Web Services org.apache.cxf.ws.policy.PolicyException:无法满足任何策略备选项

qco9c6ql 于 2022-11-15 发布在 Apache

关注(0)|答案(6)|浏览(247)

我想用JUnit和ApacheCXF编写一个简单的集成测试来测试一些支持WS-Security的服务。

MyService myService = new myWsService(MY_SERVICE_WSDL).getMyWs()
Client client = ClientProxy.getClient(myService);
Map<String, Object> ctx = ((BindingProvider) myService).getRequestContext();
ctx.put("ws-security.callback-handler", new KeystorePasswordCallback());
ctx.put("ws-security.signature.crypto", new MyMerlinImpl());

其中MyMerlinImpl只是在被重写loadProperties方法中传递所需Merln.* 属性值，
我得到：

sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InitiatorToken registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}WssX509V1Token11 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequireIssuerSerialReference registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RecipientToken registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AlgorithmSuite registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Basic256Sha256 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InclusiveC14N registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Layout registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Strict registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}OnlySignEntireHeadersAndBody registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Wss11 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}MustSupportRefIssuerSerial registered.

org.apache.cxf.ws.policy.PolicyException: None of the policy alternatives can be satisfied.

我做错了什么？这些似乎是相当标准的策略...事实上，我在一个JBoss EAP 6. 1 WS客户端上使用了相同的代码，它运行得很好。

web-services

来源：https://stackoverflow.com/questions/31962342/org-apache-cxf-ws-policy-policyexception-none-of-the-policy-alternatives-can-be

6条答案

按热度按时间

dsf9zpds1#

类路径上是否有cxf-rt-ws-security jar？
科尔姆

赞(0）回复(0）举报 2022-11-15

ui7jx7zq2#

Chetan给出的答案是有效的，但是，如果多个策略出现错误，则需要将它们添加到一个集中

org.apache.cxf.endpoint.Client client = 
    org.apache.cxf.frontend.ClientProxy.getClient(port);
    org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();

    Bus bus = client.getBus();
    PolicyInterceptorProviderRegistry reg = bus.getExtension(PolicyInterceptorProviderRegistry.class);
    Set <QName> set = new HashSet<>();
    set.add(new QName("http://schemas.xmlsoap.org/ws/2005/07/securitypolicy", "IncludeTimestamp") );
    set.add(new QName("http://schemas.xmlsoap.org/ws/2005/07/securitypolicy", "TransportBinding"));
    reg.register(new IgnorablePolicyInterceptorProvider(set));

This link explains the solution in detail

赞(0）回复(0）举报 2022-11-15

kfgdxczn3#

我自己的两分钱：在我自己特殊场景（JAX-WS、WS-Security、WS-SecurityPolicy）中，在执行client.getConduit（）时会发生此错误，如下所示：

org.apache.cxf.endpoint.Client client = ClientProxy.getClient(port);
HTTPConduit conduit = (HTTPConduit) client.getConduit();

上述代码运行时没有引发任何异常（尽管我后来遇到了其他问题），当使用Apache CXF 2.7.18时-我在升级到Apache CXF 3.0.16时开始遇到Assert构建器的问题。现在cxt-rt-ws-security JAR在类路径上，但似乎这个版本的CXF中的WSS 4J被拆分成了多个JAR，因此我必须将wss 4j-policy JAR从CXF下载包包含到类路径中。
错误保持不变，但至少声明生成器中的一长串警告消失了（No assertion builder for type T registered），现在被替换为：
13：45：55，723警告WSSecurityPolicyLoader，main：112 -无法加载或注册与WS-SecurityPolicy相关的类。请检查Apache WSS 4J（的正确版本）是否位于类路径中：处理程序/WSH处理程序
13：45：55，753警告WSSecurityPolicyLoader，main：112 -无法加载或注册与WS-SecurityPolicy相关的类。请检查Apache WSS 4J（的正确版本）是否位于类路径中：基于策略的WSS 4JIn拦截器
长话短说，我收到了其他警告（我通过在CXF包的lib目录中执行盲grep来查找JAR，并逐个包含它们），
并最终包括所有wss 4j-*.jar文件
对getConduit（）的调用现在至少通过了。

赞(0）回复(0）举报 2022-11-15

pbgvytdp4#

如果您使用的是Sping Boot ，则可以按如下方式禁用策略检查：

@Bean(name = Bus.DEFAULT_BUS_ID)
    public SpringBus springBus() {
        SpringBus springBus = new SpringBus();
        var e = new PolicyEngineBPDefinitionParser.PolicyEngineConfig(springBus);
        e.setEnabled(false);
        springBus.getFeatures().add(e);
    }

赞(0）回复(0）举报 2022-11-15

toiithl65#

最后通过添加WSS4JOutInterceptor解决了这个问题。似乎在JBoss中这个拦截器是自动添加的...

Client client = ClientProxy.getClient(myService);
Endpoint endpoint = client.getEndpoint()
endpoint.getOutInterceptors().add(new WSS4JOutInterceptor())

赞(0）回复(0）举报 2022-11-15

rwqw0loc6#

如果WSDL文件中定义的策略是非标准的，那么CXF将无法解析它。因此出现错误。
有两种方法-您可以忽略它（如果可以忽略的话）或提供一个备用提供程序。
若要忽略-请建立IgnorablePolicyInterceptorProvider的执行严修并注册它。
下面是忽略WSDL中定义的NtlmAuthentication策略的示例。注意：NtlmAuthentication的行程方式应该与设定soap信头的方式不同。

Client client = ClientProxy.getClient(port);
                  Bus bus = client.getBus();
                  PolicyInterceptorProviderRegistry pipr = bus.getExtension(PolicyInterceptorProviderRegistry.class);

QName ntmlIgnore = new QName("http://schemas.microsoft.com/ws/06/2004/policy/http", "NtlmAuthentication");
interceptorRegProvider.register(new IgnorablePolicyInterceptorProvider(ntmlIgnore));

赞(0）回复(0）举报 2022-11-15

我来回答

Web Services org.apache.cxf.ws.policy.PolicyException:无法满足任何策略备选项

6条答案

相关问题

热门标签

最新问答