WS服务用户访问控制拦截器
2013-01-06 15:39
148 查看
import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.net.HttpURLConnection; import java.util.Arrays; import java.util.Map; import java.util.Properties; import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor; import org.apache.cxf.configuration.security.AuthorizationPolicy; import org.apache.cxf.endpoint.Endpoint; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.message.Exchange; import org.apache.cxf.message.Message; import org.apache.cxf.transport.Conduit; import org.apache.cxf.ws.addressing.EndpointReferenceType; import org.springframework.core.io.Resource; import com.huawei.support.framework.utils.StreamUtil; import com.huawei.support.framework.utils.StringUtil; public class AuthorizationInterceptor extends SoapHeaderInterceptor { private Properties props; /** * 配置路径 */ private Resource configLocation; /** * @param 对configLocation进行赋值 */ public void setConfigLocation(Resource aConfigLocation) { this.configLocation = aConfigLocation; } private Properties getProps() { if (null == props) { props = new Properties(); InputStream is = null; try { is = configLocation.getInputStream(); props.load(is); } catch (IOException e) { props = null; } finally { StreamUtil.close(is); } } return props; } @Override public void handleMessage(Message aMsg) throws Fault { final AuthorizationPolicy policy = aMsg.get(AuthorizationPolicy.class); if (null == policy) { sendErrorResponse(aMsg, HttpURLConnection.HTTP_UNAUTHORIZED); return; } String userName = policy.getUserName(); String passwrod = policy.getPassword(); if (StringUtil.isNullOrEmpty(passwrod)) { sendErrorResponse(aMsg, HttpURLConnection.HTTP_UNAUTHORIZED); return; } if (!passwrod.equalsIgnoreCase(this.getProps().getProperty(userName))) { sendErrorResponse(aMsg, HttpURLConnection.HTTP_UNAUTHORIZED); return; } super.handleMessage(aMsg); } private void sendErrorResponse(Message message, int responseCode) { Message outMessage = getOutMessage(message); outMessage.put(Message.RESPONSE_CODE, responseCode); // Set the response headers Map responseHeaders = (Map) message.get(Message.PROTOCOL_HEADERS); if (responseHeaders != null) { responseHeaders.put("WWW-Authenticate", Arrays.asList(new String[] { "Basic realm=realm" })); responseHeaders.put("Content-Length", Arrays.asList(new String[] { "0" })); } message.getInterceptorChain().abort(); try { getConduit(message).prepare(outMessage); close(outMessage); } catch (IOException e) { e.printStackTrace(); } } private Message getOutMessage(Message inMessage) { Exchange exchange = inMessage.getExchange(); Message outMessage = exchange.getOutMessage(); if (outMessage == null) { Endpoint endpoint = exchange.get(Endpoint.class); outMessage = endpoint.getBinding().createMessage(); exchange.setOutMessage(outMessage); } outMessage.putAll(inMessage); return outMessage; } private Conduit getConduit(Message inMessage) throws IOException { Exchange exchange = inMessage.getExchange(); EndpointReferenceType target = exchange.get(EndpointReferenceType.class); Conduit conduit = exchange.getDestination().getBackChannel(inMessage, null, target); exchange.setConduit(conduit); return conduit; } private void close(Message outMessage) throws IOException { OutputStream os = outMessage.getContent(OutputStream.class); os.flush(); os.close(); } }
相关文章推荐
- http服务--基于用户的访问控制实现
- Nginx提供网站服务应用包括(虚拟主机、用户访问控制、用户验证、nginx平滑升级、防盗链)的配置
- www服务的高级配置(用户验证,访问控制,虚拟主机等)
- 搭建web服务实现多个虚拟主机.基于主机/用户的访问控制
- linux_apache服务知识总结(二)(关于用户的访问控制及编译安装)
- RHEL4- FTP服务(六)vsftp服务对ftp用户的登录访问控制
- samba共享服务:共享目录基本设定、匿名用户、访问控制、读写控制、多用户挂载
- httpd服务之虚拟主机、访问控制、https配置
- CentOS7 FTP服务搭建(虚拟用户访问FTP服务)
- 在httpd中基于用户的访问控制
- httpd配置(一)-- 基于用户的访问控制的配置
- 非域,非匿名用户访问远程企业服务的详细步骤
- nagios 多用户权限管理---特定用户访问特定主机或服务
- SpringCloud(第 005 篇)电影微服务,也注册到 EurekaServer 中,通过 Http 协议访问已注册到生态圈中的用户微服务
- suse linux创建ftp用户、限制其访问路径,及解决重启ftp服务报错问题
- 动态Proxy与Java ACL用户访问控制机制实现
- httpd-2.4 基于IP和基于用户的访问控制
- SQL Server 2005 控制用户权限访问表
- Squid缓存服务器(缓存机制、代理模式、ACL访问控制、squid用户认证功能等)
- 控制用户的访问之权限、角色【weber出品必属精品】