xfire+Sping+安全认证

xfire+spring+安全认证 简单入门（本人参考了https://www.ibm.com/developerworks/cn/java/j-lo-xfire/和http://www.blogjava.net/fastzch/archive/2008/01/03/172535.html两片文章）

其他的东西可以上网上随便搜一片看看下面贴上我的代码（下面的代码可在我的资料里面下载点击打开链接）

服务端

首先xml中加上下面的代码

<!-- begin XFire 配置 --><servlet><!-- 配合Spring容器中XFire一起工作的Servlet--><servlet-name>xfireServlet</servlet-name><servlet-class>org.codehaus.xfire.spring.XFireSpringServlet</servlet-class></servlet><servlet-mapping><servlet-name>xfireServlet</servlet-name><!-- 在这个URI下开放Web Service服务 --><url-pattern>/services/*</url-pattern></servlet-mapping><servlet-mapping><servlet-name>xfireServlet</servlet-name><!-- 在这个URI下开放Web Service服务 --><url-pattern>/servlet/xfireServlet/*</url-pattern></servlet-mapping>

Service接口：

package com;import java.util.List;public interface WebService {public String hellow(String name);//字符串类型public Student getStudent();//对象类型public List<Student> getList();//集合类型}

Service实现类

package com;import java.util.ArrayList;import java.util.List;public class WebServiceImp implements WebService {public String hellow(String name) {return name + " say hellow!";}public Student getStudent() {return new Student(1, "mdc", 23);}public List<Student> getList() {List<Student> list = new ArrayList<Student>();for (int i = 0; i < 5; i++) {Student student = new Student(i + 1, "a" + (i + 1), i + 1);list.add(student);}return list;}}

在Spring配置文件（applicationContext.xml）中加上如下内容

<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"><beans><import resource="classpath:org/codehaus/xfire/spring/xfire.xml" /><bean id="HelloBean" class="com.WebServiceImp" /><!-- 定义访问的url-->     <bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">        <property name="urlMap">                         <map>                                <entry key="/helloService.ws">                                     <ref bean="HelloWorldService" />                                </entry>                         </map>                 </property>          </bean>     <!-- 使用XFire导出器 --><bean id="baseWebService"class="org.codehaus.xfire.spring.remoting.XFireExporter"lazy-init="false" abstract="true"><!-- 引用xfire.xml中定义的工厂 --><property name="serviceFactory" ref="xfire.serviceFactory" /><!-- 引用xfire.xml中的xfire实例 --><property name="xfire" ref="xfire" /><!-- 安全验证 --><property name="inHandlers" ref="AuthenticationHandler"></property></bean><bean id="HelloWorldService" parent="baseWebService"><!-- 业务服务bean --><property name="serviceBean" ref="HelloBean" /><!-- 业务服务bean的窄接口类 --><property name="serviceClass" value="com.WebService" /></bean><!-- 安全认证 --><bean id="AuthenticationHandler" class="com.AuthenticationHandler"></bean></beans>

定义一个Student实体类目的实现客户端能接收服务端的对象

package com;public class Student {private int id;private String name;private int age;public int getId() {return id;}public void setId(int id) {this.id = id;}public String getName() {return name;}public void setName(String name) {this.name = name;}public int getAge() {return age;}public void setAge(int age) {this.age = age;}public Student(int id, String name, int age) {super();this.id = id;this.name = name;this.age = age;}public Student() {}}

服务端的安全认证

package com;import org.codehaus.xfire.MessageContext;import org.codehaus.xfire.handler.AbstractHandler;import org.jdom.Element;public class AuthenticationHandler extends AbstractHandler {public void invoke(MessageContext cfx) throws Exception {if (cfx.getInMessage().getHeader() == null) {//是否有验证信息throw new org.codehaus.xfire.fault.XFireFault("请求必须包含验证信息",org.codehaus.xfire.fault.XFireFault.SENDER);}Element token = cfx.getInMessage().getHeader().getChild("AuthenticationToken");//AuthenticationToken为自定义元素值if (token == null) {throw new org.codehaus.xfire.fault.XFireFault("请求必须包含身份验证信息",org.codehaus.xfire.fault.XFireFault.SENDER);}String username = token.getChild("Username").getValue();String password = token.getChild("Password").getValue();try {// 进行身份验证 ，只有test@test的用户为授权用户if (username.equals("test") && password.equals("test"))System.out.println("身份验证通过");elsethrow new Exception();} catch (Exception e) {throw new org.codehaus.xfire.fault.XFireFault("非法的用户名和密码",org.codehaus.xfire.fault.XFireFault.SENDER);}}}

最终的目录结构

发布一下输入：http://localhost:8080/xFireServiceServer/services/webService访问一下

到这里服务端已完成下面看客户端

（1）实体student跟服务端的一样，接口ServiceTest与上面的WebService一样。

（2）GetServiceBean类里面有一个静态方法用来访问服务端。

（3）安全认证类ClientPasswordHandler

（4）测试类Test

package com;import java.lang.reflect.Proxy;import java.net.MalformedURLException;import org.codehaus.xfire.client.Client;import org.codehaus.xfire.client.XFireProxy;import org.codehaus.xfire.client.XFireProxyFactory;import org.codehaus.xfire.service.Service;import org.codehaus.xfire.service.binding.ObjectServiceFactory;public class GetServiceBean {private static XFireProxyFactory factory = new XFireProxyFactory();@SuppressWarnings("unchecked")public static Object getBean(String serviceUrl, Class serviceClass) throws MalformedURLException {Service serviceModel = new ObjectServiceFactory().create(serviceClass);Object obj= factory.create(serviceModel, serviceUrl);Client client=((XFireProxy)Proxy.getInvocationHandler(obj)).getClient(); //获取访问服务的客户端    client.addOutHandler(new ClientPasswordHandler("test","test"));//添加流模型和DOM    return obj;}}

package com;import org.codehaus.xfire.MessageContext;import org.codehaus.xfire.handler.AbstractHandler;import org.jdom.Element;@SuppressWarnings("unchecked")public class ClientPasswordHandler extends AbstractHandler {private String username = null;private String password = null;public String getUsername() {return username;}public void setUsername(String username) {this.username = username;}public String getPassword() {return password;}public void setPassword(String password) {this.password = password;}public ClientPasswordHandler(String username, String password) {this.username = username;this.password = password;}public void invoke(MessageContext context) throws Exception {// 为SOAP Header构造验证信息Element el = new Element("header");//标头context.getOutMessage().setHeader(el);Element auth = new Element("AuthenticationToken");//自定义元素Element username_el = new Element("Username");username_el.addContent(username);Element password_el = new Element("Password");password_el.addContent(password);auth.addContent(username_el);auth.addContent(password_el);el.addContent(auth);}}

package com;import java.net.MalformedURLException;import java.util.ArrayList;import java.util.List;public class Test {/** * @param args */public static void main(String[] args) {try {ServiceTest service = (ServiceTest) GetServiceBean.getBean("http://localhost:8080/xFireServiceServer/services/WebService",ServiceTest.class);System.out.println(service.hellow("mdc"));//字符串类型Student student = new Student();student = service.getStudent();//对象类型System.out.println("id:" + student.getId() + " name:"+ student.getName() + " age:" + student.getAge());List<Student> students = new ArrayList<Student>();students = service.getList();//集合类型for (int i = 0; i < students.size(); i++) {Student stu = students.get(i);System.out.println("id:" + stu.getId() + " name:"+ stu.getName() + " age:" + stu.getAge());}} catch (MalformedURLException e) {// TODO Auto-generated catch blocke.printStackTrace();}}}

最终目录

测试结果