HTTPS错误/ X.509 ws

 

我对SOAP很陌生,这是我的第一个项目。 我正在尝试连接到HTTPS WSDL,以便在我的网页上提取一些信息。

有一个证书设置为本地服务器连接服务提供商服务器做好准备。 当我尝试连接https web服务时有一个响应,所以我认为两个服务器之间没有连接问题:

HTTPs Webservice连接响应

以下是第三方技术团队提供的SOAPUI示例: 

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" 
     xmlns:soap="http://soap.ipr.tfp.com/">
    <soapenv:Header/>
    <soapenv:Body>
       <soap:create>
          <arg0>
            <attribute_1>abc</attribute_1>
            <attribute_2></attribute_2>
            <attribute_3>abc123</attribute_3>
            <attribute_4>abc234</attribute_4>
            <attribute_5></attribute_5>
          </arg0>
       </soap:create>
    </soapenv:Body>
</soapenv:Envelope>

以下是我用于连接Web服务的cfm代码: 

<cfscript>
    ws = CreateObject("webservice", [HTTPS URL]?wsdl);
    //show web service methods for debugging purposes
    writeDump(ws);

    // construct arguments
    args = {attribute_1="abc"
            , attribute_2=""
            , attribute_3="abc123"
            , attribute_4="abc234"
            , attribute_5=""
        };
    // call the method
    result  = ws.create(arg0=args);

    writeDump(result)
</cfscript>

问题 :

执行我的cfm脚本时遇到以下错误消息: 

     Cannot perform web service invocation create.
The fault returned when invoking the web service operation is:
AxisFault
 faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server
 faultSubcode: 
 faultString: These policy alternatives can not be satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token: The received token does not match the token inclusion requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InitiatorToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RecipientToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts: {http://schemas.xmlsoap.org/soap/envelope/}Body not SIGNED
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EncryptedParts: {http://schemas.xmlsoap.org/soap/envelope/}Body not ENCRY...

问题:

  • 此错误是否与ColdFusion密钥库中的SSL证书设置有关?

  • 我的CFM脚本有问题吗? 参考SOAPUI示例,xml格式为`[arg0] - > [attribute_1],[attribute_2]等。 我可以通过这种方式来传递属性吗?

  • result = ws.create(arg0 = args);

  • 从SoapUI工具使用相同的服务。 我在这里错过了什么吗?

    • 感谢您的时间。 感谢您的帮助。

    2016-05-30 - 更新 -

    我试图使用CFHTTP标签来提交XML,但它似乎返回一个不同的错误: 

    <cfhttp
    url     = "[HTTPS URL]?wsdl"
    method  ="post"
    result  ="httpResponse" 
    charset ="utf-8">

    <cfhttpparam
        type="header"
        name="accept-encoding"
        value="no-compression"
    />
    <cfhttpparam
        type="xml"
        value="#trim( soapBody )#"
        />
</cfhttp>

    错误:

    错误信息图像

    以下是文件内容中的错误信息: 

        <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Body>
        <soap:Fault>
            <faultcode>soap:Server</faultcode>
            <faultstring>These policy alternatives can not be satisfied: 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            AsymmetricBinding: Received Timestamp does not match the requirements 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            X509Token: The received token does not match the token inclusion requirement 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            X509Token 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            InitiatorToken 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            RecipientToken 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            IncludeTimestamp: Received Timestamp does not match the requirements 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            SignedParts: {http://schemas.xmlsoap.org/soap/envelope/}
            Body not SIGNED 
            {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
            EncryptedParts: 
            {http://schemas.xmlsoap.org/soap/envelope/}
            Body not ENCRYPTED
            </faultstring>
        </soap:Fault>
    </soap:Body>
</soap:Envelope>

    该错误消息与cfobject标记类似。 当我仔细阅读错误消息时,它似乎与X.509 ws安全加密相关,在发送到Web服务请求之前,需要对SOAP内容进行加密。

    经过一番研究,加密流程似乎如下工作:

  • 将SOAP内容保存到临时文件夹中。

  • 使用Java Class文件将SOAP内容加密为X.509 ws-security格式。

  • 向Webservice发送新的加密SOAP内容。

    • 我不知道CF如何处理Java类文件。 有人曾经做过相同的加密转换吗?

    在连接到Web服务的代码中,更改 

    ws = CreateObject("webservice", [HTTPS URL]);


    ws = CreateObject(
  "webservice", 
  "[HTTPS URL]",
  {wsversion="1"}
);

    万一只有Axis 1适合你。

    另请检查另一端,如果您使用ColdFusion来公开Web服务,请确保已为Axis 1设置。

    链接地址: http://www.djcxy.com/p/31287.html

    上一篇: HTTPS error / X.509 ws

    下一篇: ColdFusion 9 CFHTTP Connection Failure