Web Service修炼之四WS-Security
来源:互联网 发布:php jquery post json 编辑:程序博客网 时间:2024/04/27 15:18
1.服务器实现
将serverStore.jks拷贝到<工程目录>/src/META-INF/xfire的目录下
1、insecurity.properties文件,放在META-INF/xfire/下
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks //密钥库类型
org.apache.ws.security.crypto.merlin.keystore.password=scpass //serverStore.jks的访问密码
org.apache.ws.security.crypto.merlin.file=META-INF/xfire/serverStore.jks//密钥库文件所在位置
2、service.xml文件,放在META-INF/xfire/下
<?xml version="1.0" encoding="UTF-8"?>
<!-- START SNIPPET: services -->
<beans xmlns="http://xfire.codehaus.org/config/1.0">
<service>
<name>SayHelloService</name>
<namespace>http://com.test.wsses/SayHelloService
</namespace>
<serviceClass>com.test.wsses.SayHelloService
</serviceClass>
<implementationClass>com.test.wsses.SayHelloServiceImpl
</implementationClass>
<inHandlers>
<handler
handlerClass="org.codehaus.xfire.util.dom.DOMInHandler"/>
<bean class="org.codehaus.xfire.security.
wss4j.WSS4JInHandler" xmlns="">
<property name="properties">
<props>
<prop key="action">Encrypt</prop>
//Encrypt代表报文加密;Signature代表数字签名
//验证数字签名需要访问保存着client数字证书的密钥库,
/ /通过属性文件提供相应的配置信息。
<prop key="signaturePropFile">
META-INF/xfire/insecurity.properties
</prop>
//解密操作需要访问保存着server私钥的密钥库,
//通过属性文件提供相应的配置信息
<prop key="decryptionPropFile">
META-INF/xfire/insecurity.properties
</prop>
//指定一个密码回调实现类
<prop key="passwordCallbackClass">
com.test.wsses.PasswordHandler
</prop>
</props>
</property>
</bean>
</inHandlers>
</service>
</beans>
<!-- END SNIPPET: services -->
3、PasswordHandler类
package com.test.wsses;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class PasswordHandler implements CallbackHandler {
@SuppressWarnings("unchecked")
private Map passwords = new HashMap();
@SuppressWarnings("unchecked")
public PasswordHandler() {
passwords.put("server", "serverpass");
passwords.put("client", "clientpass");
}
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
System.out.println("Handling Password!");
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
String id = pc.getIdentifer();
System.out.println("id:"+id+" ,password:"+(String) passwords.get(id));
pc.setPassword((String) passwords.get(id));
}
}
2.客户端实现
1、PasswordHandler类
package com.test.wsses;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class PasswordHandler implements CallbackHandler {
@SuppressWarnings("unchecked")
private Map passwords = new HashMap();
@SuppressWarnings("unchecked")
public PasswordHandler() {
passwords.put("server", "serverpass");
passwords.put("client", "clientpass");
}
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
System.out.println("Handling Password!");
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
String id = pc.getIdentifer();
System.out.println("id:"+id+" ,password:"+(String) passwords.get(id));
pc.setPassword((String) passwords.get(id));
}
}
2、outsecurity.properties文件,位于<工程目录>/src/下。
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks //密钥库类型
org.apache.ws.security.crypto.merlin.keystore.password=scpass //clientStore.jks的访问密码
org.apache.ws.security.crypto.merlin.file=clientStore.jks //密钥库文件所在位置
将clientStore.jks拷贝到<工程目录>/src目录下。
3、客户端访问类
package com.test.wsses.client;
import java.net.MalformedURLException;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.codehaus.xfire.client.Client;
import org.codehaus.xfire.client.XFireProxyFactory;
import org.codehaus.xfire.security.wss4j.WSS4JOutHandler;
import org.codehaus.xfire.service.Service;
import org.codehaus.xfire.service.binding.ObjectServiceFactory;
import org.codehaus.xfire.transport.http.CommonsHttpMessageSender;
import org.codehaus.xfire.util.dom.DOMOutHandler;
public class SayHelloClient {
public static void main(String args[]){
String serviceURL = "http://localhost:8080/wsses/services/SayHelloService";
//创建service对象
Service serviceModel = new ObjectServiceFactory().create(SayHelloService.class);
XFireProxyFactory serviceFactory = new XFireProxyFactory();
try{
//获取服务对象
SayHelloService service = (SayHelloService) serviceFactory.create(serviceModel, serviceURL);
//忽略http连接的超时时间,0为不设置超时时间,》=1为超时毫秒数
Client client = Client.getInstance(service);
client.setProperty(CommonsHttpMessageSender.HTTP_TIMEOUT, "0");
WSS4JOutHandler wsOut = new WSS4JOutHandler();
String actions =WSHandlerConstants.ENCRYPT; //报文加密;WSHandlerConstants.SIGNATURE代表数字签名
wsOut.setProperty(WSHandlerConstants.ACTION, actions);
wsOut.setProperty(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");//WSHandlerConstants.SIG_PROP_FILE代表数字签名
wsOut.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PASSWORD_DIGEST);//密码为加密
wsOut.setProperty(WSHandlerConstants.USER, "client"); //用户名为密钥库中密钥对的别名,密码为私钥 的访问密钥(数字签名为client,报文加密为server)
wsOut.setProperty(WSHandlerConstants.ENCRYPTION_USER, "server");//报文加密为server
//wsOut.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName());
//wsOut.setProperty(WSHandlerConstants.SIG_KEY_ID, "IssuerSerial");
client.addOutHandler(new DOMOutHandler());
client.addOutHandler(wsOut);
//调用服务
String helloMsg = service.sayHello("dabing");
System.out.println(helloMsg);
helloMsg = service.sayHello(null);
System.out.println(helloMsg);
} catch (MalformedURLException e){
e.printStackTrace();
}
}
}
运行结果如下:
dabing,早上好,还没有去工作吗 ?
你叫什么名字呢?
- Web Service修炼之四WS-Security
- Web Service修炼之三WS-Security
- Web Service修炼之五WS-Security
- SSL &WS-Security--Web Service安全保障
- SSL &WS-Security--Web Service安全保障
- SSL WS-Security--Web Service安全保障
- Web Service 、WS-Security、Java和.net的互通(在路上-基于SCA规范的应用服务框架成长记之四)
- Web Service 、WS-Security、Java和.net的互通(在路上-基于SCA规范的应用服务框架成长记之四)
- SSL + WS-Security = Web Service安全保障
- 转:SSL &WS-Security--Web Service安全保障
- Web Service 、WS-Security、Java和.net的互通
- SSL + WS-Security = Web Service安全保障
- SSL + WS-Security = Web Service安全保障
- SSL + WS-Security = Web Service安全保障
- SSL + WS-Security = Web Service安全保障
- Web services security (WS-Security)
- 使用策略集构建符合 WS-security 安全规范的 JAX-WS Web Service 客户端
- Web Service修炼之二Xfire+Spring
- CF 560 Gerald's Hexagon
- twisted-01 Echo server and echo client
- CCS调试CSL_intc GlobalEnable,first referenced in ./xxx.obj解决方案
- CodeForces 1B-Spreadsheet
- 数据结构入门——递归
- Web Service修炼之四WS-Security
- Android LruCache初探
- 网络编程系列之八 unp.h环境
- Apache与Nginx的优缺点比较
- [乐意黎原创] php 页面提示 Fatal error: Call to undefined function curl_init()
- Qt 删除资源文件后提示找不到相应文件
- Service基本讲解
- 人人都看得懂的正则表达式教程
- Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException