webservice cxf+spring+WS-security配置示例
来源:互联网 发布:http协议端口号 编辑:程序博客网 时间:2024/05/20 05:09
由于原项目中包含的JAR包太多,直接在里面加可能会引起JAR包冲突造成各种报错,所以推荐另开个项目专门用于接口的编写。
使用到的框架有HIBERNATE(本不想用,原有数据库ID生成策略用了它,不知不用是否可行)、SPRING,个人使用到的最简的JAR包如下:
1、首选配置服务端
与spring整合的配置文件applicationContext-webservice-server.xml 多个服务端都可以在配置文件里统一管理
<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws"xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"><import resource="classpath:META-INF/cxf/cxf.xml" /><import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /><import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> <!-- 添加implementorClass属性来指定实现接口,可以直接看到这些接口参数信息 否则生成的wsdl看不到参数--><!-- 个人会员信息WS--> <jaxws:endpoint id="userServer" implementorClass="com.*.webservice.user.IUserWebService" implementor="#userWebServiceImpl" address="http://localhost:8083/userServer" > <jaxws:inInterceptors><!-- 日志输出以及安全验证 --> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /><!-- 明文的方式传递密码 --> <entry key="user" value="cxfServer" /><!-- 取一个用户名 --> <entry key="passwordCallbackRef"> <ref bean="serverPasswordCallback" /><!-- 密码回调的bean --> </entry> </map> </constructor-arg> </bean> </jaxws:inInterceptors> <jaxws:outInterceptors> <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"/> </jaxws:outInterceptors> <jaxws:inFaultInterceptors> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/> </jaxws:inFaultInterceptors> <jaxws:outFaultInterceptors> <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"/> </jaxws:outFaultInterceptors></jaxws:endpoint> </beans>
对应的验证的回调BEAN ServerPasswordCallback.java
import java.io.IOException;import javax.security.auth.callback.Callback;import javax.security.auth.callback.CallbackHandler;import javax.security.auth.callback.UnsupportedCallbackException;import org.apache.ws.security.WSPasswordCallback;/** * WS验证 * @author * */public class ServerPasswordCallback implements CallbackHandler {@Overridepublic void handle(Callback[] callbacks) throws IOException,UnsupportedCallbackException {// TODO Auto-generated method stubfor (int i = 0; i < callbacks.length; i++) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; String idf = pc.getIdentifier(); if("admin".equals(idf)){ pc.setPassword("password"); } else{ throw new SecurityException("用户不存在"); }}}}
2、业务配置文件applicationContext-common.xml , WS安全验证的回调BEAN以及业务SERVICE在此文件里统一管理
<?xml version="1.0" encoding="UTF-8"?><beansxmlns="http://www.springframework.org/schema/beans"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"> <?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd"> <!-- --><bean id="serverPasswordCallback" class=" com.*.webservice.security.ServerPasswordCallback" /><!--服务端回调密码的BEAN --><bean id="userWebServiceImpl" class="com.*.webservice.user.imp.UserWebServiceImpl"> <!--<property name="commonJdbcDao"><ref bean="commonJdbcDao"/></property><property name="commonDao"><ref bean="commonDao"/></property> --><!-- 测试时无须用到 --></bean></beans>
3、客户端与SPRING整合的配置文件applicationContext-webservice-client.xml
<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws"xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"><import resource="classpath:META-INF/cxf/cxf.xml" /><import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> <bean id="clientPasswordCallback" class=" com.*.webservice.security.ClientPasswordCallback" /><!-- userService --><bean id="userClient" class="com.*.webservice.user.IUserWebService" factory-bean="userClientFactory" factory-method="create"/><bean id="userClientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"> <property name="serviceClass" value="com.*.webservice.user.IUserWebService"/> <property name="address" value="http://localhost:8083/userServer"/> <property name="outInterceptors"><list> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor"/> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="user" value="cxfClient" /> <entry key="passwordCallbackRef"> <ref bean="clientPasswordCallback" /> </entry> </map> </constructor-arg> </bean></list></property> <property name="inInterceptors"><list><bean class="org.apache.cxf.interceptor.LoggingInInterceptor" /></list></property></bean></beans>
客户端回调验证的BEAN ClientPasswordCallback.java
import java.io.IOException;import javax.security.auth.callback.Callback;import javax.security.auth.callback.CallbackHandler;import javax.security.auth.callback.UnsupportedCallbackException;import org.apache.ws.security.WSPasswordCallback;/** * WS验证 * @author * */public class ClientPasswordCallback implements CallbackHandler {@Overridepublic void handle(Callback[] callbacks) throws IOException,UnsupportedCallbackException {// TODO Auto-generated method stubfor(int i = 0; i < callbacks.length; i++){ WSPasswordCallback ps = (WSPasswordCallback) callbacks[i]; ps.setPassword("password");ps.setIdentifier("admin");} }}
4、接口以及测试类
接口
import javax.jws.WebService;@WebServicepublic interface IUserWebService {public String getUserService(String s);}实现
import java.util.List;import javax.jws.WebService;import org.apache.log4j.Logger;import com.fw.webservice.user.IUserWebService;/** * * @author * */@WebService(endpointInterface="com.*.webservice.user.IUserWebService")public class UserWebServiceImpl implements IUserWebService {//private ICommonJdbcDao commonJdbcDao;//private ICommonDao commonDao; public String getUserService(String s) { return "456"; }测试类:
import org.springframework.context.support.ClassPathXmlApplicationContext;public class TestWs {/** * @param args */public static void main(String[] args) {// TODO Auto-generated method stubClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext("applicationContext*.xml"); IUserWebService client = (IUserWebService)context.getBean("userClient"); String response = client.getUserService("123"); System.out.println("Response: " + response); System.exit(0); }}
测试打印出456.
可以单独载入服务端配置文件,浏览器中输入你配置文件中发布的address 本例中的http://localhost:8083/userServer?wsdl查看发布情况
作为WEB项目发布还需要对web.xml配置
<!-- CXF --><servlet> <servlet-name>CXFServlet</servlet-name> <display-name>CXFServlet</display-name> <servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>CXFServlet</servlet-name> <url-pattern>/webservice</url-pattern> </servlet-mapping>
发布后输入http://localhost:8083/userServer?wsdl查看发布情况
客户端中调用
JaxWsProxyFactoryBean bean = new JaxWsProxyFactoryBean(); Map<String, Object> outProps = new HashMap<String, Object>(); outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN); outProps.put(WSHandlerConstants.USER, "cxfClient"); outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName()); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); bean.getOutInterceptors().add(wssOut); bean.setServiceClass(IUserWebService.class); bean.setAddress("http://localhost:8083/userServer"); IUserWebService service = (IUserWebService) bean.create(); service.getUserService("123");
0 0
- webservice cxf+spring+WS-security配置示例
- cxf + spring 的WS-Security示例
- cxf + spring 的WS-Security示例
- CXF+WS-Security+Spring WebService服务器端+客户端及注意问题
- cxf + spring 的WS-Security示例(一)
- cxf + spring 的WS-Security示例(二)
- webservice框架(cxf, axis2, spring-ws)
- WebService CXF学习(高级篇3):WS-Security
- WebService CXF学习(高级篇3):WS-Security
- 浅谈spingmvc 整合CXF +ws-security 实现webservice安全验证
- 浅谈spingmvc 整合CXF +ws-security 实现webservice安全验证
- CXF ws security 案例
- Apache CXF Tutorial – WS-Security with Spring
- CXF学习二(WS-Security)
- apache cxf ws spring
- JAX-WS+spring开发webservice配置
- XFire webservice WS-Security安全
- Spring整合CXF配置WebService服务发布
- FTP连接
- PHP连接MySQL数据库
- ActivityManager
- 正则表达式
- Linux c++ 测试框架 gtest使用简介
- webservice cxf+spring+WS-security配置示例
- HDU 1253 胜利大逃亡(三维BFS)
- proxy-target-class="true" 与proxy-target-class="false"的区别
- proc文件系统详解
- 多线程编程11-----CountDownLatch同步工具类的使用
- MyEclipse定制工具栏和菜单
- Spoj 2916 Can you answer these queries V 线段树 求任意重叠区间的最大子段和
- IOS7.0 Xcode5 AutoLayout 备忘录
- Java的内存回收机制