一、服务端代码
接口类
@WebService
public interface HelloWorld {
public String sayHello(String param);
}
实现类
@WebService
public class HelloWorldImpl implements HelloWorld {
@Override
public String sayHello(String param) {
System.out.println("====================>"+param);
return param;
}
}
拦截器回调类
public class ServerPasswordCallback implements CallbackHandler {
private Map<String, String> passwords = new HashMap<String, String>();
public ServerPasswordCallback() {
passwords.put("admin", "admin");
passwords.put("test", "test");
}
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
System.out.println("server:callbacks.length-" + callbacks.length);
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
System.out.println("============>username:"+pc.getIdentifier());
System.out.println("============>password:"+pc.getPassword());
if (!passwords.containsKey(pc.getIdentifier()))
try {
throw new WSSecurityException("user not match");
} catch (WSSecurityException e) {
e.printStackTrace();
}
String pass = passwords.get(pc.getIdentifier());
pc.setPassword(pass);
}
}
}
服务端spring配置
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<bean id="logIn" class="org.apache.cxf.interceptor.LoggingInInterceptor" />
<bean id="logOut" class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
<bean id="saajIn" class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<bean id="wss4jIn" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType" value="PasswordText" />
<entry key="passwordCallbackClass" value="ws.test.server.security.ServerPasswordCallback" />
</map>
</constructor-arg>
</bean>
<jaxws:server id="helloWorld" serviceClass="ws.test.server.HelloWorld"
address="/helloWorldRemote">
<jaxws:inInterceptors>
<ref local="logIn"/>
<ref local="saajIn"/>
<ref local="wss4jIn"/>
</jaxws:inInterceptors>
<jaxws:outInterceptors>
<ref local="logOut"/>
</jaxws:outInterceptors>
<jaxws:serviceBean>
<!-- 要暴露的 bean 的引用 -->
<bean class="ws.test.server.impl.HelloWorldImpl"></bean>
</jaxws:serviceBean>
</jaxws:server>
</beans>
二、 客户端代码
客户端回调处理类
public class ClientPasswordCallback implements CallbackHandler {
private Map<String, String> passwords = new HashMap<String, String>();
public ClientPasswordCallback() {
passwords.put("admin", "admin");
passwords.put("test", "test");
}
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
System.out.println("client:callbacks.length-" + callbacks.length);
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
int usage = pc.getUsage();
if (!passwords.containsKey(pc.getIdentifier()))
try {
throw new WSSecurityException("user not exists ");
} catch (WSSecurityException e) {
e.printStackTrace();
}
String pass = passwords.get(pc.getIdentifier());
if (usage == WSPasswordCallback.USERNAME_TOKEN && pass != null) {
System.out.println("client:pass" + pass);
pc.setPassword(pass);
return;
}
}
}
}
客户端调用代码
JaxWsProxyFactoryBean proxyFactoryBean = new JaxWsProxyFactoryBean();
proxyFactoryBean.setServiceClass(HelloWorld.class);
proxyFactoryBean.setAddress("http://localhost:8085/web/services/wRemote");
proxyFactoryBean.getInInterceptors().add(new LoggingInInterceptor());
proxyFactoryBean.getOutInterceptors().add(new LoggingOutInterceptor());
proxyFactoryBean.getOutInterceptors().add(new SAAJOutInterceptor());
Map<String,Object> param =new HashMap<String,Object>();
param.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
param.put(WSHandlerConstants.USER, "admin");
param.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
param.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wss4jOutInterceptor = new WSS4JOutInterceptor(param);
proxyFactoryBean.getOutInterceptors().add(wss4jOutInterceptor);
HelloWorld hw = (HelloWorld)proxyFactoryBean.create();
System.out.println(hw.sayHello("aaaaa"));
或
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<jaxws:client id="client" serviceClass="ws.test.server.HelloWorld"
address="http://localhost:8080/ws-test-web/services/helloWorldRemote">
<jaxws:inInterceptors>
<bean class="org.apache.cxf.interceptor.LoggingInInterceptor"></bean>
</jaxws:inInterceptors>
<jaxws:outInterceptors>
<bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"></bean>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"></bean>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry
key="#{T(org.apache.ws.security.handler.WSHandlerConstants).ACTION}"
value="#{T(org.apache.ws.security.handler.WSHandlerConstants).USERNAME_TOKEN}" />
<entry
key="#{T(org.apache.ws.security.handler.WSHandlerConstants).USER}"
value="admin" />
<entry
key="#{T(org.apache.ws.security.handler.WSHandlerConstants).PASSWORD_TYPE}"
value="#{T(org.apache.ws.security.WSConstants).PW_TEXT}" />
<entry
key="#{T(org.apache.ws.security.handler.WSHandlerConstants).PW_CALLBACK_CLASS}"
value="ws.test.server.security.ClientPasswordCallback" />
</map>
</constructor-arg>
</bean>
</jaxws:outInterceptors>
</jaxws:client>
</beans>