XFire使用WSSecurity实现的简单验证

于 2008-11-04 14:57:00 发布
阅读量1.4k 收藏 1
点赞数
分类专栏: Java 文章标签: import properties callback string bean class
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/caok/article/details/3218948
版权

xfire-servlet.xml文件的内容:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"  >

<beans default-autowire="byName">

 <!--引入XFire的预配置文件-->
 <import resource="classpath:org/codehaus/xfire/spring/xfire.xml" />

  
 <bean id="baseWebService"
  class="org.codehaus.xfire.spring.remoting.XFireExporter" lazy-init="false" abstract="true">

  <property name="serviceFactory">
   <ref bean="xfire.serviceFactory" />
  </property>

  <property name="xfire">
   <ref bean="xfire" />
  </property>
 </bean>
 
 <bean parent="baseWebService">
 
  <property name="serviceBean"><!-- applicationcontext的bean的名字-->
   <ref bean="bbtForum" /> 
  </property>

  <property name="serviceClass"><!--    导出的接口类 -->
   <value>com.export.BbtForumService</value>
  </property>

  <property name="name" value="BbtForumServiceUT"></property><!-- Web service 服务名-->

  <property name="inHandlers">
   <list>
    <ref bean="domInHandler" />
    <ref bean="wss4jInHandler"/>
   </list>
  </property>

 </bean>
 

 <!--  
  定义验证类
 -->
 <bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler"></bean>
 
 <bean id="wss4jInHandler" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
  <property name="properties">
  <props>
   <prop key="action">UsernameToken</prop>
   <prop key="passwordCallbackClass">
   com.security.UtPasswordHandler
   </prop>
  </props>
  </property>
 </bean>
 <!--  
  END SNIPPET: xfire  
 -->

</beans>

 

com.security.UtPasswordHandler类的内容:

/**
 * 
 * 日期:2008-1-8
 */

package com.security;

import java.util.HashMap;
import java.util.Map;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;

import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityException;


public class UtPasswordHandler implements CallbackHandler {

 private static final Map pwMockDB = new HashMap();
 
 static{
  pwMockDB.put("user", "123456");
  pwMockDB.put("user1", "123456");
 }
 
 /* (非 Javadoc)
  * @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
  */
/* public void handle(Callback[] callbacks) throws IOException,
   UnsupportedCallbackException, {
  // TODO 自动生成方法存根

 }*/
 
 public void handle(Callback[] callbacks) throws WSSecurityException{
  
  WSPasswordCallback callback = (WSPasswordCallback)callbacks[0];
  
  String id = callback.getIdentifer();
  String validPw = (String)pwMockDB.get(id);
  
  if(WSConstants.PASSWORD_TEXT.equals(callback.getPasswordType())){
   String pw = callback.getPassword();
   if(pw==null||!pw.equalsIgnoreCase(validPw)){
    throw new WSSecurityException("密码不匹配!");
   }
  }else{
   callback.setPassword(validPw);
  }
 }

}

Java调用客户端:

package com.client;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;

import org.apache.ws.security.WSPasswordCallback;

public class UtClientPasswordHandler implements CallbackHandler {

 private static final Map<String,String> pwMockDB = new HashMap<String,String>(); 
 static{
  pwMockDB.put("user","123456");

   pwMockDB.put("user1","123456");
 }
 
 public void handle(Callback[] callbacks) throws IOException,
   UnsupportedCallbackException {
  
  // TODO 自动生成方法存根
  
  WSPasswordCallback callback = (WSPasswordCallback)callbacks[0];
  
  String id = callback.getIdentifer();
  
  callback.setPassword(pwMockDB.get(id));

 }

}

 

调用的JSP文件:

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>


<%@ page import="com.export.Iquery" %>
<%@ page import="org.codehaus.xfire.XFireFactory" %>
<%@ page import="org.codehaus.xfire.client.XFireProxyFactory" %>
<%@ page import="org.codehaus.xfire.service.binding.ObjectServiceFactory" %>
<%@ page import="org.codehaus.xfire.service.Service" %>
<%@ page import="java.net.MalformedURLException" %>
<%@ page import="org.codehaus.xfire.client.XFireProxy"%>
<%@ page import="org.codehaus.xfire.client.Client"%>
<%@ page import="java.lang.reflect.Proxy" %>
<%@ page import="com.security.UtPasswordHandler" %>
<%@ page import="com.exportclass.MzBrda" %>
<%@ page import="org.apache.ws.security.handler.WSHandlerConstants" %>
<%@ page import="org.apache.ws.security.WSConstants" %>
<%@ page import="com.client.UtClientPasswordHandler" %>
<%@ page import="org.codehaus.xfire.util.dom.DOMOutHandler" %>
<%@ page import="org.codehaus.xfire.security.wss4j.WSS4JOutHandler" %>

<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";

%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html>
  <head>
    <base href="<%=basePath%>">
   
    <title>My JSP 'MyJsp.jsp' starting page</title>
   
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0">   
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--
 <link rel="stylesheet" type="text/css" href="styles.css">
 -->

  </head>
 
  <%
 
      Service srvcModel = new ObjectServiceFactory()
                .create(Iquery.class);
        XFireProxyFactory factory = new XFireProxyFactory(XFireFactory
                .newInstance().getXFire());
                
    
         
        String helloWorldURL = "http://192.17.99.20/yygh/services/Query";
     
        try {
         Iquery srvc = (Iquery) factory.create(
                    srvcModel, helloWorldURL);
          
  
          Client client = ((XFireProxy)Proxy.getInvocationHandler(srvc)).getClient();
          
         
         
          
         client.addOutHandler(new DOMOutHandler());
  
   Properties properties = new Properties();
   
    properties.setProperty(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);//密码类
   properties.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST); //密码类型 /PW_DIGEST以摘要方式发送,PW_TEXT以明文方式发送
    properties.setProperty(WSHandlerConstants.USER, "user");
   properties.setProperty("password","123456");
   
    properties.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, UtClientPasswordHandler.class.getName());
   
   client.addOutHandler(new WSS4JOutHandler(properties));

    

     out.println("ksdm:"+srvc.GetKsdm().size());

 

      } catch (MalformedURLException e) {
            e.printStackTrace();
        }
   
    
   %>
 
 
  <body><h2><br></h2>
  <h2><font face="幼圆" size="7"><strong>
   先生们,女士们, 这是测试页面,当你看到这个页面时表示webservice服务器测试成功. </strong>
     </font></h2>
  </body>

</html>

评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值