尝试从 Java EE 应用程序使用 SOAP WS 时出现 401 Unauthorized

Question

我有一个需要使用的 SOAP Web 服务，它使用 WS 安全性和一些安全策略。

当我第一次尝试使用以下代码时：

CMAdapterService cmAdapterService = new CMAdapterService(); CMAdapter port =
      cmAdapterService.getCMAdapterPort();

      // Use the BindingProvider's context to set the endpoint BindingProvider bp =
      (BindingProvider)port;



      Optional credentials
      bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "myUser");
      bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "myPass");

      calling the webservice method CmReturn cmReturn =
      port.getPersonalData("12345"); System.out.println(cmReturn);

      byte[] imageData = port.getPersonalData("123") .getPersonalData()
      .getData();

使用上面的代码，我遇到了一个类似于here 的策略异常，除了我的策略不是 ssl_policy 而是 AAlwaysCapability 策略。

我尝试了上面链接中解决方案中的代码，如下所示：

JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();

    factory.setServiceClass(CMAdapter.class);
    factory.setAddress("http://myHost:8080/bla/CMAdapter");

    CMAdapter cmAdapter = (CMAdapter) factory.create();

    Client client = ClientProxy.getClient(cmAdapter);
    HTTPConduit http = (HTTPConduit) client.getConduit();

    http.getAuthorization().setUserName("myUser");
    http.getAuthorization().setPassword("myPass");

    byte[] imageData = cmAdapter.getPersonalData("12345").getPersonalData().getData();

但是，上面的代码可以在桌面 Java 应用程序中运行，但是当我将它作为 Java EE 应用程序 (war) 部署在 Wildfly 上时它不起作用。

为了让它与 Wildfly 一起工作，我添加了以下 4 个依赖项，这些依赖项提供给 maven 的 pom.xml：

<dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-ws-policy</artifactId>
        <version>3.3.1</version>
        <scope>provided</scope>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-tools-common -->
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-tools-common</artifactId>
        <version>3.3.1</version>
        <scope>provided</scope>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-rt-frontend-jaxws -->
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-frontend-jaxws</artifactId>
        <version>3.3.1</version>
        <scope>provided</scope>
    </dependency>
    <!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf-rt-transports-http -->
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-transports-http</artifactId>
        <version>3.3.1</version>
        <scope>provided</scope>
    </dependency>

我还像这样编辑了 webapp/WEB-INF/jboss-deployment-structure.xml：

    <?xml version="1.0" encoding="ISO-8859-1"?>
<jboss-deployment-structure xmlns="urn:jboss:deployment-structure:1.2">
    <deployment>
        <exclude-subsystems>
        </exclude-subsystems>
        <dependencies>
            <module name="org.jboss.ws.cxf.jbossws-cxf-client" services="import" />
            <module name="org.apache.cxf.impl">
                <imports>
                    <include path="META-INF"/>
                    <include path="META-INF/cxf"/>
                </imports>
            </module>
        </dependencies>
    </deployment>
</jboss-deployment-structure>

但是，当我尝试从我的企业 Java 应用程序调用 Web 服务时，我得到 org.apache.cxf.transport.http.HTTPException: HTTP response '401: Unauthorized' 与 http://myHost:8080/bla/CMAdapter 通信时

Answer 1

我通过关注this SO thread解决了这个问题

我需要添加以下代码：

HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();

//This is the magic line. Setting this to false solved the problem
httpClientPolicy.setAllowChunking(false);

http.setClient(httpClientPolicy);

不确定它究竟为什么起作用。似乎 Wildfly 正在对请求进行分块，并且由于某种原因，用户名和密码被部分发送。