阅读 104

CXF WebService 授权

服务端添加拦截器

import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import java.util.List;
import org.apache.cxf.binding.soap.SoapHeader;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
import javax.xml.soap.SOAPException;

@Component
public class WsAuthInterceptor extends AbstractPhaseInterceptor {
    private static final String USERNAME = "root";
    private static final String PASSWORD = "admin";

    public WsAuthInterceptor() {
        // 定义在哪个阶段进行拦截
        super(Phase.PRE_PROTOCOL);
    }

    @Override
    public void handleMessage(SoapMessage soapMessage) throws Fault {
        List
 headers = soapMessage.getHeaders();
        String username = null;
        String password = null;
        if (headers == null || headers.isEmpty()) {
            throw new Fault(new IllegalArgumentException("找不到Header,无法验证用户信息"));
        }
        // 获取用户名,密码
        for (Header header : headers) {
            SoapHeader soapHeader = (SoapHeader) header;
            Element e = (Element) soapHeader.getObject();
            username = e.getAttribute("username");
            password = e.getAttribute("password");
            if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
                throw new Fault(new IllegalArgumentException("用户信息为空"));
            }
        }
        // 校验用户名密码
        if (!(USERNAME.equals(username) && PASSWORD.equals(password))) {
            SOAPException soapExc = new SOAPException("认证失败");
            System.err.println("用户认证信息错误");
            throw new Fault(soapExc);
        }
    }
}
 @Bean
    public Endpoint endpoint() {
        EndpointImpl endpoint = new EndpointImpl(springBus(), demoService()); //绑定要发布的服务
        endpoint.publish("/api"); // 暴露webService api,用在资源访问
        endpoint.getInInterceptors().add(wsAuthInterceptor);
        return endpoint;
    }

--------

客户端调用

SOAP UI 


   
       
     
   
      
         
         Test

 

动态调用

@Override
    public String soapDynamicTest(String ip) {
        //创建动态客户端
        JaxWsDynamicClientFactory factory = JaxWsDynamicClientFactory.newInstance();
//        Client client = factory.createClient("http://www.webxml.com.cn/WebServices/IpAddressSearchWebService.asmx?wsdl");
        Client client = factory.createClient("http://192.168.1.216:9090/ws/api?wsdl");
        // 需要密码的情况需要加上用户名和密码
        //client.getOutInterceptors().add(new ClientLoginInterceptor("USER_NAME","PASS_WORD"));
        HTTPConduit conduit = (HTTPConduit) client.getConduit();
        HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
        httpClientPolicy.setConnectionTimeout(2000);  //连接超时
        httpClientPolicy.setAllowChunking(false);    //取消块编码
        httpClientPolicy.setReceiveTimeout(120000);     //响应超时
        conduit.setClient(httpClientPolicy);
        client.getOutInterceptors().add(new ClientCheckInterceptor());


        try{
            Object[] objects = new Object[0];
            // invoke("方法名",参数1,参数2,参数3....);
//            objects = client.invoke("getCountryCityByIp", ip);
            objects = client.invoke("sayHello", ip);
            System.out.println("返回数据:" + objects[0]);
//            return ((ArrayOfString) objects[0]).getString().toString();
            return objects[0].toString();
        }catch (Exception e){
            e.printStackTrace();
        }
        return "";
    }
ClientCheckInterceptor.java
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

import javax.xml.namespace.QName;
import java.util.List;

public class ClientCheckInterceptor extends AbstractPhaseInterceptor {
    private static final String USERNAME = "root";
    private static final String PASSWORD = "admin";
    public ClientCheckInterceptor() {
        super(Phase.PREPARE_SEND);
    }
    @Override
    public void handleMessage(SoapMessage message) throws Fault {
        List
 headers = message.getHeaders();
        Document document = DOMUtils.createDocument();
        Element authorEle = document.createElement("author");
        authorEle.setAttribute("username", USERNAME);
        authorEle.setAttribute("password", PASSWORD);
        headers.add(new Header(new QName(""), authorEle));
    }
}

 

原文:https://www.cnblogs.com/vipsoft/p/14994471.html
文章分类
代码人生
文章标签
cxf
webservice
授权
版权声明:本站是系统测试站点,无实际运营。本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容, 请发送邮件至 XXXXXXo@163.com 举报,一经查实,本站将立刻删除。
相关推荐