注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

和申的个人主页

专注于java开发,1985wanggang

 
 
 

日志

 
 

CXF ws-security密码验证  

2009-10-16 16:03:48|  分类: 项目开发 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
org.quartz.impl.jdbcjobstore.LockException: Failure obtaining db row lock: - 和申 - 和申的个人主页
这两天学习webservice 看了很长时间资料决定用cxf , 但把cxf自带的demo转化成自己的代码还是遇到了不小的麻烦。今天终于调通了个简单的示例。
    运行环境是tomcat服务器,cxf 2.2.3
    这里面为了简单,自采用单向的验证,只验证客户,双向验证类似,在客户端做配置jaxws:inInterceptors就可以了。
   在服务端和客户端得回调类里设置密码就可以了,如果不相同就会验证失败,这里面传输的是加密后的密码。也可以传输密码明文

服务器端设置:
    1.首先,创建web.xml
Java代码 复制代码
  1. <?xml version="1.0" encoding="ISO-8859-1"?>   
  2.   
  3. <!DOCTYPE web-app   
  4.     PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"  
  5.     "http://java.sun.com/dtd/web-app_2_3.dtd">   
  6.   
  7.   
  8. <web-app>   
  9.     <context-param>   
  10.         <param-name>contextConfigLocation</param-name>   
  11.         <param-value>WEB-INF/ws-context.xml WEB-INF/wssec.xml</param-value>   
  12.     </context-param>   
  13.   
  14.     <listener>   
  15.         <listener-class>   
  16.             org.springframework.web.context.ContextLoaderListener   
  17.         </listener-class>   
  18.     </listener>   
  19.   
  20.     <servlet>   
  21.         <servlet-name>CXFServlet</servlet-name>   
  22.         <display-name>CXF Servlet</display-name>   
  23.         <servlet-class>   
  24.             org.apache.cxf.transport.servlet.CXFServlet   
  25.         </servlet-class>   
  26.         <load-on-startup>1</load-on-startup>   
  27.     </servlet>   
  28.   
  29.     <servlet-mapping>   
  30.         <servlet-name>CXFServlet</servlet-name>   
  31.         <url-pattern>/*</url-pattern>   
  32.     </servlet-mapping>   
  33. </web-app>   
  34. <!-- END SNIPPET: webxml -->  
<?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <context-param> <param-name>contextConfigLocation</param-name> <param-value>WEB-INF/ws-context.xml WEB-INF/wssec.xml</param-value> </context-param> <listener> <listener-class> org.springframework.web.context.ContextLoaderListener </listener-class> </listener> <servlet> <servlet-name>CXFServlet</servlet-name> <display-name>CXF Servlet</display-name> <servlet-class> org.apache.cxf.transport.servlet.CXFServlet </servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>CXFServlet</servlet-name> <url-pattern>/*</url-pattern> </servlet-mapping> </web-app> <!-- END SNIPPET: webxml -->


   2.创建ws-context.xml用于发布webservice
Java代码 复制代码
  1. <?xml version="1.0" encoding="UTF-8"?>   
  2.   
  3. <!-- START SNIPPET: beans -->   
  4. <beans xmlns="http://www.springframework.org/schema/beans"  
  5.     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
  6.     xmlns:jaxws="http://cxf.apache.org/jaxws"  
  7.     xsi:schemaLocation="   
  8. http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd   
  9. http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">   
  10.   
  11.     <import resource="classpath:META-INF/cxf/cxf.xml" />   
  12.     <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />   
  13.     <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />   
  14.     <jaxws:endpoint id="webServiceSample"  
  15.         address="/WebServiceSample" implementor="cn.org.coral.biz.examples.webservice.WebServiceSampleImpl">   
  16.   
  17.         <jaxws:inInterceptors>   
  18.             <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />   
  19.             <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">   
  20.                 <constructor-arg>   
  21.                     <map>   
  22.                            
  23.                            
  24.                         <entry key="action" value="UsernameToken Timestamp" />   
  25.                         <entry key="passwordType" value="PasswordDigest" />   
  26.                             
  27.                          <!--    
  28.                          <entry key="action" value="UsernameToken" />   
  29.                         <entry key="passwordType" value="PasswordText" />   
  30.                         <entry key="action" value="UsernameToken Timestamp" />   
  31.                         <entry key="passwordType" value="PasswordDigest" />   
  32.                          -->   
  33.                         <entry key="passwordCallbackClass" value="cn.org.coral.biz.examples.webservice.handler.WsAuthHandler" />   
  34.                     </map>   
  35.                 </constructor-arg>   
  36.             </bean>   
  37.         </jaxws:inInterceptors>      
  38.   
  39.     </jaxws:endpoint>   
  40.   
  41. </beans>  
<?xml version="1.0" encoding="UTF-8"?> <!-- START SNIPPET: beans --> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> <jaxws:endpoint id="webServiceSample" address="/WebServiceSample" implementor="cn.org.coral.biz.examples.webservice.WebServiceSampleImpl"> <jaxws:inInterceptors> <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" /> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken Timestamp" /> <entry key="passwordType" value="PasswordDigest" /> <!-- <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="action" value="UsernameToken Timestamp" /> <entry key="passwordType" value="PasswordDigest" /> --> <entry key="passwordCallbackClass" value="cn.org.coral.biz.examples.webservice.handler.WsAuthHandler" /> </map> </constructor-arg> </bean> </jaxws:inInterceptors> </jaxws:endpoint> </beans>


    3.拦截处理类 验证密码
Java代码 复制代码
  1. package cn.org.coral.biz.examples.webservice.handler;   
  2.   
  3. import java.io.IOException;   
  4.   
  5. import javax.security.auth.callback.Callback;   
  6. import javax.security.auth.callback.CallbackHandler;   
  7. import javax.security.auth.callback.UnsupportedCallbackException;   
  8.   
  9. import org.apache.ws.security.WSPasswordCallback;   
  10.   
  11. public class WsAuthHandler  implements CallbackHandler{   
  12.   
  13.     public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {   
  14.          for (int i = 0; i < callbacks.length; i++) {   
  15.             WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];   
  16.             int usage = pc.getUsage();   
  17.   
  18.             System.out.println("identifier: " + pc.getIdentifier());   
  19.             System.out.println("usage: " + pc.getUsage());   
  20.   
  21.             pc.setPassword("admin");   
  22.   
  23.         }    
  24.     }   
  25.   
  26. }  
package cn.org.coral.biz.examples.webservice.handler; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class WsAuthHandler implements CallbackHandler{ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; int usage = pc.getUsage(); System.out.println("identifier: " + pc.getIdentifier()); System.out.println("usage: " + pc.getUsage()); pc.setPassword("admin"); } } }


客户端配置:
    1.wsclient-context.xml
Java代码 复制代码
  1. <?xml version="1.0" encoding="UTF-8"?>   
  2.   
  3. <!-- START SNIPPET: beans -->   
  4. <beans xmlns="http://www.springframework.org/schema/beans"  
  5.     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
  6.     xmlns:jaxws="http://cxf.apache.org/jaxws"  
  7.     xsi:schemaLocation="   
  8. http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd   
  9. http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">   
  10.   
  11.     <import resource="classpath:META-INF/cxf/cxf.xml" />   
  12.     <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />   
  13.     <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />   
  14.   
  15.   
  16.     <!-- ws clinet -->   
  17.     <bean id="webServiceSampleClient" class="cn.org.coral.biz.examples.webservice.WebServiceSample"  
  18.         factory-bean="webServiceSampleClientFactory" factory-method="create" />   
  19.   
  20.   
  21.     <bean id="webServiceSampleClientFactory"  
  22.         class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">   
  23.         <property name="serviceClass"  
  24.             value="cn.org.coral.biz.examples.webservice.WebServiceSample" />   
  25.         <property name="address"  
  26.             value="http://localhost:8080/t/WebServiceSample" />   
  27.                 
  28.         <property name="outInterceptors">   
  29.             <list>   
  30.                 <bean   
  31.                     class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" />   
  32.                 <ref bean="wss4jOutConfiguration" />   
  33.             </list>   
  34.         </property>   
  35.            
  36.     </bean>   
  37.   
  38.     <bean id="wss4jOutConfiguration"  
  39.         class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">   
  40.         <property name="properties">   
  41.             <map>   
  42.                 <!--    
  43.                 <entry key="action" value="UsernameToken" />                 
  44.                 <entry key="passwordType" value="PasswordText" />   
  45.                 <entry key="action" value="UsernameToken Timestamp" />   
  46.                  -->            
  47.                    
  48.                 <entry key="action" value="UsernameToken Timestamp" />   
  49.                 <entry key="user" value="ws-client" />   
  50.                 <entry key="passwordType" value="PasswordDigest" />   
  51.                 <entry>   
  52.                     <key>   
  53.                         <value>passwordCallbackRef</value>   
  54.                     </key>   
  55.                     <ref bean="passwordCallback" />   
  56.                 </entry>   
  57.             </map>   
  58.         </property>   
  59.     </bean>   
  60.     <bean id="passwordCallback"  
  61.         class="cn.org.coral.biz.examples.webservice.handler.WsClinetAuthHandler">   
  62.     </bean>   
  63.   
  64. </beans>  
<?xml version="1.0" encoding="UTF-8"?> <!-- START SNIPPET: beans --> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> <!-- ws clinet --> <bean id="webServiceSampleClient" class="cn.org.coral.biz.examples.webservice.WebServiceSample" factory-bean="webServiceSampleClientFactory" factory-method="create" /> <bean id="webServiceSampleClientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"> <property name="serviceClass" value="cn.org.coral.biz.examples.webservice.WebServiceSample" /> <property name="address" value="http://localhost:8080/t/WebServiceSample" /> <property name="outInterceptors"> <list> <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" /> <ref bean="wss4jOutConfiguration" /> </list> </property> </bean> <bean id="wss4jOutConfiguration" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <property name="properties"> <map> <!-- <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="action" value="UsernameToken Timestamp" /> --> <entry key="action" value="UsernameToken Timestamp" /> <entry key="user" value="ws-client" /> <entry key="passwordType" value="PasswordDigest" /> <entry> <key> <value>passwordCallbackRef</value> </key> <ref bean="passwordCallback" /> </entry> </map> </property> </bean> <bean id="passwordCallback" class="cn.org.coral.biz.examples.webservice.handler.WsClinetAuthHandler"> </bean> </beans>


    2.验证密码类
Java代码 复制代码
  1. package cn.org.coral.biz.examples.webservice.handler;   
  2.   
  3. import java.io.IOException;   
  4.   
  5. import javax.security.auth.callback.Callback;   
  6. import javax.security.auth.callback.CallbackHandler;   
  7. import javax.security.auth.callback.UnsupportedCallbackException;   
  8.   
  9. import org.apache.ws.security.WSPasswordCallback;   
  10.   
  11. public class WsClinetAuthHandler  implements CallbackHandler{   
  12.   
  13.   
  14.     public void handle(Callback[] callbacks) throws IOException,    
  15.                     UnsupportedCallbackException {    
  16.             for (int i = 0; i < callbacks.length; i++) {    
  17.                     WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];    
  18.                     int usage = pc.getUsage();    
  19.   
  20.   
  21.                     System.out.println("identifier: " + pc.getIdentifier());    
  22.                     System.out.println("usage: " + pc.getUsage());    
  23.                        
  24.                     pc.setPassword("admin");    
  25.   
  26.             }    
  27.     }    
  28.   
  29. }  
package cn.org.coral.biz.examples.webservice.handler; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class WsClinetAuthHandler implements CallbackHandler{ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; int usage = pc.getUsage(); System.out.println("identifier: " + pc.getIdentifier()); System.out.println("usage: " + pc.getUsage()); pc.setPassword("admin"); } } }





  

org.quartz.impl.jdbcjobstore.LockException: Failure obtaining db row lock: - 和申 - 和申的个人主页

轻松一下看看:笑话


统计信息唧唧歪歪唧唧网ggyygg.net
  评论这张
 
阅读(3648)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2016