cxf webservice身份验证
2011-12-21 11:38
309 查看
1:spring服务端的配置
Java代码
<bean id="Customer" class="org.web.HelloServiceImpl"></bean>
<jaxws:endpoint id="custom" implementor="#Customer" address="/web" >
<jaxws:inInterceptors>
<bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType"
value="PasswordText" />
<entry key="user" value="cxfServer" />
<entry key="passwordCallbackRef">
<ref bean="serverPasswordCallback" />
</entry>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
<bean id="serverPasswordCallback" class="org.web.ServerPasswordCallback" />
action:UsernameToken
是使用用户令牌
passwordType:PasswordText
是指密码加密策略.这里是直接密码文本.
user:cxfServer
是指别名
passwordCallbackRef:serverPasswordCallback
是这密码验证..类..就是下面配置的..
2: 类:serverPasswordCallback
Java代码
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class ServerPasswordCallback implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
WSPasswordCallback pc=(WSPasswordCallback) callbacks[0];
String pw=pc.getPassword();
String idf=pc.getIdentifier();
System.out.println("密码是:"+pw);
System.out.println("类型是:"+idf);
if(pw.equals("wdwsb")&&idf.equals("admin")){
System.out.println("成功");
}
else{
throw new SecurityException("验证失败");
}
}
这个不用多说..就是密码验证..很简单!!
3:spring客户端的配置:
Java代码
<bean id="webTest" class="org.web.HelloService" factory-bean="client" factory-method="create"/>
<bean id="client" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean" >
<property name="address" value="http://127.0.0.1:88/Hello/web/web"></property>
<property name="serviceClass" value="org.web.HelloService"></property>
<property name="outInterceptors">
<list>
<bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
<bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" />
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType"
value="PasswordText" />
<entry key="user" value="cxfClient" />
<entry key="passwordCallbackRef">
<ref bean="clientPasswordCallback" />
</entry>
</map>
</constructor-arg>
</bean>
</list>
</property>
</bean>
<bean id="clientPasswordCallback" class="org.web.clientPasswordCallback"></bean>
跟server的配置差不多..没多少要讲的.呵呵...
4: 类clientPasswordCallback的配置
Java代码
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class clientPasswordCallback implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for(int i=0;i<callbacks.length;i++){
WSPasswordCallback ps=(WSPasswordCallback) callbacks[i];
ps.setPassword("wdwsb");
ps.setIdentifier("admin");
}
}
到此为止..密码认证用户令牌就完成了...
测试!
通过!
当然我前面写的一篇文章是最基本的.缺少了一些jar包.会报错的.
所以要加上以下jar包..
Java代码
<bean id="Customer" class="org.web.HelloServiceImpl"></bean>
<jaxws:endpoint id="custom" implementor="#Customer" address="/web" >
<jaxws:inInterceptors>
<bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType"
value="PasswordText" />
<entry key="user" value="cxfServer" />
<entry key="passwordCallbackRef">
<ref bean="serverPasswordCallback" />
</entry>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
<bean id="serverPasswordCallback" class="org.web.ServerPasswordCallback" />
action:UsernameToken
是使用用户令牌
passwordType:PasswordText
是指密码加密策略.这里是直接密码文本.
user:cxfServer
是指别名
passwordCallbackRef:serverPasswordCallback
是这密码验证..类..就是下面配置的..
2: 类:serverPasswordCallback
Java代码
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class ServerPasswordCallback implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
WSPasswordCallback pc=(WSPasswordCallback) callbacks[0];
String pw=pc.getPassword();
String idf=pc.getIdentifier();
System.out.println("密码是:"+pw);
System.out.println("类型是:"+idf);
if(pw.equals("wdwsb")&&idf.equals("admin")){
System.out.println("成功");
}
else{
throw new SecurityException("验证失败");
}
}
这个不用多说..就是密码验证..很简单!!
3:spring客户端的配置:
Java代码
<bean id="webTest" class="org.web.HelloService" factory-bean="client" factory-method="create"/>
<bean id="client" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean" >
<property name="address" value="http://127.0.0.1:88/Hello/web/web"></property>
<property name="serviceClass" value="org.web.HelloService"></property>
<property name="outInterceptors">
<list>
<bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
<bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" />
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType"
value="PasswordText" />
<entry key="user" value="cxfClient" />
<entry key="passwordCallbackRef">
<ref bean="clientPasswordCallback" />
</entry>
</map>
</constructor-arg>
</bean>
</list>
</property>
</bean>
<bean id="clientPasswordCallback" class="org.web.clientPasswordCallback"></bean>
跟server的配置差不多..没多少要讲的.呵呵...
4: 类clientPasswordCallback的配置
Java代码
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class clientPasswordCallback implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for(int i=0;i<callbacks.length;i++){
WSPasswordCallback ps=(WSPasswordCallback) callbacks[i];
ps.setPassword("wdwsb");
ps.setIdentifier("admin");
}
}
到此为止..密码认证用户令牌就完成了...
测试!
通过!
当然我前面写的一篇文章是最基本的.缺少了一些jar包.会报错的.
所以要加上以下jar包..
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 分别用(Windows/Form/Soap/WebService)实现用户身份验证(含示例代码下载)
- SharePoint Web Service的身份验证
- 关于WEB Service&WCF&WebApi实现身份验证之WebApi篇
- 分别用(Windows/Form/Soap/WebService)实现用户身份验证(含示例代码下载)
- 分别用(Windows/Form/Soap/WebService)实现用户身份验证(含示例代码下载)
- 关于WEB Service&WCF&WebApi实现身份验证之WCF篇(1)
- SharePoint Web Service的身份验证
- SharePoint Web Service的身份验证
- C# Web Service非Soap头(Session)身份验证方法
- SharePoint Web Service的身份验证
- [转] 分别用(Windows/Form/Soap/WebService)实现用户身份验证
- 分别用(Windows/Form/Soap/WebService)实现用户身份验证(含示例代码下载)
- C# WebService身份验证
- 关于WEB Service&WCF&WebApi实现身份验证之WCF篇(2)
- 关于WEB Service&WCF&WebApi实现身份验证之WEB Service篇
- 分别用(Windows/Form/Soap/WebService)实现用户身份验证(含示例代码下载)
- 关于WEB Service&WCF&WebApi实现身份验证之WebApi篇
- SharePoint Web Service的身份验证
- cxf webservice AuthIntercetpr 权限认证拦截器
- CXF webservice接口数据传输报错,ClientAbortException: java.io.IOException: 您的主机中的软件中止了一个已建立的连接