1、服务器端,增加拦截认证--ServerPasswordCallback.java
public class ServerPasswordCallback implements CallbackHandler {
private Map<String, String> passwords = new HashMap<String, String>();
public ServerPasswordCallback() {
passwords.put("admin", "123456");
passwords.put("test", "123");
}
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
if (!passwords.containsKey(pc.getIdentifier()))
throw new WSSecurityException("用户不匹配!");
String pass = passwords.get(pc.getIdentifier());
String pwd = pc.getPassword();
if (pwd == null || !pwd.equals(pass)) {
throw new WSSecurityException("密码不匹配!");
}
}
}
}
2、客户端添加安全认证--ClientPasswordCallback.java
public class ClientPasswordCallback implements CallbackHandler {
private Map<String, String> passwords = new HashMap<String, String>();
public ClientPasswordCallback() {
passwords.put("admin", "123456");
passwords.put("test", "123");
}
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
int usage = pc.getUsage();
if (!passwords.containsKey(pc.getIdentifier()))
throw new WSSecurityException("用户【" + pc.getIdentifier() + "】不存在!");
String pass = passwords.get(pc.getIdentifier());
if (usage == WSPasswordCallback.USERNAME_TOKEN && pass != null) {
pc.setPassword(pass);
return;
}
}
}
}
3、spring容器配置
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas /jaxws.xsd" default-autowire="byName">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<!-- 安全认证 -->
<bean id="WSS4JInInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType" value="PasswordText" />
<entry key="passwordCallbackClass" value="webservice.ServerPasswordCallback" />
</map>
</constructor-arg>
</bean>
<!-- 开始 -->
<bean id="chartServiceBean" class="webservice.demo.ChartServiceImpl"/>
<jaxws:endpoint id="chartService" implementor="#chartServiceBean" address="/chartService" >
<jaxws:inInterceptors>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<ref bean="WSS4JInInterceptor" />
</jaxws:inInterceptors>
</jaxws:endpoint>
<!-- 结束 -->
</beans>
4、webservice接口
@WebService
public interface ChartService {
/**
* 一个简单的方法,返回一个字符串
*
* @param hello
* @return
*/
public String say(String hello);
}
5、webservice接口实现
@WebService(endpointInterface = "webservice.demo.ChartService")
public class ChartServiceImpl implements ChartService {
/* (non-Javadoc)
* @see webservice.demo.WebServiceSample#say(java.lang.String)
*/
@Override
public String say(String hello) {
return "hello " + hello;
}
}
6、客户端调用
public class Test3 {
/**
* @param args
*/
public static void main(String[] args) {
//调用WebService
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
// ClientProxy proxy = (ClientProxy) Proxy.getInvocationHandler(chartService);
// Client client = proxy.getClient();
Map<String,Object> outProps = new HashMap<String,Object>();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.USER, "admin");
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName());
// client.getOutInterceptors().add(new SAAJOutInterceptor());
// client.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
// WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
factory.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
factory.getOutInterceptors().add(new SAAJOutInterceptor());
factory.setAddress("http://localhost:8082/WebService_Server/chartService");
factory.setServiceClass(ChartService.class);
ChartService chartService = (ChartService) factory.create();
System.out.println(chartService.say("zhangsan"));
}
}
已有 0 人发表留言,猛击->> 这里<<-参与讨论
ITeye推荐