spring boot cxf 安全認證

項目結構

spring boot cxf

https://blog.csdn.net/qq_26264237/article/details/105373000

在上個項目基礎上修改

安全認證使用spring-ws-security

	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-parent</artifactId>
		<version>1.4.5.RELEASE</version>
	</parent>
	<properties>
		<maven.compiler.source>1.8</maven.compiler.source>
		<maven.compiler.target>1.8</maven.compiler.target>
	</properties>
	<dependencies>
		<dependency>
			<groupId>org.apache.cxf</groupId>
			<artifactId>cxf-spring-boot-starter-jaxws</artifactId>
			<version>3.1.12</version>
		</dependency>
		<dependency>
			<groupId>org.springframework.ws</groupId>
			<artifactId>spring-ws-security</artifactId>
		</dependency>
	</dependencies>

AuthInterceptor爲權限過濾

import java.util.List;
import org.apache.cxf.binding.soap.SoapHeader;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.opensaml.ws.soap.common.SOAPException;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
@Component
public class AuthInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
	private static final String USERNAME = "root";
	private static final String PASSWORD = "admin";
	public AuthInterceptor() {
		// 定義在哪個階段進行攔截
		super(Phase.PRE_PROTOCOL);
	}
	@Override
	public void handleMessage(SoapMessage soapMessage) throws Fault {
		List<Header> headers = soapMessage.getHeaders();
		String username = null;
		String password = null;
		if (headers == null || headers.isEmpty()) {
			throw new Fault(new IllegalArgumentException("找不到Header，無法驗證用戶信息"));
		}
		// 獲取用戶名,密碼
		for (Header header : headers) {
			SoapHeader soapHeader = (SoapHeader) header;
			Element e = (Element) soapHeader.getObject();
			username = e.getAttribute("username");
			password = e.getAttribute("password");
			if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
				throw new Fault(new IllegalArgumentException("用戶信息爲空"));
			}
		}
		// 校驗用戶名密碼
		if (!(USERNAME.equals(username) && PASSWORD.equals(password))) {
			SOAPException soapExc = new SOAPException("認證失敗");
			System.err.println("用戶認證信息錯誤");
			throw new Fault(soapExc);
		}
	}
}

@Configuration
public class CxfConfig {
	@Autowired
	private Bus bus;
	@Autowired
	private HelloService helloService;
	@Autowired
	AuthInterceptor authInterceptor;
	@Bean
	public Endpoint endpoint() {
		EndpointImpl endpoint = new EndpointImpl(bus, helloService);
		endpoint.publish("/helloService");
		endpoint.getInInterceptors().add(authInterceptor);
		// 訪問連接： http://localhost:8080/services/helloService?wsdl
		return endpoint;
	}
}

啓動後訪問

訪問連接： http://localhost:8080/services/helloService?wsdl
是否增加過濾器對生成的wsdl文件並無影響

客戶端增加認證信息(soapHeader)

	<dependencies>
		<dependency>
			<groupId>org.apache.commons</groupId>
			<artifactId>commons-lang3</artifactId>
			<version>3.10</version>
		</dependency>
		<dependency>
			<groupId>org.apache.cxf</groupId>
			<artifactId>cxf-rt-transports-http</artifactId>
			<version>3.1.12</version>
		</dependency>
		<dependency>
			<groupId>org.apache.cxf</groupId>
			<artifactId>cxf-rt-frontend-jaxws</artifactId>
			<version>3.1.12</version>
		</dependency>
	</dependencies>

/**
 * 添加soapHeader
 */
public class ClientCheckInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
	private static final String USERNAME = "root";
	private static final String PASSWORD = "admin";
	public ClientCheckInterceptor() {
		super(Phase.PREPARE_SEND);
	}
	@Override
	public void handleMessage(SoapMessage message) throws Fault {
		List<Header> headers = message.getHeaders();
		Document document = DOMUtils.createDocument();
		Element authorEle = document.createElement("author");
		authorEle.setAttribute("username", USERNAME);
		authorEle.setAttribute("password", PASSWORD);
		headers.add(new Header(new QName(""), authorEle));
	}
}

import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.junit.Test;
import com.sky.cxf01.interceptor.ClientCheckInterceptor;
import com.sky.cxf01.service.HelloService;
import com.sky.cxf01.service.impl.HelloServiceImplService;
public class DemoClient {
	@Test
	public void testCxfSecurityServer() {
		HelloService service = new HelloServiceImplService().getHelloServiceImplPort();
		Client client = ClientProxy.getClient(service);
		client.getOutInterceptors().add(new ClientCheckInterceptor());
		String sayHello = service.sayHello("Lebron");
		System.err.println("sayHello=" + sayHello);
		// sayHello=Hello, Lebron
	}
}