Spring HttpInvoker 服务端安全验证的和客户端请求配置

package service;

public interface TestService {
int add(int i,int j);
}

package service.impl;
import org.springframework.stereotype.Service;
import service.TestService;
@Service("testService")
public class TestServiceImpl implements TestService {
@Override
public int add(int i, int j) {
System.out.println("Add method Invoked! " + i + "+" + j + "=?");
return i+j;
}
}

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="remoting"/>
<user username="rpc" password="123456" roles="remoting"/>
</tomcat-users>

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> <display-name>Spring2.5Study_Remote</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml,classpath:org/codehaus/xfire/spring/xfire.xml</param-value>
</context-param>

<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>remoting</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>remoting</servlet-name>
<url-pattern>*.rpc</url-pattern>
</servlet-mapping>

<security-constraint>
<web-resource-collection>
<web-resource-name>Remoting Protect</web-resource-name>
<url-pattern>/remoting/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>remoting</role-name>
</auth-constraint>
</security-constraint>

<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Supported Realm</realm-name>
</login-config>

<security-role>
<description>
An role defined in "conf/tomcat-users.xml"
</description>
<role-name>remoting</role-name>
</security-role>

<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>

</web-app>

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd"> 
<bean class="org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping">
<property name="interceptors" ref="authorizationInterceptor"/>
</bean>

<bean id="authorizationInterceptor" class="org.springframework.web.servlet.handler.UserRoleAuthorizationInterceptor">
<property name="authorizedRoles" value="remoting"/>
</bean>

<!-- rpc service define -->
<bean name="/remoting/testService.rpc"  class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter">
<property name="service" ref="testService" />
<property name="serviceInterface" value="service.TestService" />
</bean>
</beans>

URI uri = new URI(serviceUrl);

CommonsHttpInvokerRequestExecutor executor = new CommonsHttpInvokerRequestExecutor();
HttpClient client = executor.getHttpClient();
HttpClientParams params = client.getParams();
params.setConnectionManagerTimeout(300000); //??
params.setSoTimeout(300000); //??
params.setAuthenticationPreemptive(true);       //抢先认证
client.getState().setCredentials(new AuthScope(uri.getHost(),uri.getPort()),new UsernamePasswordCredentials(username,password));

HttpInvokerProxyFactoryBean factoryBean = new HttpInvokerProxyFactoryBean();
factoryBean.setServiceInterface(serviceInterface);
factoryBean.setServiceUrl(serviceUrl);
factoryBean.setHttpInvokerRequestExecutor(executor);
factoryBean.afterPropertiesSet();

return factoryBean.getObject();