在Apache CXF中，当你需要调用一个带有用户名和密码的Web服务接口时，你可以使用`UsernameToken`来处理认证。以下是一个简单的示例，展示了如何在CXF客户端中配置和使用`UsernameToken`。首先，你需要定义一个服务接口和客户端

对方提供的地址如下： String hisApiUrl= "http://172.16.10.100:8000/WebServiceGate.cls?WSDL=1&CacheUserName=vipsoft&CachePassword=vipsoft&CacheNoRedirect=1" 使用时去掉后面的参数: http://172.16.10.100:8000/WebServiceGate.cls CXF中 the namespace on the "definitions" element, is not a valid SOAP version报错！ http://172.16.0.1:8000/WebServiceGate.cls?WSDL 将地址中的 ?WSDL 去掉 SoapUI 工具调试时，需要在属性里配置 用户名、密码、密码类型 Java Java代码中需要相应的认证配置 CXF WebService 授权&动态调用 : https://www.cnblogs.com/vipsoft/p/14994471.html <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-core</artifactId> <version>3.3.1</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-frontend-jaxws</artifactId> <version>3.3.1</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-transports-http</artifactId> <version>3.3.1</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-ws-security</artifactId> <version>3.3.1</version> </dependency> <dependency> <groupId>org.apache.wss4j</groupId> <artifactId>wss4j-ws-security-dom</artifactId> <version>2.2.4</version> </dependency> String hisApiUrl="http://172.16.10.100:8000/WebServiceGate.cls"; //创建动态客户端 JaxWsDynamicClientFactory factory = JaxWsDynamicClientFactory.newInstance(); Client client = factory.createClient(hisApiUrl); // 配置WSS认证 - 使用真正的用户名密码 Map<String, Object> outProps = new HashMap<>(); outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); outProps.put(WSHandlerConstants.USER, "用户名"); // 替换为SoapUI中使用的用户名 outProps.put(WSHandlerConstants.PASSWORD_TYPE, "PasswordText"); // 使用内联 CallbackHandler 设置密码 outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new CallbackHandler() { @Override public void handle(Callback[] callbacks) { for (Callback callback : callbacks) { WSPasswordCallback pc = (WSPasswordCallback) callback; // 设置密码 pc.setPassword("密码"); } } }); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); client.getOutInterceptors().add(wssOut); // 需要密码的情况需要加上用户名和密码 // client.getOutInterceptors().add(new ClientAuthInterceptor()); HTTPConduit conduit = (HTTPConduit) client.getConduit(); HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy(); httpClientPolicy.setConnectionTimeout(3000); //连接超时 httpClientPolicy.setAllowChunking(false); //取消块编码 httpClientPolicy.setReceiveTimeout(120000); //响应超时 conduit.setClient(httpClientPolicy); //invoke("方法名",参数1,参数2,参数3....); Object[] objects = client.invoke("getOrdInfoTxt4HIS", inputXml); String responseXML = (objects[0]).toString(); logger.info("OutParam => {} ", responseXML);