本文鏈接:http://blog.csdn.net/kongxx/article/details/7534035
Apache CXF實戰之一 Hello World Web Service
Apache CXF實戰之四 構建RESTful Web Service
Apache CXF實戰之五 壓縮Web Service數據
我們在使用Web Service的過程中,很多情況是需要對web service請求做認證的,對於運行在web容器裏的應用程序來說,可能會比較簡單一些,通常可以通過filter來做一些處理,但是其實CXF本身也提供了對web service認證的方式。下面來看一下如何實現
1. 首先是一個簡單pojo
- package com.googlecode.garbagecan.cxfstudy.security;
- public class User {
- private String id;
- private String name;
- private String password;
- public String getId() {
- return id;
- }
- public void setId(String id) {
- this.id = id;
- }
- public String getName() {
- return name;
- }
- public void setName(String name) {
- this.name = name;
- }
- public String getPassword() {
- return password;
- }
- public void setPassword(String password) {
- this.password = password;
- }
- }
- package com.googlecode.garbagecan.cxfstudy.security;
- import java.util.List;
- import javax.jws.WebMethod;
- import javax.jws.WebResult;
- import javax.jws.WebService;
- @WebService
- public interface UserService {
- @WebMethod
- @WebResult List<User> list();
- }
- package com.googlecode.garbagecan.cxfstudy.security;
- import java.util.ArrayList;
- import java.util.List;
- public class UserServiceImpl implements UserService {
- public List<User> list() {
- List<User> users = new ArrayList<User>();
- for (int i = 0; i < 10; i++) {
- User user = new User();
- user.setId("" + i);
- user.setName("user_" + i);
- user.setPassword("password_" + i);
- users.add(user);
- }
- return users;
- }
- }
- package com.googlecode.garbagecan.cxfstudy.security;
- import java.io.IOException;
- import java.util.HashMap;
- import java.util.Map;
- import javax.security.auth.callback.Callback;
- import javax.security.auth.callback.CallbackHandler;
- import javax.security.auth.callback.UnsupportedCallbackException;
- import org.apache.ws.security.WSPasswordCallback;
- public class ServerUsernamePasswordHandler implements CallbackHandler {
- // key is username, value is password
- private Map<String, String> users;
- public ServerUsernamePasswordHandler() {
- users = new HashMap<String, String>();
- users.put("admin", "admin");
- }
- public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
- WSPasswordCallback callback = (WSPasswordCallback) callbacks[0];
- String id = callback.getIdentifier();
- if (users.containsKey(id)) {
- if (!callback.getPassword().equals(users.get(id))) {
- throw new SecurityException("Incorrect password.");
- }
- } else {
- throw new SecurityException("Invalid user.");
- }
- }
- }
- package com.googlecode.garbagecan.cxfstudy.security;
- import java.io.IOException;
- import javax.security.auth.callback.Callback;
- import javax.security.auth.callback.CallbackHandler;
- import javax.security.auth.callback.UnsupportedCallbackException;
- import org.apache.ws.security.WSPasswordCallback;
- public class ClientUsernamePasswordHandler implements CallbackHandler {
- public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
- WSPasswordCallback callback = (WSPasswordCallback) callbacks[0];
- int usage = callback.getUsage();
- System.out.println("identifier: " + callback.getIdentifier());
- System.out.println("usage: " + callback.getUsage());
- if (usage == WSPasswordCallback.USERNAME_TOKEN) {
- callback.setPassword("admin");
- }
- }
- }
- package com.googlecode.garbagecan.cxfstudy.security;
- import java.net.SocketTimeoutException;
- import java.util.HashMap;
- import java.util.List;
- import java.util.Map;
- import javax.xml.ws.WebServiceException;
- import junit.framework.Assert;
- import org.apache.cxf.endpoint.Client;
- import org.apache.cxf.endpoint.Endpoint;
- import org.apache.cxf.frontend.ClientProxy;
- import org.apache.cxf.interceptor.LoggingInInterceptor;
- import org.apache.cxf.interceptor.LoggingOutInterceptor;
- import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;
- import org.apache.cxf.jaxws.JaxWsServerFactoryBean;
- import org.apache.cxf.transport.http.HTTPConduit;
- import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
- import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
- import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
- import org.apache.ws.security.WSConstants;
- import org.apache.ws.security.handler.WSHandlerConstants;
- import org.junit.BeforeClass;
- import org.junit.Test;
- public class UserServiceTest {
- private static final String address = "http://localhost:9000/ws/security/userService";
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
- JaxWsServerFactoryBean factoryBean = new JaxWsServerFactoryBean();
- factoryBean.getInInterceptors().add(new LoggingInInterceptor());
- factoryBean.getOutInterceptors().add(new LoggingOutInterceptor());
- Map<String, Object> props = new HashMap<String, Object>();
- props.put("action", "UsernameToken");
- props.put("passwordType", "PasswordText");
- props.put("passwordCallbackClass", ServerUsernamePasswordHandler.class.getName());
- WSS4JInInterceptor wss4JInInterceptor = new WSS4JInInterceptor(props);
- factoryBean.getInInterceptors().add(wss4JInInterceptor);
- factoryBean.setServiceClass(UserServiceImpl.class);
- factoryBean.setAddress(address);
- factoryBean.create();
- }
- @Test
- public void testList() {
- JaxWsProxyFactoryBean factoryBean = new JaxWsProxyFactoryBean();
- factoryBean.setAddress(address);
- factoryBean.setServiceClass(UserService.class);
- Object obj = factoryBean.create();
- Client client = ClientProxy.getClient(obj);
- Endpoint endpoint = client.getEndpoint();
- Map<String,Object> props = new HashMap<String,Object>();
- props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
- props.put(WSHandlerConstants.USER, "admin");
- props.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
- props.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientUsernamePasswordHandler.class.getName());
- WSS4JOutInterceptor wss4JOutInterceptor = new WSS4JOutInterceptor(props);
- endpoint.getOutInterceptors().add(wss4JOutInterceptor);
- HTTPConduit conduit = (HTTPConduit) client.getConduit();
- HTTPClientPolicy policy = new HTTPClientPolicy();
- policy.setConnectionTimeout(5 * 1000);
- policy.setReceiveTimeout(5 * 1000);
- conduit.setClient(policy);
- UserService service = (UserService) obj;
- try {
- List<User> users = service.list();
- Assert.assertNotNull(users);
- Assert.assertEquals(10, users.size());
- } catch(Exception e) {
- if (e instanceof WebServiceException
- && e.getCause() instanceof SocketTimeoutException) {
- System.err.println("This is timeout exception.");
- } else {
- e.printStackTrace();
- }
- }
- }
- }