Spring HttpInvoker 服务端安全验证的和客户端请求配置
2014-05-16 00:00
525 查看
摘要: 这里只是简单的通过用户名和密码,利用Tomcat 的用户认证
1、服务端
服务Java接口
服务的[b]Java实现[/b]
Tomcat的tomcat-users.xml
WEB-INF/web.xml
WEB-INF/remoting-servlet.xml
2、客户端请求
1、服务端
服务Java接口
package service; public interface TestService { int add(int i,int j); }
服务的[b]Java实现[/b]
package service.impl; import org.springframework.stereotype.Service; import service.TestService; @Service("testService") public class TestServiceImpl implements TestService { @Override public int add(int i, int j) { System.out.println("Add method Invoked! " + i + "+" + j + "=?"); return i+j; } }
Tomcat的tomcat-users.xml
<?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="remoting"/> <user username="rpc" password="123456" roles="remoting"/> </tomcat-users>
WEB-INF/web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> <display-name>Spring2.5Study_Remote</display-name> <context-param> <param-name>contextConfigLocation</param-name> <param-value>classpath:applicationContext.xml,classpath:org/codehaus/xfire/spring/xfire.xml</param-value> </context-param> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <servlet> <servlet-name>remoting</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>remoting</servlet-name> <url-pattern>*.rpc</url-pattern> </servlet-mapping> <security-constraint> <web-resource-collection> <web-resource-name>Remoting Protect</web-resource-name> <url-pattern>/remoting/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>remoting</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Tomcat Supported Realm</realm-name> </login-config> <security-role> <description> An role defined in "conf/tomcat-users.xml" </description> <role-name>remoting</role-name> </security-role> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> </welcome-file-list> </web-app>
WEB-INF/remoting-servlet.xml
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd"> <bean class="org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping"> <property name="interceptors" ref="authorizationInterceptor"/> </bean> <bean id="authorizationInterceptor" class="org.springframework.web.servlet.handler.UserRoleAuthorizationInterceptor"> <property name="authorizedRoles" value="remoting"/> </bean> <!-- rpc service define --> <bean name="/remoting/testService.rpc" class="org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter"> <property name="service" ref="testService" /> <property name="serviceInterface" value="service.TestService" /> </bean> </beans>
2、客户端请求
URI uri = new URI(serviceUrl); CommonsHttpInvokerRequestExecutor executor = new CommonsHttpInvokerRequestExecutor(); HttpClient client = executor.getHttpClient(); HttpClientParams params = client.getParams(); params.setConnectionManagerTimeout(300000); //?? params.setSoTimeout(300000); //?? params.setAuthenticationPreemptive(true); //抢先认证 client.getState().setCredentials(new AuthScope(uri.getHost(),uri.getPort()),new UsernamePasswordCredentials(username,password)); HttpInvokerProxyFactoryBean factoryBean = new HttpInvokerProxyFactoryBean(); factoryBean.setServiceInterface(serviceInterface); factoryBean.setServiceUrl(serviceUrl); factoryBean.setHttpInvokerRequestExecutor(executor); factoryBean.afterPropertiesSet(); return factoryBean.getObject();
相关文章推荐
- spring 配置 Http请求账号密码验证功能
- spring-remoting中的httpInvoker实现并安全验证
- WCF----双工模式服务端回调客户端方法时无响应,“发送到 http://***/User.svc 的请求操作在配置的超时内未收到回复”
- WCF消息安全模式之自定义用户名密码:Message CustomUserNamePassword wsHttpBinding 使用Windows Services宿主以及客户端免证书验证
- Android客户端采用Http 协议Post方式请求与服务端进行数据交互
- HTTP 请求未经客户端身份验证方案“Anonymous”授权。从服务器收到的身份验证标头为“Negotiate,NTLM”
- HTTP 请求未经客户端身份验证方案“Anonymous”授权。从服务器收到的身份验证标头为“Negotiate,NTLM”。
- IE7+浏览器下XMLHttpRequest跨域请求安全配置
- CXF密码验证_服务端和客户端配置
- 通过配置http拦截器,来进行ajax请求验证用户登录的页面跳转
- 使用客户端身份验证方案“Anonymous”禁止 HTTP 请求"错误
- 请求验证过程检测到有潜在危险的客户端输入值,对请求的处理已经中止。该值可能指示存在危及应用程序安全的尝试,如跨站点脚本攻击。若要允许页面重写应用程序请求验证设置
- Android客户端采用Http 协议Post方式请求与服务端进行数据交互
- 宋体请求客户端通过http和服务端进行交互
- 学习笔记之 WCF安全(6) 数字证书 自定义证书验证+ 客户端 证书验证(wshttpBinding)
- http客户端请求及服务端详解
- 《pro Spring》学习笔记之Spring HTTP 远程方法调用集成Tomcat实现安全验证
- HTTP 请求未经客户端身份验证方案“Anonymous”授权。从服务器收到的身份验证标头为“Negotiate,NTLM”。
- spring jmx客户端 和服务端配置
- 学习笔记之 WCF安全(5) 数字证书+ 客户端证书验证(wshttpBinding)