webservice cxf+spring+WS-security配置示例
2014-09-01 16:14
585 查看
由于原项目中包含的JAR包太多,直接在里面加可能会引起JAR包冲突造成各种报错,所以推荐另开个项目专门用于接口的编写。
使用到的框架有HIBERNATE(本不想用,原有数据库ID生成策略用了它,不知不用是否可行)、SPRING,个人使用到的最简的JAR包如下:
1、首选配置服务端
与spring整合的配置文件applicationContext-webservice-server.xml 多个服务端都可以在配置文件里统一管理
对应的验证的回调BEAN ServerPasswordCallback.java
2、业务配置文件applicationContext-common.xml , WS安全验证的回调BEAN以及业务SERVICE在此文件里统一管理
3、客户端与SPRING整合的配置文件applicationContext-webservice-client.xml
客户端回调验证的BEAN ClientPasswordCallback.java
4、接口以及测试类
接口
测试打印出456.
可以单独载入服务端配置文件,浏览器中输入你配置文件中发布的address 本例中的http://localhost:8083/userServer?wsdl查看发布情况
作为WE
a144
B项目发布还需要对web.xml配置
发布后输入http://localhost:8083/userServer?wsdl查看发布情况
客户端中调用
JaxWsProxyFactoryBean bean = new JaxWsProxyFactoryBean();
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.USER, "cxfClient");
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
bean.getOutInterceptors().add(wssOut);
bean.setServiceClass(IUserWebService.class);
bean.setAddress("http://localhost:8083/userServer");
IUserWebService service = (IUserWebService) bean.create();
service.getUserService("123");
使用到的框架有HIBERNATE(本不想用,原有数据库ID生成策略用了它,不知不用是否可行)、SPRING,个人使用到的最简的JAR包如下:
1、首选配置服务端
与spring整合的配置文件applicationContext-webservice-server.xml 多个服务端都可以在配置文件里统一管理
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> <!-- 添加implementorClass属性来指定实现接口,可以直接看到这些接口参数信息 否则生成的wsdl看不到参数--> <!-- 个人会员信息WS--> <jaxws:endpoint id="userServer" implementorClass="com.*.webservice.user.IUserWebService" implementor="#userWebServiceImpl" address="http://localhost:8083/userServer" > <jaxws:inInterceptors><!-- 日志输出以及安全验证 --> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /><!-- 明文的方式传递密码 --> <entry key="user" value="cxfServer" /><!-- 取一个用户名 --> <entry key="passwordCallbackRef"> <ref bean="serverPasswordCallback" /><!-- 密码回调的bean --> </entry> </map> </constructor-arg> </bean> </jaxws:inInterceptors> <jaxws:outInterceptors> <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"/> </jaxws:outInterceptors> <jaxws:inFaultInterceptors> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/> </jaxws:inFaultInterceptors> <jaxws:outFaultInterceptors> <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"/> </jaxws:outFaultInterceptors> </jaxws:endpoint> </beans>
对应的验证的回调BEAN ServerPasswordCallback.java
import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; /** * WS验证 * @author * */ public class ServerPasswordCallback implements CallbackHandler { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { // TODO Auto-generated method stub for (int i = 0; i < callbacks.length; i++) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; String idf = pc.getIdentifier(); if("admin".equals(idf)){ pc.setPassword("password"); } else{ throw new SecurityException("用户不存在"); } } } }
2、业务配置文件applicationContext-common.xml , WS安全验证的回调BEAN以及业务SERVICE在此文件里统一管理
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"> <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"> <!-- --> <bean id="serverPasswordCallback" class=" com.*.webservice.security.ServerPasswordCallback" /><!--服务端回调密码的BEAN --> <bean id="userWebServiceImpl" class="com.*.webservice.user.imp.UserWebServiceImpl"> <!--<property name="commonJdbcDao"> <ref bean="commonJdbcDao"/> </property> <property name="commonDao"> <ref bean="commonDao"/> </property> --><!-- 测试时无须用到 --> </bean> </beans>
3、客户端与SPRING整合的配置文件applicationContext-webservice-client.xml
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> <bean id="clientPasswordCallback" class=" com.*.webservice.security.ClientPasswordCallback" /> <!-- userService --> <bean id="userClient" class="com.*.webservice.user.IUserWebService" factory-bean="userClientFactory" factory-method="create"/> <bean id="userClientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"> <property name="serviceClass" value="com.*.webservice.user.IUserWebService"/> <property name="address" value="http://localhost:8083/userServer"/> <property name="outInterceptors"> <list> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="user" value="cxfClient" /> <entry key="passwordCallbackRef"> <ref bean="clientPasswordCallback" /> </entry> </map> </constructor-arg> </bean> </list> </property> <property name="inInterceptors"> <list> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor" /> </list> </property> </bean> </beans>
客户端回调验证的BEAN ClientPasswordCallback.java
import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; /** * WS验证 * @author * */ public class ClientPasswordCallback implements CallbackHandler { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { // TODO Auto-generated method stub for(int i = 0; i < callbacks.length; i++){ WSPasswordCallback ps = (WSPasswordCallback) callbacks[i]; ps.setPassword("password"); ps.setIdentifier("admin"); } } }
4、接口以及测试类
接口
import javax.jws.WebService; @WebService public interface IUserWebService { public String getUserService(String s); }实现
import java.util.List; import javax.jws.WebService; import org.apache.log4j.Logger; import com.fw.webservice.user.IUserWebService; /** * * @author * */ @WebService(endpointInterface="com.*.webservice.user.IUserWebService") public class UserWebServiceImpl implements IUserWebService { //private ICommonJdbcDao commonJdbcDao; //private ICommonDao commonDao; public String getUserService(String s) { return "456"; }测试类:
import org.springframework.context.support.ClassPathXmlApplicationContext; public class TestWs { /** * @param args */ public static void main(String[] args) { // TODO Auto-generated method stub ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext("applicationContext*.xml"); IUserWebService client = (IUserWebService)context.getBean("userClient"); String response = client.getUserService("123"); System.out.println("Response: " + response); System.exit(0); } }
测试打印出456.
可以单独载入服务端配置文件,浏览器中输入你配置文件中发布的address 本例中的http://localhost:8083/userServer?wsdl查看发布情况
作为WE
a144
B项目发布还需要对web.xml配置
<!-- CXF --> <servlet> <servlet-name>CXFServlet</servlet-name> <display-name>CXFServlet</display-name> <servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>CXFServlet</servlet-name> <url-pattern>/webservice</url-pattern> </servlet-mapping>
发布后输入http://localhost:8083/userServer?wsdl查看发布情况
客户端中调用
JaxWsProxyFactoryBean bean = new JaxWsProxyFactoryBean();
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.USER, "cxfClient");
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
bean.getOutInterceptors().add(wssOut);
bean.setServiceClass(IUserWebService.class);
bean.setAddress("http://localhost:8083/userServer");
IUserWebService service = (IUserWebService) bean.create();
service.getUserService("123");
相关文章推荐
- cxf + spring 的WS-Security示例(一)
- cxf + spring 的WS-Security示例(二)
- Spring整合CXF,发布RSETful 风格-配置WebService
- webservice框架(cxf, axis2, spring-ws)
- Eclipse使用Axis2,spring开发jax-ws(webservice)的配置讲解
- 基于spring+hibernate+cxf写的webservice服务,详细配置
- Webservice的cxf开发_使用spring配置客户端
- spring注解方式,使用jax-ws配置webservice,适合小白。看不会你打死我!
- 框架 day64 WebService(注解),CXF框架(jax-ws,Jax-rs,与spring整合)
- Java-Spring-WebService最基础的配置示例
- 浅谈spingmvc 整合CXF +ws-security 实现webservice安全验证
- spring_webservice_rmi配置示例
- cxf+spring实现ws-security的数字证书验证方式的记录(包括生成证书步骤)
- 配置 cxf-ws spring bean 文件
- WebService CXF学习(高级篇3):WS-Security
- spring_webservice_Hessian和Burlap配置示例
- JAX-WS+spring开发webservice配置
- CXF+WS-Security+Spring WebService服务器端+客户端及注意问题
- 4、webService CXF的应用2 Spring的配置方法