CXF ws-security密码验证
这两天学习webservice 看了很长时间资料决定用cxf , 但把cxf自带的demo转化成自己的代码还是遇到了不小的麻烦。今天终于调通了个简单的示例。
运行环境是tomcat服务器,cxf 2.2.3
这里面为了简单,自采用单向的验证,只验证客户,双向验证类似,在客户端做配置jaxws:inInterceptors就可以了。
在服务端和客户端得回调类里设置密码就可以了,如果不相同就会验证失败,这里面传输的是加密后的密码。也可以传输密码明文
服务器端设置:
1.首先,创建web.xml
<?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <context-param> <param-name>contextConfigLocation</param-name> <param-value>WEB-INF/ws-context.xml WEB-INF/wssec.xml</param-value> </context-param> <listener> <listener-class> org.springframework.web.context.ContextLoaderListener </listener-class> </listener> <servlet> <servlet-name>CXFServlet</servlet-name> <display-name><B style="BACKGROUND-COLOR: #ffff66; COLOR: black">CXF</B> Servlet</display-name> <servlet-class> org.apache.<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.transport.servlet.CXFServlet </servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>CXFServlet</servlet-name> <url-pattern>/*</url-pattern> </servlet-mapping> </web-app> <!-- END SNIPPET: webxml -->
<?xml version="1.0" encoding="UTF-8"?> <!-- START SNIPPET: beans --> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/jaxws http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/schemas/jaxws.xsd"> <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.xml" /> <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>-extension-soap.xml" /> <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>-servlet.xml" /> <jaxws:endpoint id="webServiceSample" address="/WebServiceSample" implementor="cn.org.coral.biz.examples.webservice.WebServiceSampleImpl"> <jaxws:inInterceptors> <bean /> <bean value="UsernameToken Timestamp" /> <entry key="passwordType" value="PasswordDigest" /> <!-- <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="action" value="UsernameToken Timestamp" /> <entry key="passwordType" value="PasswordDigest" /> --> <entry key="passwordCallbackClass" value="cn.org.coral.biz.examples.webservice.handler.WsAuthHandler" /> </map> </constructor-arg> </bean> </jaxws:inInterceptors> </jaxws:endpoint> </beans>
package cn.org.coral.biz.examples.webservice.handler; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class WsAuthHandler implements CallbackHandler{ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; int usage = pc.getUsage(); System.out.println("identifier: " + pc.getIdentifier()); System.out.println("usage: " + pc.getUsage()); pc.setPassword("admin"); } } } package cn.org.coral.biz.examples.webservice.handler;import java.io.IOException;import javax.security.auth.callback.Callback;import javax.security.auth.callback.CallbackHandler;import javax.security.auth.callback.UnsupportedCallbackException;import org.apache.ws.security.WSPasswordCallback;public class WsAuthHandler implements CallbackHandler{public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) {WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];int usage = pc.getUsage();System.out.println("identifier: " + pc.getIdentifier());System.out.println("usage: " + pc.getUsage());pc.setPassword("admin");} }}<?xml version="1.0" encoding="UTF-8"?> <!-- START SNIPPET: beans --> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/jaxws http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/schemas/jaxws.xsd"> <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.xml" /> <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>-extension-soap.xml" /> <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>-servlet.xml" /> <!-- ws clinet --> <bean id="webServiceSampleClient" factory-bean="webServiceSampleClientFactory" factory-method="create" /> <bean id="webServiceSampleClientFactory" value="cn.org.coral.biz.examples.webservice.WebServiceSample" /> <property name="address" value="http://localhost:8080/t/WebServiceSample" /> <property name="outInterceptors"> <list> <bean /> <ref bean="wss4jOutConfiguration" /> </list> </property> </bean> <bean id="wss4jOutConfiguration" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="action" value="UsernameToken Timestamp" /> --> <entry key="action" value="UsernameToken Timestamp" /> <entry key="user" value="ws-client" /> <entry key="passwordType" value="PasswordDigest" /> <entry> <key> <value>passwordCallbackRef</value> </key> <ref bean="passwordCallback" /> </entry> </map> </property> </bean> <bean id="passwordCallback" name="code"><?xml version="1.0" encoding="UTF-8"?><!-- START SNIPPET: beans --><beans xmlns="http://www.springframework.org/schema/beans"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns:jaxws="http://cxf.apache.org/jaxws"xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsdhttp://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"><import resource="classpath:META-INF/cxf/cxf.xml" /><import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /><import resource="classpath:META-INF/cxf/cxf-servlet.xml" /><!-- ws clinet --><bean id="webServiceSampleClient" factory-method="create" /><bean id="webServiceSampleClientFactory"/><property name="address"value="http://localhost:8080/t/WebServiceSample" /> <property name="outInterceptors"><list><bean/><ref bean="wss4jOutConfiguration" /></list></property></bean><bean id="wss4jOutConfiguration"value="UsernameToken" /><entry key="passwordType" value="PasswordText" /><entry key="action" value="UsernameToken Timestamp" /> --><entry key="action" value="UsernameToken Timestamp" /><entry key="user" value="ws-client" /><entry key="passwordType" value="PasswordDigest" /><entry><key><value>passwordCallbackRef</value></key><ref bean="passwordCallback" /></entry></map></property></bean><bean id="passwordCallback"name="code">package cn.org.coral.biz.examples.webservice.handler; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class WsClinetAuthHandler implements CallbackHandler{ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; int usage = pc.getUsage(); System.out.println("identifier: " + pc.getIdentifier()); System.out.println("usage: " + pc.getUsage()); pc.setPassword("admin"); } } } package cn.org.coral.biz.examples.webservice.handler;import java.io.IOException;import javax.security.auth.callback.Callback;import javax.security.auth.callback.CallbackHandler;import javax.security.auth.callback.UnsupportedCallbackException;import org.apache.ws.security.WSPasswordCallback;public class WsClinetAuthHandler implements CallbackHandler{ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; int usage = pc.getUsage(); System.out.println("identifier: " + pc.getIdentifier()); System.out.println("usage: " + pc.getUsage()); pc.setPassword("admin"); } } }