该webservice是用java axis2做服务端,flex as3做客户端。
一、利用抓包工具抓的请求包如下:
POST /axis2/services/ScService.ScServiceSOAP/ HTTP/1.1
Referer: app:/MultimediaDispatch.swf
Accept: text/xml, application/xml, application/xhtml+xml, text/html;q=0.9, text/plain;q=0.8, text/css, image/png, image/jpeg, image/gif;q=0.8, application/x-shockwave-flash, video/mp4;q=0.9, flv-application/octet-stream;q=0.8, video/x-flv;q=0.7, audio/mp4, application/futuresplash, */*;q=0.5
x-flash-version: 11,1,100,27
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://www.showclear.cn/ScService/OrgGroupQuery"
Content-Length: 492
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows; U; zh-CN) AppleWebKit/533.19.4 (KHTML, like Gecko) AdobeAIR/3.1
Host: 192.168.2.172:8080
Connection: Keep-Alive
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Header>
<AuthHeader>
<password>1</password>
<username>admin</username>
</AuthHeader>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<tns:CommonReq xmlns:tns="http://www.showclear.cn/ScService/">
<sessionId>1</sessionId>
</tns:CommonReq>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
二、java服务端的处理
ScServiceSkeleton子类重写实现方法:
@Override
public OrgGroupQueryResp orgGroupQuery(CommonReq commonReq) {
OrgGroupQueryResp resp = new OrgGroupQueryResp();
if (!AuthChecker.isAuth()) {
resp.setReturnCode(ReturnCode.AUTH_FAIL.getValueS());
resp.setTotal(0);
} else {
Managers.getDbManager().getOrgDao().queryOrgGroup(resp);
}
return resp;
}
权限检测类:
public class AuthChecker {
private static final Logger log = Logger.getLogger(AuthChecker.class);
@SuppressWarnings("rawtypes")
public static boolean isAuth() {
boolean result = true;
try {
MessageContext msgContext = MessageContext.getCurrentMessageContext();
OMElement element = msgContext.getEnvelope().getHeader().getFirstElement();
Iterator list = (Iterator) msgContext.getEnvelope().getHeader().getFirstElement().getChildElements();
String username = "";
String password = "";
while (list.hasNext()) {
element = (OMElement) list.next();
if (element.getLocalName().equalsIgnoreCase("username")) {
username = element.getText();
} else if (element.getLocalName().equalsIgnoreCase("password")) {
password = element.getText();
}
}
log.info("username=" + username + ", password=" + password);
if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password))
result = false;
} catch(Exception e) {
log.error("AuthChecker error", e);
result = false;
}
return result;
}
}
三、Flex as3客户端请求
private var ws:WebService;
ws = new WebService();
ws.wsdl = "http://192.168.2.172:8080/axis2/services/ScService?wsdl";
ws.loadWSDL();
ws.addEventListener(FaultEvent.FAULT, faultHandler);
ws.addHeader(new AuthHeader("admin", "1"));
public function queryOrgGroup():void {
ws.addEventListener(ResultEvent.RESULT, resultOrgGroup);
// ws.getOperation("OrgGroupQuery").send("1");
ws.OrgGroupQuery("1");
}
private function resultOrgGroup(event:ResultEvent):void {
var returnCode:String = event.result.returnCode;
var total:int = event.result.total;
if (total != 0) {
var groups:ArrayCollection = event.result.groups;
var size:int = groups.length;
var dept:OrgDepartment;
for (var i:int=0; i<size; i++) {
dept = OrgDepartment.build(groups.getItemAt(i));
trace(dept.toString());
Managers.getOrgManager().addDept(dept);
}
}
ws.removeEventListener(ResultEvent.RESULT, resultOrgGroup);
queryOrgMember();
}
AuthHeader类
import mx.rpc.soap.SOAPHeader;
public class AuthHeader extends SOAPHeader
{
public function AuthHeader(username:String, password:String){
var content:Object = new Object();
content.username = username;
content.password = password;
var qn:QName = new QName("", "AuthHeader");
super(qn, content);
}
}