论坛首页 → 综合技术论坛 →

解决(CXF)：The security token could not be authenticated or authorized

全部 Linux 数据库敏捷编程数据结构软件测试项目管理 Oracle 编程综合互联网 Erlang MySQL

浏览 5374 次

锁定老帖子主题：解决(CXF)：The security token could not be authenticated or authorized 精华帖 (0) :: 良好帖 (0) :: 新手帖 (0) :: 隐藏帖 (0)
作者	正文
Sev7en_jun 等级: 性别: 文章: 42 积分: 100 来自: 广州	发表时间：2012-01-16 相关推荐: Java WebService_cxf (2) 加密认证带有安全认证的webservice 记一次webservice 的ws-security开发过程 CXF 入门：创建一个基于WS-Security标准的安全验证 CXF 入门：创建一个基于WS-Security标准的安全验证(CXF回调函数使用)（转）更多相关推荐 1，使用cxf回调函数，服务端setPassword和客户端不同时，抛出下列异常 org.apache.cxf.binding.soap.SoapFault: The security token could not be authenticated or authorized at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:641) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:308) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:85) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:123) at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:206) at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:193) at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:126) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:184) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:107) at javax.servlet.http.HttpServlet.service(HttpServlet.java:710) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:163) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263) at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:852) at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:584) at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1508) at java.lang.Thread.run(Thread.java:619) Caused by: org.apache.ws.security.WSSecurityException: The security token could not be authenticated or authorized at org.apache.ws.security.validate.UsernameTokenValidator.verifyDigestPassword(UsernameTokenValidator.java:203) at org.apache.ws.security.validate.UsernameTokenValidator.verifyPlaintextPassword(UsernameTokenValidator.java:142) at org.apache.ws.security.validate.UsernameTokenValidator.validate(UsernameTokenValidator.java:100) at org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:131) at org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:65) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:249) ... 23 more ################################################################# ################################################################# ################################################################# 服务端没有设置password时,抛出下列异常： java.lang.IllegalArgumentException: pwd == null but a password is needed at org.apache.ws.security.message.token.UsernameToken.setPassword(UsernameToken.java:462) at org.apache.ws.security.message.WSSecUsernameToken.prepare(WSSecUsernameToken.java:214) at org.apache.ws.security.message.WSSecUsernameToken.build(WSSecUsernameToken.java:269) at org.apache.ws.security.action.UsernameTokenAction.execute(UsernameTokenAction.java:59) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:260) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:535) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:465) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:368) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:321) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134) at $Proxy36.say(Unknown Source) at test.saa.Client.main(Client.java:40) Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: pwd == null but a password is needed at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:156) at $Proxy36.say(Unknown Source) at test.saa.Client.main(Client.java:40) Caused by: java.lang.IllegalArgumentException: pwd == null but a password is needed at org.apache.ws.security.message.token.UsernameToken.setPassword(UsernameToken.java:462) at org.apache.ws.security.message.WSSecUsernameToken.prepare(WSSecUsernameToken.java:214) at org.apache.ws.security.message.WSSecUsernameToken.build(WSSecUsernameToken.java:269) at org.apache.ws.security.action.UsernameTokenAction.execute(UsernameTokenAction.java:59) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:260) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:535) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:465) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:368) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:321) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134) ... 2 more 声明：ITeye文章版权属于作者，受法律保护。没有作者书面许可不得转载。推荐链接
返回顶楼

论坛首页 → 综合技术版

跳转论坛:

Global site tag (gtag.js) - Google Analytics