CXF ws-security密码验证

最新推荐文章于 2023-03-22 11:28:39 发布

abka

最新推荐文章于 2023-03-22 11:28:39 发布

阅读量263

点赞数

分类专栏： Java 文章标签： Security WebService Apache XML SOAP

本文链接：https://blog.csdn.net/asdcls/article/details/83523609

版权

Java 专栏收录该内容

25 篇文章 0 订阅

订阅专栏

这两天学习webservice 看了很长时间资料决定用cxf ，但把cxf自带的demo转化成自己的代码还是遇到了不小的麻烦。今天终于调通了个简单的示例。
运行环境是tomcat服务器，cxf 2.2.3
这里面为了简单，自采用单向的验证，只验证客户，双向验证类似，在客户端做配置jaxws:inInterceptors就可以了。
在服务端和客户端得回调类里设置密码就可以了，如果不相同就会验证失败，这里面传输的是加密后的密码。也可以传输密码明文

服务器端设置：
1.首先，创建web.xml

<?xml version="1.0" encoding="ISO-8859-1"?>   

<!DOCTYPE web-app   
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"  
    "http://java.sun.com/dtd/web-app_2_3.dtd">   


<web-app>   
    <context-param>   
        <param-name>contextConfigLocation</param-name>   
        <param-value>WEB-INF/ws-context.xml WEB-INF/wssec.xml</param-value>   
    </context-param>   

    <listener>   
        <listener-class>   
            org.springframework.web.context.ContextLoaderListener   
        </listener-class>   
    </listener>   

    <servlet>   
        <servlet-name>CXFServlet</servlet-name>   
        <display-name><B style="BACKGROUND-COLOR: #ffff66; COLOR: black">CXF</B> Servlet</display-name>   
        <servlet-class>   
            org.apache.<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.transport.servlet.CXFServlet   
        </servlet-class>   
        <load-on-startup>1</load-on-startup>   
    </servlet>   

    <servlet-mapping>   
        <servlet-name>CXFServlet</servlet-name>   
        <url-pattern>/*</url-pattern>   
    </servlet-mapping>   
</web-app>   
<!-- END SNIPPET: webxml -->

2.创建ws-context.xml用于发布webservice

<?xml version="1.0" encoding="UTF-8"?>   

<!-- START SNIPPET: beans -->   
<beans xmlns="http://www.springframework.org/schema/beans"  
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
    xmlns:jaxws="http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/jaxws"  
    xsi:schemaLocation="   
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd   
http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/jaxws http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/schemas/jaxws.xsd">   

    <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.xml" />   
    <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>-extension-soap.xml" />   
    <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>-servlet.xml" />   
    <jaxws:endpoint id="webServiceSample"  
        address="/WebServiceSample" implementor="cn.org.coral.biz.examples.webservice.WebServiceSampleImpl">   

        <jaxws:inInterceptors>   
            <bean class="org.apache.<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.binding.soap.saaj.SAAJInInterceptor" />   
            <bean class="org.apache.<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.ws.security.wss4j.WSS4JInInterceptor">   
                <constructor-arg>   
                    <map>   


                        <entry key="action" value="UsernameToken Timestamp" />   
                        <entry key="passwordType" value="PasswordDigest" />   

                         <!--    
                         <entry key="action" value="UsernameToken" />   
                        <entry key="passwordType" value="PasswordText" />   
                        <entry key="action" value="UsernameToken Timestamp" />   
                        <entry key="passwordType" value="PasswordDigest" />   
                         -->   
                        <entry key="passwordCallbackClass" value="cn.org.coral.biz.examples.webservice.handler.WsAuthHandler" />   
                    </map>   
                </constructor-arg>   
            </bean>   
        </jaxws:inInterceptors>      

    </jaxws:endpoint>   

</beans>

3.拦截处理类验证密码

package cn.org.coral.biz.examples.webservice.handler;   

import java.io.IOException;   

import javax.security.auth.callback.Callback;   
import javax.security.auth.callback.CallbackHandler;   
import javax.security.auth.callback.UnsupportedCallbackException;   

import org.apache.ws.security.WSPasswordCallback;   

public class WsAuthHandler  implements CallbackHandler{   

    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {   
         for (int i = 0; i < callbacks.length; i++) {   
            WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];   
            int usage = pc.getUsage();   

            System.out.println("identifier: " + pc.getIdentifier());   
            System.out.println("usage: " + pc.getUsage());   

            pc.setPassword("admin");   

        }    
    }   

}

package cn.org.coral.biz.examples.webservice.handler;

import java.io.IOException;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;

import org.apache.ws.security.WSPasswordCallback;

public class WsAuthHandler  implements CallbackHandler{

	public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
		 for (int i = 0; i < callbacks.length; i++) {
			WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
			int usage = pc.getUsage();

			System.out.println("identifier: " + pc.getIdentifier());
			System.out.println("usage: " + pc.getUsage());

			pc.setPassword("admin");

		} 
	}

}

客户端配置：
1.wsclient-context.xml

<?xml version="1.0" encoding="UTF-8"?>   

<!-- START SNIPPET: beans -->   
<beans xmlns="http://www.springframework.org/schema/beans"  
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
    xmlns:jaxws="http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/jaxws"  
    xsi:schemaLocation="   
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd   
http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/jaxws http://<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.apache.org/schemas/jaxws.xsd">   

    <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.xml" />   
    <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>-extension-soap.xml" />   
    <import resource="classpath:META-INF/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>/<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>-servlet.xml" />   


    <!-- ws clinet -->   
    <bean id="webServiceSampleClient" class="cn.org.coral.biz.examples.webservice.WebServiceSample"  
        factory-bean="webServiceSampleClientFactory" factory-method="create" />   


    <bean id="webServiceSampleClientFactory"  
        class="org.apache.<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.jaxws.JaxWsProxyFactoryBean">   
        <property name="serviceClass"  
            value="cn.org.coral.biz.examples.webservice.WebServiceSample" />   
        <property name="address"  
            value="http://localhost:8080/t/WebServiceSample" />   

        <property name="outInterceptors">   
            <list>   
                <bean   
                    class="org.apache.<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.binding.soap.saaj.SAAJOutInterceptor" />   
                <ref bean="wss4jOutConfiguration" />   
            </list>   
        </property>   

    </bean>   

    <bean id="wss4jOutConfiguration"  
        class="org.apache.<B style="BACKGROUND-COLOR: #ffff66; COLOR: black">cxf</B>.ws.security.wss4j.WSS4JOutInterceptor">   
        <property name="properties">   
            <map>   
                <!--    
                <entry key="action" value="UsernameToken" />                 
                <entry key="passwordType" value="PasswordText" />   
                <entry key="action" value="UsernameToken Timestamp" />   
                 -->            

                <entry key="action" value="UsernameToken Timestamp" />   
                <entry key="user" value="ws-client" />   
                <entry key="passwordType" value="PasswordDigest" />   
                <entry>   
                    <key>   
                        <value>passwordCallbackRef</value>   
                    </key>   
                    <ref bean="passwordCallback" />   
                </entry>   
            </map>   
        </property>   
    </bean>   
    <bean id="passwordCallback"  
        class="cn.org.coral.biz.examples.webservice.handler.WsClinetAuthHandler">   
    </bean>   

</beans>

<?xml version="1.0" encoding="UTF-8"?>

<!-- START SNIPPET: beans -->
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:jaxws="http://cxf.apache.org/jaxws"
	xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">

	<import resource="classpath:META-INF/cxf/cxf.xml" />
	<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
	<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />


	<!-- ws clinet -->
	<bean id="webServiceSampleClient" class="cn.org.coral.biz.examples.webservice.WebServiceSample"
		factory-bean="webServiceSampleClientFactory" factory-method="create" />


	<bean id="webServiceSampleClientFactory"
		class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
		<property name="serviceClass"
			value="cn.org.coral.biz.examples.webservice.WebServiceSample" />
		<property name="address"
			value="http://localhost:8080/t/WebServiceSample" />

		<property name="outInterceptors">
			<list>
				<bean
					class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" />
				<ref bean="wss4jOutConfiguration" />
			</list>
		</property>

	</bean>

	<bean id="wss4jOutConfiguration"
		class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
		<property name="properties">
			<map>
				<!-- 
				<entry key="action" value="UsernameToken" />				
				<entry key="passwordType" value="PasswordText" />
				<entry key="action" value="UsernameToken Timestamp" />
				 -->			

				<entry key="action" value="UsernameToken Timestamp" />
				<entry key="user" value="ws-client" />
				<entry key="passwordType" value="PasswordDigest" />
				<entry>
					<key>
						<value>passwordCallbackRef</value>
					</key>
					<ref bean="passwordCallback" />
				</entry>
			</map>
		</property>
	</bean>
	<bean id="passwordCallback"
		class="cn.org.coral.biz.examples.webservice.handler.WsClinetAuthHandler">
	</bean>

</beans>

2.验证密码类

package cn.org.coral.biz.examples.webservice.handler;   

import java.io.IOException;   

import javax.security.auth.callback.Callback;   
import javax.security.auth.callback.CallbackHandler;   
import javax.security.auth.callback.UnsupportedCallbackException;   

import org.apache.ws.security.WSPasswordCallback;   

public class WsClinetAuthHandler  implements CallbackHandler{   


    public void handle(Callback[] callbacks) throws IOException,    
                    UnsupportedCallbackException {    
            for (int i = 0; i < callbacks.length; i++) {    
                    WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];    
                    int usage = pc.getUsage();    


                    System.out.println("identifier: " + pc.getIdentifier());    
                    System.out.println("usage: " + pc.getUsage());    

                    pc.setPassword("admin");    

            }    
    }    

}

package cn.org.coral.biz.examples.webservice.handler;

import java.io.IOException;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;

import org.apache.ws.security.WSPasswordCallback;

public class WsClinetAuthHandler  implements CallbackHandler{


    public void handle(Callback[] callbacks) throws IOException, 
                    UnsupportedCallbackException { 
            for (int i = 0; i < callbacks.length; i++) { 
                    WSPasswordCallback pc = (WSPasswordCallback) callbacks[i]; 
                    int usage = pc.getUsage(); 


                    System.out.println("identifier: " + pc.getIdentifier()); 
                    System.out.println("usage: " + pc.getUsage()); 

                    pc.setPassword("admin"); 

            } 
    } 

}