我正在构建一个调用启用WS-Security的Web服务的CXF(版本2.7.4)客户端。它使用BinarySecurityToken、加密和签名。我已经让CXF正常工作在"常规"SOAP调用中,但是当响应以MTOM返回时,客户端会出现奇怪的错误:
org.apache.cxf.binding.soap.SoapFault: 签名或解密无效 at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:778) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:334) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:96) ... Caused by: org.apache.xml.security.encryption.XMLEncryptionException: 无法找到URI的解析器cid:urn%3Auuid%3AD62B819A5C8E77D41B1391208838268@apache.org 和基本为空 原始异常是org.apache.xml.security.utils.resolver.ResourceResolverException: 无法找到URI的解析器cid:urn%3Auuid%3AD62B819A5C8E77D41B1391208838268@apache.org 和Base null at org.apache.xml.security.encryption.XMLCipherInput.getDecryptBytes(XMLCipherInput.java:134) at org.apache.xml.security.encryption.XMLCipherInput.getBytes(XMLCipherInput.java:103) ... 46 more Caused by: org.apache.xml.security.utils.resolver.ResourceResolverException: 无法找到URI的解析器cid:urn%3Auuid%3AD62B819A5C8E77D41B1391208838268@apache.org 和基本为空 at org.apache.xml.security.utils.resolver.ResourceResolver.internalGetInstance(ResourceResolver.java:130) at org.apache.xml.security.utils.resolver.ResourceResolver.getInstance(ResourceResolver.java:87) at org.apache.xml.security.encryption.XMLCipherInput.getDecryptBytes(XMLCipherInput.java:130) ... 51 more我尝试在绑定提供程序上调用
setMTOMEnabled(true)
,设置SAAjInInterceptor、AttachmentInInterceptor但是仍然没有成功。有没有想法如何解决它?