sabre - com.sabre.universalservices.base.security.AuthenticationException:errors.authentication.USG_AUTHENTICATION_NOT_ALLOWED
问题描述
我正在检查 SoapUI 中的 Sabre API。参考。来自https://github.com/SabreDevStudio/SabreAPIsWorkflows的 SoapUI 。
当我尝试在 SoapUI 中运行测试步骤时,我收到错误响应:AuthenticationException:errors.authentication.USG_AUTHENTICATION_NOT_ALLOWED。
请求有效载荷:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sec="http://schemas.xmlsoap.org/ws/2002/12/secext" xmlns:mes="http://www.ebxml.org/namespaces/messageHeader" xmlns:ns="http://www.opentravel.org/OTA/2003/05">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/12/secext" xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/12/utility">
<wsse:UsernameToken>
<wsse:Username>${#Project#Username}</wsse:Username>
<wsse:Password>${#Project#Password}</wsse:Password>
<Organization>${#Project#Organization}</Organization>
<Domain>DEFAULT</Domain>
</wsse:UsernameToken>
</wsse:Security>
<mes:MessageHeader mes:id="?" mes:version="?">
<mes:From>
<mes:PartyId mes:type="?">1212</mes:PartyId>
</mes:From>
<mes:To>
<mes:PartyId mes:type="?">2323</mes:PartyId>
</mes:To>
<mes:CPAId>${#Project#Organization}</mes:CPAId>
<mes:ConversationId>${#Project#ConversationID}</mes:ConversationId>
<mes:Service mes:type="Sabre">BargainFinderMaxRQ</mes:Service>
<mes:Action>BargainFinderMaxRQ</mes:Action>
<mes:MessageData>
<mes:MessageId>1001</mes:MessageId>
<mes:Timestamp>2012-06-07T10:00:01</mes:Timestamp>
<mes:TimeToLive>2013-06-06T23:59:59</mes:TimeToLive>
</mes:MessageData>
</mes:MessageHeader>
</soapenv:Header>
<soapenv:Body>
<OTA_AirLowFareSearchRQ Target="Production" Version="1.9.2" ResponseType="OTA" ResponseVersion="1.9.2" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://www.opentravel.org/OTA/2003/05" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<POS>
<!--Source PseudoCityCode="PCC"-->
<Source PseudoCityCode="${#Project#Organization}">
<RequestorID ID="1" Type="1">
<CompanyName Code="TN">TN</CompanyName>
</RequestorID>
</Source>
</POS>
<OriginDestinationInformation>
<DepartureDateTime>${#TestCase#OutboundDepartureDateTime}</DepartureDateTime>
<DepartureWindow>02002000</DepartureWindow>
<OriginLocation LocationCode="${#Project#ItineraryOrigin}" />
<DestinationLocation LocationCode="${#Project#ItineraryDestination}" />
<TPA_Extensions>
<SegmentType Code="O" />
</TPA_Extensions>
</OriginDestinationInformation>
<OriginDestinationInformation>
<DepartureDateTime>${#TestCase#ReturnDepartureDateTime}</DepartureDateTime>
<DepartureWindow>04002200</DepartureWindow>
<OriginLocation LocationCode="${#Project#ItineraryDestination}" />
<DestinationLocation LocationCode="${#Project#ItineraryOrigin}" />
<TPA_Extensions>
<SegmentType Code="O" />
</TPA_Extensions>
</OriginDestinationInformation>
<TravelPreferences>
<FlightTypePref MaxConnections="2" PreferLevel="Only" />
<ns:FareRestrictPref PreferLevel="Only">
<ns:AdvResTicketing AdvResInd="false" AdvTicketingInd="false" />
<ns:StayRestrictions StayRestrictionsInd="false" />
<ns:VoluntaryChanges VolChangeInd="false" />
</ns:FareRestrictPref>
<CabinPref Cabin="Y" PreferLevel="Only" />
<TPA_Extensions>
<TripType Value="Return" />
</TPA_Extensions>
</TravelPreferences>
<TravelerInfoSummary>
<SeatsRequested>1</SeatsRequested>
<AirTravelerAvail>
<PassengerTypeQuantity Code="ADT" Quantity="1" />
</AirTravelerAvail>
</TravelerInfoSummary>
<TPA_Extensions>
<IntelliSellTransaction>
<RequestType Name="50ITINS" />
</IntelliSellTransaction>
</TPA_Extensions>
</OTA_AirLowFareSearchRQ>
</soapenv:Body>
</soapenv:Envelope>
收到的回复:
<soap-env:Envelope xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
<soap-env:Header>
<eb:MessageHeader eb:version="1.0" soap-env:mustUnderstand="1" xmlns:eb="http://www.ebxml.org/namespaces/messageHeader">
<eb:From>
<eb:PartyId eb:type="?">2323</eb:PartyId>
</eb:From>
<eb:To>
<eb:PartyId eb:type="?">1212</eb:PartyId>
</eb:To>
<eb:CPAId>****</eb:CPAId>
<eb:ConversationId>SWS-Test-****</eb:ConversationId>
<eb:Service eb:type="Sabre">BargainFinderMaxRQ</eb:Service>
<eb:Action>ErrorRS</eb:Action>
<eb:MessageData>
<eb:MessageId>607896186247240150</eb:MessageId>
<eb:Timestamp>2018-09-19T05:10:24</eb:Timestamp>
<eb:RefToMessageId>1001</eb:RefToMessageId>
</eb:MessageData>
</eb:MessageHeader>
<wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/12/secext"/>
</soap-env:Header>
<soap-env:Body>
<soap-env:Fault>
<faultcode>soap-env:Client.AuthenticationNotAllowed</faultcode>
<faultstring>Authentication is not allowed for this service. Please use SessionCreateRQ</faultstring>
<detail>
<StackTrace>com.sabre.universalservices.base.security.AuthenticationException: errors.authentication.USG_AUTHENTICATION_NOT_ALLOWED</StackTrace>
</detail>
</soap-env:Fault>
</soap-env:Body>
</soap-env:Envelope
有人可以帮忙吗?
解决方案
发生这种情况是因为您的请求不是使用二进制安全令牌,而是发送用户、密码等。该数据应首先使用 SessionCreateRQ 发送,该会话将返回 BST,然后您在随后的 BargainFinderMaxRQ 调用中使用该令牌。您的“安全”节点应如下所示:
<wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/12/secext" xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/12/utility">
<wsse:BinarySecurityToken>{{token}}</wsse:BinarySecurityToken>
</wsse:Security>
推荐阅读
- javascript - setInterval(function(), 5) 不适用于 iOS 或任何移动设备
- javascript - 使用 React Hooks 的倒数计时器
- javascript - Discord.js 使用 404 获取 5 条特定消息完全失败
- scala - 如何从 Spark Dataframes 中的列中获取常量值
- haskell - Haskell - Let 和 Where 中的多个语句导致错误
- sql - 更新嵌套的 bigquery json 元素
- gitlab - 如何在 yaml 文件中停止 gitlab-ci?
- wordpress - 缓存、插件 Litespeed、服务器 Litespeed 和优化问题
- java - GSON“预期为 BEGIN_OBJECT,但为 BEGIN_ARRAY”错误
- python-3.x - 如何使用散景服务处理 js 文件上的 404 错误