本文介绍了一个使用SOAP协议进行SAML身份验证的过程。通过Java客户端向指定的服务端发送带有用户名和密码的SOAP请求,并从响应中解析SAML断言。接着利用获取到的SAML断言向目标服务发起新的SOAP请求。
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.InputStreamRequestEntity;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.methods.RequestEntity;
import org.apache.xpath.XPathAPI;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
public class HttpClientSoap {
private static final String soapRequestOfSaml = "<SOAP:Envelope xmlns:SOAP=\"http://schemas.xmlsoap.org/soap/envelope/\">"
+ " <SOAP:Header>"
+ " <wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">"
+ " <wsse:UsernameToken xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">"
+ " <wsse:Username>201613</wsse:Username>"
+ " <wsse:Password>201613</wsse:Password>"
+ " </wsse:UsernameToken>"
+ " </wsse:Security>"
+ " </SOAP:Header>"
+ " <SOAP:Body>"
+ " <samlp:Request xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" MajorVersion=\"1\" MinorVersion=\"1\">"
+ " <samlp:AuthenticationQuery>"
+ " <saml:Subject xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\">"
+ " <saml:NameIdentifier Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\">201613</saml:NameIdentifier>"
+ " </saml:Subject>"
+ " </samlp:AuthenticationQuery>"
+ " </samlp:Request>"
+ " </SOAP:Body>"
+ " </SOAP:Envelope>";
private static final String soapRequestOfTargetService =""
+"<SOAP:Envelope xmlns:SOAP=\"http://schemas.xmlsoap.org/soap/envelope/\">"
+"<SOAP:Body>"
+"<GetDepartmentByParentID xmlns=\"http://schemas.cordys.com/CommonPackage\" preserveSpace=\"no\" qAccess=\"0\" qValues=\"\">"
+"<ParentID>29</ParentID>"
+"</GetDepartmentByParentID>"
+"</SOAP:Body>"
+"</SOAP:Envelope>";
public static void Test() {
try {
System.out.println(soapRequestOfSaml);
PostMethod postmethod = new PostMethod("http://192.168.100.122/comac/com.eibus.web.soap.Gateway.wcp");
byte[] b = soapRequestOfSaml.getBytes("UTF-8");
InputStream is = new ByteArrayInputStream(b, 0, b.length);
RequestEntity re = new InputStreamRequestEntity(is, b.length, "application/xop+xml; charset=UTF-8; type=\"text/xml\"");
postmethod.setRequestEntity(re);
HttpClient httpClient = new HttpClient();
int statusCode = httpClient.executeMethod(postmethod);
System.err.println("statuscode = " + statusCode);
String soapResponseData = postmethod.getResponseBodyAsString();
System.out.println(soapResponseData);
DocumentBuilder builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
Document dom = builder.parse(postmethod.getResponseBodyAsStream());
Node samlArtifact = XPathAPI.selectSingleNode(dom, "//*[local-name()='AssertionArtifact']");
System.err.println("SamlArtifact = " + samlArtifact.getTextContent());
//System.out.println(samlArtifact.getAttributes().getNamedItem("xmlns:samlp").getNodeValue());
System.out.println(soapRequestOfTargetService);
postmethod = new PostMethod("http://192.168.100.122/comac/com.eibus.web.soap.Gateway.wcp?SAMLart=" + samlArtifact.getTextContent());
b = soapRequestOfTargetService.getBytes("UTF-8");
is = new ByteArrayInputStream(b, 0, b.length);
re = new InputStreamRequestEntity(is, b.length, "application/xop+xml; charset=UTF-8; type=\"text/xml\"");
postmethod.setRequestEntity(re);
//httpClient = new HttpClient();
statusCode = httpClient.executeMethod(postmethod);
System.err.println("statuscode = " + statusCode);
soapResponseData = postmethod.getResponseBodyAsString();
System.out.println(soapResponseData);
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
扫一扫
评论
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
查看更多评论
添加红包
