XFire使用WSSecurity实现的简单验证
2008-11-04 14:57
369 查看
xfire-servlet.xml文件的内容:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd" >
<beans default-autowire="byName">
<!--引入XFire的预配置文件-->
<import resource="classpath:org/codehaus/xfire/spring/xfire.xml" />
<bean id="baseWebService"
class="org.codehaus.xfire.spring.remoting.XFireExporter" lazy-init="false" abstract="true">
<property name="serviceFactory">
<ref bean="xfire.serviceFactory" />
</property>
<property name="xfire">
<ref bean="xfire" />
</property>
</bean>
<bean parent="baseWebService">
<property name="serviceBean"><!-- applicationcontext的bean的名字-->
<ref bean="bbtForum" />
</property>
<property name="serviceClass"><!-- 导出的接口类 -->
<value>com.export.BbtForumService</value>
</property>
<property name="name" value="BbtForumServiceUT"></property><!-- Web service 服务名-->
<property name="inHandlers">
<list>
<ref bean="domInHandler" />
<ref bean="wss4jInHandler"/>
</list>
</property>
</bean>
<!--
定义验证类
-->
<bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler"></bean>
<bean id="wss4jInHandler" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
<property name="properties">
<props>
<prop key="action">UsernameToken</prop>
<prop key="passwordCallbackClass">
com.security.UtPasswordHandler
</prop>
</props>
</property>
</bean>
<!--
END SNIPPET: xfire
-->
</beans>
com.security.UtPasswordHandler类的内容:
/**
*
* 日期:2008-1-8
*/
package com.security;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityException;
public class UtPasswordHandler implements CallbackHandler {
private static final Map pwMockDB = new HashMap();
static{
pwMockDB.put("user", "123456");
pwMockDB.put("user1", "123456");
}
/* (非 Javadoc)
* @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
*/
/* public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException, {
// TODO 自动生成方法存根
}*/
public void handle(Callback[] callbacks) throws WSSecurityException{
WSPasswordCallback callback = (WSPasswordCallback)callbacks[0];
String id = callback.getIdentifer();
String validPw = (String)pwMockDB.get(id);
if(WSConstants.PASSWORD_TEXT.equals(callback.getPasswordType())){
String pw = callback.getPassword();
if(pw==null||!pw.equalsIgnoreCase(validPw)){
throw new WSSecurityException("密码不匹配!");
}
}else{
callback.setPassword(validPw);
}
}
}
Java调用客户端:
package com.client;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class UtClientPasswordHandler implements CallbackHandler {
private static final Map<String,String> pwMockDB = new HashMap<String,String>();
static{
pwMockDB.put("user","123456");
pwMockDB.put("user1","123456");
}
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
// TODO 自动生成方法存根
WSPasswordCallback callback = (WSPasswordCallback)callbacks[0];
String id = callback.getIdentifer();
callback.setPassword(pwMockDB.get(id));
}
}
调用的JSP文件:
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ page import="com.export.Iquery" %>
<%@ page import="org.codehaus.xfire.XFireFactory" %>
<%@ page import="org.codehaus.xfire.client.XFireProxyFactory" %>
<%@ page import="org.codehaus.xfire.service.binding.ObjectServiceFactory" %>
<%@ page import="org.codehaus.xfire.service.Service" %>
<%@ page import="java.net.MalformedURLException" %>
<%@ page import="org.codehaus.xfire.client.XFireProxy"%>
<%@ page import="org.codehaus.xfire.client.Client"%>
<%@ page import="java.lang.reflect.Proxy" %>
<%@ page import="com.security.UtPasswordHandler" %>
<%@ page import="com.exportclass.MzBrda" %>
<%@ page import="org.apache.ws.security.handler.WSHandlerConstants" %>
<%@ page import="org.apache.ws.security.WSConstants" %>
<%@ page import="com.client.UtClientPasswordHandler" %>
<%@ page import="org.codehaus.xfire.util.dom.DOMOutHandler" %>
<%@ page import="org.codehaus.xfire.security.wss4j.WSS4JOutHandler" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'MyJsp.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<%
Service srvcModel = new ObjectServiceFactory()
.create(Iquery.class);
XFireProxyFactory factory = new XFireProxyFactory(XFireFactory
.newInstance().getXFire());
String helloWorldURL = "http://192.17.99.20/yygh/services/Query";
try {
Iquery srvc = (Iquery) factory.create(
srvcModel, helloWorldURL);
Client client = ((XFireProxy)Proxy.getInvocationHandler(srvc)).getClient();
client.addOutHandler(new DOMOutHandler());
Properties properties = new Properties();
properties.setProperty(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);//密码类
properties.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST); //密码类型 /PW_DIGEST以摘要方式发送,PW_TEXT以明文方式发送
properties.setProperty(WSHandlerConstants.USER, "user");
properties.setProperty("password","123456");
properties.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, UtClientPasswordHandler.class.getName());
client.addOutHandler(new WSS4JOutHandler(properties));
out.println("ksdm:"+srvc.GetKsdm().size());
} catch (MalformedURLException e) {
e.printStackTrace();
}
%>
<body><h2><br></h2>
<h2><font face="幼圆" size="7"><strong>
先生们,女士们, 这是测试页面,当你看到这个页面时表示webservice服务器测试成功. </strong>
</font></h2>
</body>
</html>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd" >
<beans default-autowire="byName">
<!--引入XFire的预配置文件-->
<import resource="classpath:org/codehaus/xfire/spring/xfire.xml" />
<bean id="baseWebService"
class="org.codehaus.xfire.spring.remoting.XFireExporter" lazy-init="false" abstract="true">
<property name="serviceFactory">
<ref bean="xfire.serviceFactory" />
</property>
<property name="xfire">
<ref bean="xfire" />
</property>
</bean>
<bean parent="baseWebService">
<property name="serviceBean"><!-- applicationcontext的bean的名字-->
<ref bean="bbtForum" />
</property>
<property name="serviceClass"><!-- 导出的接口类 -->
<value>com.export.BbtForumService</value>
</property>
<property name="name" value="BbtForumServiceUT"></property><!-- Web service 服务名-->
<property name="inHandlers">
<list>
<ref bean="domInHandler" />
<ref bean="wss4jInHandler"/>
</list>
</property>
</bean>
<!--
定义验证类
-->
<bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler"></bean>
<bean id="wss4jInHandler" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
<property name="properties">
<props>
<prop key="action">UsernameToken</prop>
<prop key="passwordCallbackClass">
com.security.UtPasswordHandler
</prop>
</props>
</property>
</bean>
<!--
END SNIPPET: xfire
-->
</beans>
com.security.UtPasswordHandler类的内容:
/**
*
* 日期:2008-1-8
*/
package com.security;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityException;
public class UtPasswordHandler implements CallbackHandler {
private static final Map pwMockDB = new HashMap();
static{
pwMockDB.put("user", "123456");
pwMockDB.put("user1", "123456");
}
/* (非 Javadoc)
* @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
*/
/* public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException, {
// TODO 自动生成方法存根
}*/
public void handle(Callback[] callbacks) throws WSSecurityException{
WSPasswordCallback callback = (WSPasswordCallback)callbacks[0];
String id = callback.getIdentifer();
String validPw = (String)pwMockDB.get(id);
if(WSConstants.PASSWORD_TEXT.equals(callback.getPasswordType())){
String pw = callback.getPassword();
if(pw==null||!pw.equalsIgnoreCase(validPw)){
throw new WSSecurityException("密码不匹配!");
}
}else{
callback.setPassword(validPw);
}
}
}
Java调用客户端:
package com.client;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class UtClientPasswordHandler implements CallbackHandler {
private static final Map<String,String> pwMockDB = new HashMap<String,String>();
static{
pwMockDB.put("user","123456");
pwMockDB.put("user1","123456");
}
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
// TODO 自动生成方法存根
WSPasswordCallback callback = (WSPasswordCallback)callbacks[0];
String id = callback.getIdentifer();
callback.setPassword(pwMockDB.get(id));
}
}
调用的JSP文件:
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ page import="com.export.Iquery" %>
<%@ page import="org.codehaus.xfire.XFireFactory" %>
<%@ page import="org.codehaus.xfire.client.XFireProxyFactory" %>
<%@ page import="org.codehaus.xfire.service.binding.ObjectServiceFactory" %>
<%@ page import="org.codehaus.xfire.service.Service" %>
<%@ page import="java.net.MalformedURLException" %>
<%@ page import="org.codehaus.xfire.client.XFireProxy"%>
<%@ page import="org.codehaus.xfire.client.Client"%>
<%@ page import="java.lang.reflect.Proxy" %>
<%@ page import="com.security.UtPasswordHandler" %>
<%@ page import="com.exportclass.MzBrda" %>
<%@ page import="org.apache.ws.security.handler.WSHandlerConstants" %>
<%@ page import="org.apache.ws.security.WSConstants" %>
<%@ page import="com.client.UtClientPasswordHandler" %>
<%@ page import="org.codehaus.xfire.util.dom.DOMOutHandler" %>
<%@ page import="org.codehaus.xfire.security.wss4j.WSS4JOutHandler" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'MyJsp.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<%
Service srvcModel = new ObjectServiceFactory()
.create(Iquery.class);
XFireProxyFactory factory = new XFireProxyFactory(XFireFactory
.newInstance().getXFire());
String helloWorldURL = "http://192.17.99.20/yygh/services/Query";
try {
Iquery srvc = (Iquery) factory.create(
srvcModel, helloWorldURL);
Client client = ((XFireProxy)Proxy.getInvocationHandler(srvc)).getClient();
client.addOutHandler(new DOMOutHandler());
Properties properties = new Properties();
properties.setProperty(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN);//密码类
properties.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST); //密码类型 /PW_DIGEST以摘要方式发送,PW_TEXT以明文方式发送
properties.setProperty(WSHandlerConstants.USER, "user");
properties.setProperty("password","123456");
properties.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, UtClientPasswordHandler.class.getName());
client.addOutHandler(new WSS4JOutHandler(properties));
out.println("ksdm:"+srvc.GetKsdm().size());
} catch (MalformedURLException e) {
e.printStackTrace();
}
%>
<body><h2><br></h2>
<h2><font face="幼圆" size="7"><strong>
先生们,女士们, 这是测试页面,当你看到这个页面时表示webservice服务器测试成功. </strong>
</font></h2>
</body>
</html>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- ASP.NET jQuery 实例11 通过使用jQuery validation插件简单实现用户登录页面验证功能
- JAX-WS使用Handler实现简单的WebService权限验证
- j2ee 简单网站搭建:(六)使用 hibernate validation 实现 domain 层实体类验证
- Nodejs中session的简单使用及通过session实现身份验证的方法
- ASP.NET jQuery 实例12 通过使用jQuery validation插件简单实现用户注册页面验证功能
- ASP.NET jQuery 随笔 使用allValidator插件简单实现客户端验证功能
- ASP.NET jQuery 实例11 通过使用jQuery validation插件简单实现用户登录页面验证功能
- 使用JSP Servlet和Ajax实现简单的注册页面的用户名密码验证
- JAX-WS使用Handler实现简单的WebService权限验证
- 【MVC】使用Servlet 作为控制器实现一个简单的登陆验证
- Nodejs中session的简单使用及通过session实现身份验证的方法
- 使用简单jQuery工具来实现表单的验证
- 使用jQuery实现简单的邮箱验证
- 使用正则表达式实现一个简单的QQ登录验证
- 简单两步快速实现shiro的配置和使用,包含登录验证、角色验证、权限验证以及shiro登录注销流程(基于spring的方式,使用maven构建)
- ASP.NET jQuery 食谱11 (通过使用jQuery validation插件简单实现用户登录页面验证功能)
- JAX-WS使用Handler实现简单的WebService权限验证
- ASP.NET jQuery 食谱12 (通过使用jQuery validation插件简单实现用户注册页面验证功能)
- 使用manven+hibernate+spring+shiro登录验证实现简单增删改查
- JAX-WS使用Handler实现简单的WebService权限验证