:190)
at weblogic.wsee.jaxws.cluster.ClusterRoutingTubeUtils.handleInboundMessage(ClusterRoutingTubeUtils.java:110)
at weblogic.wsee.jaxws.cluster.ClusterRoutingServerTube.processRequest(ClusterRoutingServerTube.java:82)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1050)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:1019)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:877)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:419)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:868)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:422)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:169)
at weblogic.wsee.jaxws.WLSServletAdapter.handle(WLSServletAdapter.java:199)
at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:640)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.wsee.util.ServerSecurityHelper.authenticatedInvoke(ServerSecurityHelper.java:108)
at weblogic.wsee.jaxws.HttpServletAdapter$3.run(HttpServletAdapter.java:284)
at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:293)
at weblogic.wsee.jaxws.JAXWSServlet.doRequest(JAXWSServlet.java:128)
at weblogic.servlet.http.AbstractAsyncServlet.service(AbstractAsyncServlet.java:99)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:844)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:280)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:254)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:136)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:346)
at
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:243)
确保容器未使用 xmlparserv2.jar。如果该.jar有变体,请尝试删除并使用xerces。