WS服务用户访问控制拦截器

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.util.Arrays;
import java.util.Map;
import java.util.Properties;

import org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.Message;
import org.apache.cxf.transport.Conduit;
import org.apache.cxf.ws.addressing.EndpointReferenceType;
import org.springframework.core.io.Resource;

import com.huawei.support.framework.utils.StreamUtil;
import com.huawei.support.framework.utils.StringUtil;

public class AuthorizationInterceptor extends SoapHeaderInterceptor
{
private Properties props;

/**
* 配置路径
*/
private Resource configLocation;

/**
* @param 对configLocation进行赋值
*/
public void setConfigLocation(Resource aConfigLocation)
{
this.configLocation = aConfigLocation;
}

private Properties getProps()
{
if (null == props)
{
props = new Properties();
InputStream is = null;
try
{
is = configLocation.getInputStream();
props.load(is);
}
catch (IOException e)
{
props = null;
}
finally
{
StreamUtil.close(is);
}
}
return props;
}

@Override
public void handleMessage(Message aMsg) throws Fault
{
final AuthorizationPolicy policy = aMsg.get(AuthorizationPolicy.class);
if (null == policy)
{
sendErrorResponse(aMsg, HttpURLConnection.HTTP_UNAUTHORIZED);
return;
}
String userName = policy.getUserName();
String passwrod = policy.getPassword();

if (StringUtil.isNullOrEmpty(passwrod))
{
sendErrorResponse(aMsg, HttpURLConnection.HTTP_UNAUTHORIZED);
return;
}

if (!passwrod.equalsIgnoreCase(this.getProps().getProperty(userName)))
{
sendErrorResponse(aMsg, HttpURLConnection.HTTP_UNAUTHORIZED);
return;
}
super.handleMessage(aMsg);
}

private void sendErrorResponse(Message message, int responseCode)
{
Message outMessage = getOutMessage(message);
outMessage.put(Message.RESPONSE_CODE, responseCode);

// Set the response headers
Map responseHeaders = (Map) message.get(Message.PROTOCOL_HEADERS);

if (responseHeaders != null)
{
responseHeaders.put("WWW-Authenticate",
Arrays.asList(new String[] { "Basic realm=realm" }));

responseHeaders.put("Content-Length",
Arrays.asList(new String[] { "0" }));
}

message.getInterceptorChain().abort();
try
{
getConduit(message).prepare(outMessage);
close(outMessage);
}
catch (IOException e)
{
e.printStackTrace();
}

}

private Message getOutMessage(Message inMessage)
{
Exchange exchange = inMessage.getExchange();
Message outMessage = exchange.getOutMessage();
if (outMessage == null)
{
Endpoint endpoint = exchange.get(Endpoint.class);
outMessage = endpoint.getBinding().createMessage();
exchange.setOutMessage(outMessage);
}
outMessage.putAll(inMessage);
return outMessage;
}

private Conduit getConduit(Message inMessage) throws IOException
{
Exchange exchange = inMessage.getExchange();
EndpointReferenceType target = exchange.get(EndpointReferenceType.class);
Conduit conduit = exchange.getDestination().getBackChannel(inMessage,
null,
target);
exchange.setConduit(conduit);
return conduit;
}

private void close(Message outMessage) throws IOException
{
OutputStream os = outMessage.getContent(OutputStream.class);
os.flush();
os.close();
}

}