WebService —- WSS4J + CXF implements WS-Security (based on UserNameToken)

Share the security verification of wss4j+cxf based on UsernameToken. Noun explanation:

cxf: An open source project under apache, used to publish webservices.
WSS4J: Web Services Security for Java.

Stop talking nonsense, just go to the code.
1. First, all jar packages in cxf, all jar packages in wss4j and log4j.jar need to be imported.
(The version used in this example is: apache-cxf-2.7.3, wss4j-1.6.9)

2. First create a server project and publish a simple helloWorldService. < /p>

Directory structure diagram:

Webservice interface code:

Java code Collection code

  1. package com.wss4j.server;
  2. import javax.jws.WebParam;
  3. import javax.jws.WebService;
  4. @ WebService
  5. public< span class="keyword" style="color: #7f0055; font-weight: bold;">interface HelloWorld{
  6. public String sayHello(@WebParam(name = “name”) String name); li>
  7. < span style="color: black;">}

Webservice implementation class

Java code collection code

  1. packagecom.wss4j. server;
  2. publicclass HelloWorldImplimplements HelloWorld{
  3. @Override
  4. public String sayHello(String name) {
  5. return“Hello”+ name+“^_^!”;
  6. }

Next is the server-side interceptor: ServerPasswordCallback.java

Java code collection code

  1. package com.wss4j.interceptor;
  2. import java.io.IOException;
  3. import javax.security.auth.callback.Callback;
  4. import javax.security.auth.callback.CallbackHandler;
  5. import javax.security.auth.callback.UnsupportedCallbackException;
  6. importorg.apache.ws.security.WSPasswordCallback;
  7. import org.slf4j.Logger;
  8. publicclassServerPasswordCallback implements CallbackHandler{
  9. private Logger logger = org.slf4j.LoggerFactory.getLogger(ServerPasswordCallback.class);
  10. @Override< /li>
  11. publicvoid handle(Callback[]callbacks) throws span> IOException,
  12. UnsupportedCallbackException{
  13. < span style="color: black;">WSPasswordCallbackpc=(WSPasswordCallback)callbacks[0];
  14. // identifier /span>
  15. String identifier= pc.getIdentifier();
  16. // The password obtained here is null, but it does not mean that the server does not get the attribute.
  17. String password = pc.getPassword();
  18. logger.info(< span class="string" style="color: blue;">“identifier:”+identifier);
  19. logger.info(“password:”+password);
  20. if< /span>(identifier!=null&&identifier.equals(“admin”)) {
  21. /**
  22. This should be done here:
  23. 1. Query the database and get in the database The username corresponds to the password
  24. Set a password, wss4j will automatically match the password you set with the password passed by the client
  25. 3. If the same, let it go, otherwise return Insufficient permissions information
  26. **
  27. */
  28. pc.s etPassword(“password”);
  29. }else{
  30. logger.info(“Unauthorized user”);
  31. }

server-beans.xml

Java code collection code

  1. “http://www.springframework.org/schema/beans”
  2. xmlns:xsi=< span class="string" style="color: blue;">“http://www.w3.org/2001/XMLSchema-instance” xmlns:cxf=“http://cxf.apache.org/core”
  3. xmlns:jaxws=“http://cxf.apache.org/jaxws”
  4. xsi:schemaLocation=”http://www.springframework.org/schema/beans
  5. http://www.springframework.org/schema/beans /spring-beans.xsd
  6. http://cxf.apache.org/co re http://cxf.apache.org/schemas/core.xsd
  7. http://cxf.apache.org/jaxws
  8. http://cxf.apache.org/schemas/jaxws.xsd”>
  9. <importresource=“classpath:META-INF/cxf/cxf.xml”
  10. importresource=“classpath:META -INF/cxf/cxf-extension-soap.xml”
  11. <importresource=“classpath :META-INF/cxf/cxf-servlet.xml”
  12. “myPasswordCallback”class=“com.wss4j.interceptor.ServerPasswordCallback”
  13. “helloword”implementor=“com.wss4j.server.HelloWorldImpl”
  14. address=“/helloService”>
  15. class=“org.apache .cxf.ws.security.wss4j.WSS4JInInterceptor”>

  16. “action” value =“UsernameToken”
  17. “passwordType”value= “PasswordText”
  18. “signaturePropFile”value=“…” />
  19.                         “user” value=“FHDServer” />  
  20.                         “passwordCallbackRef”>  
  21.                             “myPasswordCallback” />  
  22.                           
  23.                     

      

  24.                   
  25.               
  26.           
  27.       
  28.       
  29.   

 

 

beans.xml

 

Java代码   收藏代码

  1. “1.0” encoding=“UTF-8”?>  
  2. “http://www.springframework.org/schema/beans”  
  3.     xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”   
  4.     xmlns:jaxws=“http://cxf.apache.org/jaxws”  
  5.     xsi:schemaLocation=”http://www.springframework.org/schema/beans  
  6.                         http://www.springframework.org/schema/beans/spring-beans.xsd  
  7.                         http://cxf.apache.org/jaxws  
  8.                         http://cxf.apache.org/schemas/jaxws.xsd”>  
  9.   
  10.     <import resource=“../cxf/server-beans.xml”/>  
  11.   

 

 

web.xml

 

Java代码   收藏代码

< ol class="dp-j" style="margin-bottom: 1px; padding-top: 2px; padding-bottom: 2px; border: 1px solid #d1d7dc; color: #2b91af;">

  • “1.0” encoding=“UTF-8”?>  
  • “http://www.w3.org/2001/XMLSchema-instance”  
  •     xmlns=“htt p://java.sun.com/xml/ns/javaee” xmlns:web=“http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd”  
  •     xsi:schemaLocation=“http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd”  
  •     id=“WebApp_ID” version=“3.0”>  
  •     wss4j001-cxf-server  
  •       
  •         index.html  
  •         index.htm  
  •         index.js p  
  •         default.html  
  •         default.htm  
  •         default.jsp  
  •       
  •       
  •         contextConfigLocation  
  •         classpath:spring/beans.xml  
  •       
  •       
  •         class>org.springframework.web.context.ContextLoaderListenerclass>  
  •       
  •       
  •         CXFServlet  
  •         class>org.apache.cxf.transport.servlet.CXFServletclass>  
  •         2  
  •       
  •       
  •         CXFServlet  
  •         < url-pattern>/ws/*  
  •       
  •   
  •  

     

      此时,我们的server端就已经搞定了。

           访问链接:http://localhost:8080/wss4j001-cxf-server/ws/helloService?wsdl

      即可看到刚刚发布的webservice的wsdl文件。但是不能直接访问方法,因为我们为其增加了安全校验。

     

    接下来,创建client 端 项目。

       

    具体项目结构如下:


     

    HelloWorldClient.java

     

    Java代码   收藏代码

    1. package com.wss4j.client;  
    2.   
    3. import org.springframework.context.support.ClassPathXmlApplicationContext;  
    4.   
    5. import com.wss4j.server.HelloWorld;  
    6.   
    7. public class HelloWorldClient {  
    8.     public static void main(String[] args) {  
    9.         ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext(  
    10.                 new String[] { “cxf/client-beans.xml” });  
    11.         HelloWorld client = (HelloWorld) context.getBean(“client”);  
    12.         String response = client.sayHello(“Dan”);  
    13.         System.out.println(“Response: “ + response);  
    14.         System.exit (0);  
    15.     }  
    16.   
    17. }  

     

     

     

    客户端添加用户认证拦截器 ClientPasswordCallback.java

     

    Java代码   收藏代码

    1. package com.wss4j.interceptor;  
    2.   
    3. import java.io.IOException;  
    4.   
    5. import javax.security.auth.callback.Callback;  
    6. import javax.security.auth.callback.CallbackHandler;  
    7. import javax.security.auth.callback.UnsupportedCallbackException;  
    8.   
    9. import org.apache.ws.security.WSPasswordCallback;  
    10.   
    11. public class ClientPasswordCallback implements CallbackHandler {  
    12.     @Override  
    13.     public void handle(Callback[] callbacks) throws IOException,  
    14.             UnsupportedCallbackException {  
    15.         WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];  
    16.         String i dent = “admin”;  
    17.         String passwd = “password”;  
    18.         pc.setPassword(passwd);  
    19.         pc.setIdentifier(ident);  
    20.   
    21.     }  
    22. }  

     

     

    client-beans.xml

     

    Java代码   收藏代码

    1. “1.0” encoding=“UTF-8”?>  
    2. “http://www.springframework.org/schema/beans”  
    3.     xmlns:jaxws=“http://cxf.apache.org/jaxws” xmlns:cxf=“http://cxf.apache.org/core”  
    4.     xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”  
    5.     xsi:schemaLocation=”  
    6.           http://www.springframework.org/schema/beans   
    7.           http://www.springframework.org/schema/beans/spring-beans.xsd  
    8.           http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd  
    9.           http://cxf.apache.org/jaxws   
    10.           http://cxf.apache.org/schemas/jaxws.xsd”>  
    11.     “clientPasswordCallback” class=“com.wss4j.interceptor.ClientPasswordCallback” />  
    12.       
    13.     “client” serviceClass=“com.wss4j.server.HelloWorld”  
    14.         address=“http://localhost:8080/wss4j001-cxf-server/ws/helloService”>  
    15.           
    16.             class=“org.apache.cxf.interceptor.LoggingOutInterceptor” />  
    17.             class=“org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor”>  
    18.                   
    19.                     
        
    20.                         “action” value=“UsernameToken” />  
    21.                         “passwordType” value=“PasswordText” />  
    22.                         “user” value=“FHDClient” />  
    23.                         “passwordCallbackRef”>  
    24.                             “clientPasswordCallback” />  
    25.                           
    26.                     

        

    27.                   
    28.               
    29.           
    30.       
    31.   
    32.   

     

     

    接下来,我们需要通过wsdl 生成服务端webservice的客户端java文件。这里使用cxf的wsdl2java命令。

     

    打开cmd命令行:

          1. 进入到 \apache-cxf-2.7.3\apache-cxf-2.7.3\bin 目录下

         

           2. 执行命令:

                   wsdl2ava  -client http://localhost:8080/wss4j001-cxf-server/ws/helloService?wsdl          

     

         3. 生成的java文件就在 \apache-cxf-2.7.3\apache-cxf-2.7.3\bin 目录下,名为com的文件夹。复制文件夹至client项目的src下。

     

     

      接下来,首先将server项目添加到服务器中,启动服务器。然后执行 HelloWorldClient.java中的main方法,就可以访问服务端的webservice了,是不是so easy  ^_^ ..

    分享一下wss4j+cxf基于UsernameToken的安全验证。名词解释:      

          cxf         : apache下的一个开源项目,用于发布webservice。
          WSS4J  : Web Services Security for Java. 

    废话少说,直接上代码。
        1. 首先,需要导入cxf中的所有jar包,及wss4j中的所有jar包与log4j.jar。
              (本例中使用的版本是:apache-cxf-2.7.3,wss4j-1.6.9)
      

      2. 首先建立server 项目,发布一个简单的helloWorldService. 

     

    目录结构图:


     

     
        webservice接口代码:
       

    Java代码   收藏代码

    1. package com.wss4j.server;  
    2.   
    3. import javax.jws.WebParam;  
    4. import javax.jws.WebService;  
    5.   
    6. @WebService  
    7. public interface HelloWorld {  
    8.     public String sayHello(@WebParam(name = “name”) String name);  
    9. }  

     webservice实现类

     

     

    Java代码   收藏代码

    1. package com.wss4j.server;  
    2.   
    3.   
    4. public class HelloWorldImpl implements HelloWorld {  
    5.   
    6.     @Override  
    7.     public String sayHe llo(String name) {  
    8.         return “Hello “ + name + ” ^_^ !”;  
    9.     }  
    10.   
    11. }  

     

     

     接下来是服务端拦截器: ServerPasswordCallback.java

     

    Java代码   收藏代码

    1. package com.wss4j. interceptor;  
    2.   
    3. import java.io.IOException;  
    4.   
    5. import javax.security.auth.callback.Callb ack;  
    6. import javax.security.auth.callback.CallbackHandler;  
    7. import javax.security.auth.callback.UnsupportedCallbackException;  
    8.   
    9. import org.apache.ws.security.WSPasswordCallback;  
    10. import org.slf4j.Logger;  
    11.   
    12. public class Ser verPasswordCallback implements CallbackHandler {  
    13.   
    14.     private Logger logger = org.slf4j.LoggerFactory.getLogger(ServerPasswordCallback.class);  
    15.   
    16.     @Override  
    17.     public void handle(Callback[] callbacks) throws IOException,  
    18.             UnsupportedCallbackException {  
    19.         WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];  
    20.         // 标识符  
    21.         String identifier = pc.getIdentifier();  
    22.                 // 此处获取到的password为null,但是并不代表服务端没有拿到该属性。   
    23.         String password = pc.getPassword();  
    24.         logger.info(“identifier:” + identifier);  
    25.         logger.info(“password:” + password);  
    26.           
    27.         if (identifier != null && identifier.equals(“admin”)) {  
    28.             /**  
    29.              * 此处应该这样做: 
    30.                  * 1. 查询数据库,得到数据库中该用户名对应密码 
    31.                  * 2. 设置密码,wss4j会自动将你设置的密码 与客户端传递的密码进行匹配 
    32.                  * 3. 如果相同,则放行,否则返回权限不足信息  
    33.              *  
    34.              */  
    35.             pc.setPassword(“password”);  
    36.         }else{  
    37.             logger.info(“未授权的用户”);  
    38.         }  
    39.     }  
    40. }  

     

     

    server-beans.xml

     

    Java代码   收藏代码

    1. “http://www.springframework.org/schema/beans”  
    2.     xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance” xmlns:cxf=“http://cxf.apache.org/core”  
    3.     xmlns:jaxws=“http://cxf.apache.org/jaxws”  
    4.     xsi:schemaLocation=”http://www.springframework.org/schema/beans  
    5.                         http://www.springframework.org/schema/beans/spring-beans.xsd  
    6.                         http://cxf.apache.org/core http://cxf.apache.org/schemas/core. xsd  
    7.                         http://cxf.apache.org/jaxws  
    8.                         http://cxf.apache.org/schemas/jaxws.xsd”>  
    9.   
    10.       
    11.   
    12.     <import resource=“classpath:META-INF/cxf/cxf.xml” />  
    13.   
    14.     <import resource=“classpath:META-INF/cxf/cxf-extension-soap.xml” />  
    15.   
    16.     <import resource=“classpath:META-INF/cxf/cxf-servlet.xml” />  
    17.     “myPasswordCallback” class=“com.wss4j.interceptor.ServerPasswordCallback” />  
    18.   
    19.     “helloword” implementor=“com.wss4j.server.HelloWorldImpl”  
    20.         address=“/helloService”>  
    21.           
    22.           
    23.             class=“org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor”>  
    24.                   
    25.                     
        
    26.                         “action” value=“UsernameToken” />  
    27.                         “passwordType” value=“PasswordText” />  
    28.                         “signaturePropFile” value=“…” />  
    29.                         “user” value=“FHDServer” />  
    30.                         “passwordCallbackRef”>  
    31.                             “myPasswordCallback” />  
    32.                           
    33.                     

        

    34.                   
    35.               
    36.           
    37.       
    38.       
    39.   

     

     

    beans.xml

     

    Java代码   收藏代码

    1. “1.0” encoding=“UTF-8”?>  
    2. “http://www.springframework.org/schema/beans”  
    3.     xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”   
    4.     xmlns:jaxws=“http://cxf.apache.org/jaxws”  
    5.     xsi:schemaLocation=”http://www.springframework.org/schema/beans  
    6.                         http://www.springframework.org/schema/beans/spring-beans.xsd  
    7.                         http://cxf.apache.org/jaxws  
    8.                         http://cxf.apache.org/schemas/jaxws.xsd”>  
    9.   
    10.     <import resource=“../cxf/server-beans.xml”/>  
    11.   

     

     

    web.xml

     

    Java代码   收藏代码

    1. “1.0” encoding=“UTF-8”?>  
    2. “http://www.w3.org/2001/XMLSchema-instance”  
    3.     xmlns=“http://java.sun.com/xml/ns/javaee” xmlns:web=“http://java.sun.com/x ml/ns/javaee/web-app_2_5.xsd”  
    4.     xsi:schemaLocation=“http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd”  
    5.     id=“WebApp_ID” version=“3.0”>  
    6.     wss4j001-cxf-server  
    7.       
    8.         index.html  
    9.         index.htm  
    10.         index.jsp  
    11.         default.html  
    12.         default.htm  
    13.         default.jsp  
    14.       
    15.       
    16.         contextConfigLocation  
    17.         classpath:spring/beans.xml  
    18.       
    19.       
    20.         class>org.springframework.web.context.ContextLoaderListenerclass>  
    21.       
    22.       
    23.         CXFServlet  
    24.         class>org.apache.cxf.transport.servlet.CXFServletclass>  
    25.         2  
    26.       
    27.       
    28.         CXFServlet  
    29.         /ws/*  
    30.       
    31.   

     

     

      此时,我们的server端就已经搞定了。

           访问链接:http://localhost:8080/wss4j001-cxf-server/ws/helloService?wsdl

      即可看到刚刚发布的webservice的wsdl文件。但是不能直接访问方法,因为我们为其增加了安全校验。

     

    接下来,创建client 端 项目。

       

    具体项目结构如下:


     

    HelloWorldClient.java

     

    Java代码   收藏代码

    1. package com.wss4j.client;  
    2.   
    3. import org.springframework.context.support.ClassPathXmlApplicationContext;  
    4.   
    5. import com.wss4j.server.HelloWorld;  
    6.   
    7. public class HelloWorldClient {  
    8.     public static void main(String[] args) {  
    9.         ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext(  
    10.                 new String[] { “cxf/client-beans.xml” });  
    11.         HelloWorld client = (HelloWorld) context.getBean(“client”);  
    12.         String response = client.sayHello(“Dan”);  
    13.         System.out.println(“Response: “ + response);  
    14.         System.exit(0);  
    15.     }  
    16.   
    17. }  

     

     

     

    客户端添加用户认证拦截器 ClientPasswordCallback.java

     

    Java代码   收藏代码

    1. package com.wss4j.interceptor;  
    2.   
    3. import java.io.IOException;  
    4.   
    5. import javax.security.auth.callback.Callback;  
    6. import javax.security.auth.callback.CallbackHandler;  
    7. import javax.security.auth.callback.UnsupportedCallbackException;  
    8.   
    9. import org.apache.ws.security.WSPasswordCallback;  
    10.   
    11. public class ClientPasswordCallback implements CallbackHandler {  
    12.     @Override  
    13.     public void handle(Callback[] callbacks) throws IOException,  
    14.             UnsupportedCallbackException {  
    15.         WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];  
    16.         String ident = “admin”;  
    17.         String passwd = “password”;  
    18.         pc.setPassword(passwd);  
    19.         pc.setIdentifier(ident);  
    20.   
    21.     }  
    22. }  

     

     

    client-beans.xml

     

    Java代码   收藏代码

    1. “1.0” encoding=“UTF-8”?>  
    2. “http://www.springframework.org/schema/beans”  
    3.     xmlns:jaxws=“http://cxf.apache.org/jaxws” xmlns:cxf=“http://cxf.apache.org/core”   
    4.     xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”  
    5.     xsi:schemaLocation=”  
    6.           http://www.springframework.org/schema/beans   
    7.           http://www.springframework.org/schema/beans/spring-beans.xsd  
    8.           http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd  
    9.           http://cxf.apache.org/jaxws   
    10.           http://cxf.apache.org/schemas/jaxws.xsd”>  
    11.     “clientPasswordCallback” class=“com.wss4j.interceptor.ClientPasswordCallback” />  
    12.       
    13.     “client” serviceClass=“com.wss4j.server.HelloWorld”  
    14.         address=“http://localhost:8080/wss4j001-cxf-server/ws/helloService”>  
    15.           
    16.             class=“org.apache.cxf.interceptor.LoggingOutInterceptor” />  
    17.             class=“org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor”>  
    18.                   
    19.                     
        
    20.                         “action” value=“UsernameToken” />  
    21.                         “passwordType” value=“PasswordText” />  
    22. < span style="color: black;">                        “user” value=“FHDClient” />  
    23.                         “passwordCallbackRef”>  
    24.                             “clientPasswordCallback” />  
    25.                           
    26.                     

        

    27.                   
    28.               
    29.           
    30.       
    31.   
    32.   

     

     

    接下来,我们需要通过wsdl 生成服务端webservice的客户端java文件。这里使用cxf的wsdl2java命令。

     

    打开cmd命令行:

          1. 进入到 \apache-cxf-2.7.3\apache-cxf-2.7.3\bin 目录下

         

           2. 执行命令:

                   wsdl2ava  -client http://localhost:8080/wss4j001-cxf-server/ws/helloService?wsdl          

     

         3. 生成的java文件就在 \apache-cxf-2.7.3\apache-cxf-2.7.3\bin 目录下,名为com的文件夹。复制文件夹至client项目的src下。

     

     

      接下来,首先将server项目添加到服务器中,启动服务器。然后执行 HelloWorldClient.java中的main方法,就可以访问服务端的webservice了,是不是so easy  ^_^ ..

    Java代码   收藏代码

    1. package com.wss4j.server;  
    2.   
    3. import javax.jws.WebParam;  
    4. import javax.jws.WebService;  
    5.   
    6. @WebService  
    7. public interface HelloWorld {  
    8.     public String sayHello(@WebParam(name = “name”) String name);  
    9. }  

    Java代码   收藏代码

    Java代码   收藏代码

    Java代码   收藏代码

    1. package com.wss4j.server;  
    2.   
    3.   
    4. public class HelloWorldImpl implements HelloWorld {  
    5.   
    6.     @Override  
    7.     public String sayHello(String name) {  
    8.         return “Hello “ + name + ” ^_^ !”;  
    9.     }  
    10.   
    11. }  

    Java代码   收藏代码

    Java代码   收藏代码

    Java代码   收藏代码

    1. package com.wss4j.interceptor;  
    2.   
    3. import java.io.IOException;  
    4.   
    5. import javax.security.auth.callback.Callback;  
    6. import javax.security.auth.callback.CallbackH andler;  
    7. import javax.security.auth.callback.UnsupportedCallbackException;  
    8.   
    9. import org.apache.ws.security.WSPasswordCallback;  
    10. import org.slf4j.Logger;  
    11.   
    12. public class ServerPasswordCallback implements CallbackHandler {  
    13.   
    14.     private Logger logger = org.slf4j.LoggerFactory.getLogger(ServerPasswordCallback.class);  
    15.   
    16.     @Override  
    17.     public void handle(Callback[] callbacks) throws IOException,  
    18.             UnsupportedCallbackException {  
    19.         WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];  
    20.         // 标识符  
    21.         String identifier = pc.getIdentifier();  
    22.                 // 此处获取到的password为null,但是并不代表服务端没有拿到该属性。   
    23.         String password = pc.getPassword();  
    24.         logger.info(“identifier:” + identifier);  
    25.         logger.info(“password:” + password);  
    26.           
    27.         if (identifier != null && identifier.equals(“admin”)) {  
    28.             /**  
    29.              * 此处应该这样做: 
    30.                  * 1. 查询数据库,得到数据库中该用户名对应密码 
    31.                  * 2. 设置密码,wss4j会自动将你设置的密码 与客户端传递的密码进行匹配 
    32.                  * 3. 如果相同,则放行,否则返回权限不足信息  
    33.              *  
    34.              */  
    35.             pc.setPassword(“password”);  
    36.         }else{  
    37.             logger.info(“未授权的用户”);  
    38.         }  
    39.     }  
    40. }  

    Java代码   收藏代码

    Java代码   收藏代码

    Java代码   收藏代码

    1. “http://www.springframework.org/schema/beans”  
    2.     xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance” xmlns:cxf=“http://cxf.apache.org/core”  
    3.     xmlns:jaxws=“http://cxf.apache.org/jaxws”  
    4.     xsi:schemaLocation=”http://www.springframework.org/schema/beans  
    5.                         http://www.springframework.org/schema/beans/spring-beans.xsd  
    6.                         http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd  
    7.                         http://cxf.apache.org/jaxws  
    8.                         http://cxf.apache.org/schemas/jaxws.xsd”>  
    9.   
    10.       
    11.   
    12.     <import resource=“classpath:META-INF/cxf/cxf.xml” />  
    13.   
    14.     <import resource=“classpath:META-INF/cxf/cxf-extension-soap.xml” />  
    15.   
    16.     <import resource=“classpath:META-INF/cxf/cxf-servlet.xml” />  
    17.     “myPasswordCallback” class=“com.wss4j.interceptor.ServerPasswordCallback” />  
    18.   
    19.     “helloword” implementor=“com.wss4j.server.HelloWorldImpl”  
    20.         address=“/helloService”>  
    21.           
    22.           
    23.             class=“org.apache .cxf.ws.security.wss4j.WSS4JInInterceptor”>  
    24.                   
    25.                     
        
    26.                         “action” value=“UsernameToken” />  
    27.                         “passwordType” value=“PasswordText” />  
    28.                         “signaturePropFile” value=“…” />  
    29.                         “user” value=“FHDServer” />  
    30.                         “passwordCallbackRef”>  
    31.                             “myPasswordCallback” />  
    32.                           
    33.                     

        

    34.                   
    35.               
    36.           
    37.       
    38.       
    39.   

    Java代码   收藏代码

    Java代码   收藏代码

    Java代码   收藏代码

    1. “1.0” encoding=“UTF-8”?>  
    2. “http://www.springframework.org/schema/beans”  
    3.     xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”   
    4.     xmlns:jaxws=“http://cxf.apache.org/jaxws”  
    5.     xsi:schemaLocation=”http://www.springframework.org/schema/beans  
    6.                         http://www.springframework.org/schema/beans/spring-beans.xsd  
    7.                         http://cxf.apache.org/jaxws  
    8.                         http://cxf.apache.org/schemas/jaxws.xsd”>  
    9.   
    10.     <import resource=“../cxf/server-beans.xml”/>  
    11.   

    Java代码   收藏代码

    Java代码   收藏代码

    Java代码   收藏代码

    1. “1.0” encoding=“UTF-8”?>  
    2. “http://www.w3.org/2001/XMLSchema-instance”  
    3.     xmlns=“http://java.sun.com/xml/ns/javaee” xmlns:web=“http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd”  
    4.     xsi:schemaLocation=“http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd”  
    5.     id=“WebApp_ID” version=“3.0”>  
    6.     wss4j001-cxf-server  
    7.       
    8.         index.html  
    9.         index.htm  
    10.         index.jsp  
    11.         default.html  
    12.         default.htm  
    13.         default.jsp  
    14.       
    15.       
    16.         contextConfigLocation  
    17.         classpath:spring/beans.xml  
    18.       
    19.       
    20.         class>org.springframework.web.context.ContextLoaderListenerclass>  
    21.       
    22.       
    23.         CXFServlet  
    24.         class>org.apache.cxf.transport.servlet.CXFServletclass>  
    25.         2  
    26.       
    27.       
    28.         CXFServlet  
    29.         /ws/*  
    30.       
    31.   

    Java代码   收藏代码

    Java代码   收藏代码

    Java代码   收藏代码

    1. package com.wss4j.client;  
    2.   
    3. import org.springframework.context.support.ClassPathXmlApplicationContext;  
    4.   
    5. import com.wss4j.server.HelloWorld;  
    6.   
    7. public class HelloWorldClient {  
    8.     public static void main(String[] args) {  
    9.         ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext(  
    10.                 new String[] { “cxf/client-beans.xml” });  
    11.         HelloWorld client = (HelloWorld) context.getBean(“client”);  
    12.         String response = client.sayHello(“Dan”);  
    13.         System.out.println(“Response: “ + response);  
    14.         System.exit(0);  
    15.     }  
    16.   
    17. }  

    Java代码   收藏代码

    Java代码   收藏代码

    Java代码   收藏代码

    1. package com.wss4j.interceptor;  
    2.   
    3. import java.io.IOException;  
    4.   
    5. import javax.security.auth.callback.Callback;  
    6. import javax.security.auth.callback.CallbackHandler;  
    7. import javax.security.auth.callback.UnsupportedCallbackException;  
    8.   
    9. import org.apache.ws.security.WSPasswordCallback;  
    10.   
    11. public class ClientPasswordCallback implements CallbackHandler {  
    12.     @Override  
    13.     public void handle(Callback[] callbacks) throws IOException,  
    14.             UnsupportedCallbackException {  
    15.         WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];  
    16.         String ident = “admin”;  
    17.         String passwd = “password”;  
    18.         pc.setPassword(passwd);  
    19.         pc.setIdentifier(ident);  
    20.   
    21.     }  
    22. }  

    Java代码   收藏代码

    Java代码   收藏代码

    Java代码   收藏代码

    1. “1.0” encoding=“UTF-8”?>  
    2. “http://www.springframework.org/schema/beans”  
    3.     xmlns:jaxws=“http://cxf.apache.org/jaxws” xmlns:cxf=“http://cxf.apache.org/core”  
    4.     xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”  
    5.     xsi:schemaLocation=”  
    6.           http://www.springframework.org/schema/beans   
    7.           http://www.springframework.org/schema/beans/spring-beans.xsd  
    8.           http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd  
    9.           http://cxf.apache.org/jaxws   
    10.           http://cxf.apache.org/schemas/jaxws.xsd”>  
    11.     “clientPasswordCallback” class=“com.wss4j.interceptor.ClientPasswordCallback” />  
    12.       
    13.     “client” serviceClass=“com.wss4j.server.HelloWorld”  
    14.         address=“http://localhost:8080/wss4j001-cxf-server/ws/helloService”>  
    15.           
    16.             class=“org.apache.cxf.interceptor.LoggingOutInterceptor” />  
    17.             class=“org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor”>  
    18.                   
    19.                     
        
    20.                         “action” value=“UsernameToken” />  
    21.                         “passwordType” value=“PasswordText” />  
    22.                         “user” value=“FHDClient” />  
    23.                         “passwordCallbackRef”>  
    24.                             “clientPasswordCallback” />  
    25.                           
    26.                     

        

    27.                   
    28.               
    29.           
    30.       
    31.   
    32.   

    Java代码   收藏代码

    Java代码   收藏代码

    WordPress database error: [Table 'yf99682.wp_s6mz6tyggq_comments' doesn't exist]
    SELECT SQL_CALC_FOUND_ROWS wp_s6mz6tyggq_comments.comment_ID FROM wp_s6mz6tyggq_comments WHERE ( comment_approved = '1' ) AND comment_post_ID = 3486 ORDER BY wp_s6mz6tyggq_comments.comment_date_gmt ASC, wp_s6mz6tyggq_comments.comment_ID ASC

    Leave a Comment

    Your email address will not be published.