1.服务器实现
将serverStore.jks拷贝到<工程目录>/src/META-INF/xfire的目录下
1、insecurity.properties文件,放在META-INF/xfire/下
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin |
2、service.xml文件,放在META-INF/xfire/下
<?xml version="1.0" encoding="UTF-8"?> <!-- START SNIPPET: services --> <beans xmlns="http://xfire.codehaus.org/config/1.0"> <service> <name>SayHelloService</name> <namespace>http://com.test.wsses/SayHelloService </namespace> <serviceClass>com.test.wsses.SayHelloService </serviceClass> <implementationClass>com.test.wsses.SayHelloServiceImpl </implementationClass> <inHandlers> <handler handlerClass="org.codehaus.xfire.util.dom.DOMInHandler"/> <bean class="org.codehaus.xfire.security. wss4j.WSS4JInHandler" xmlns=""> <property name="properties"> <props> <prop key="action">Encrypt</prop> //Encrypt代表报文加密;Signature代表数字签名 //验证数字签名需要访问保存着client数字证书的密钥库, / /通过属性文件提供相应的配置信息。 <prop key="signaturePropFile"> META-INF/xfire/insecurity.properties </prop> //解密操作需要访问保存着server私钥的密钥库, //通过属性文件提供相应的配置信息 <prop key="decryptionPropFile"> META-INF/xfire/insecurity.properties </prop> //指定一个密码回调实现类 <prop key="passwordCallbackClass"> com.test.wsses.PasswordHandler </prop> </props> </property> </bean> </inHandlers> </service> </beans> <!-- END SNIPPET: services --> |
3、PasswordHandler类
package com.test.wsses; import java.io.IOException; import java.util.HashMap; import java.util.Map; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class PasswordHandler implements CallbackHandler { @SuppressWarnings("unchecked") private Map passwords = new HashMap();
@SuppressWarnings("unchecked") public PasswordHandler() { passwords.put("server", "serverpass"); passwords.put("client", "clientpass"); }
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { System.out.println("Handling Password!"); WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; String id = pc.getIdentifer(); System.out.println("id:"+id+" ,password:"+(String) passwords.get(id)); pc.setPassword((String) passwords.get(id)); } } |
2.客户端实现
1、PasswordHandler类
package com.test.wsses; import java.io.IOException; import java.util.HashMap; import java.util.Map; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class PasswordHandler implements CallbackHandler { @SuppressWarnings("unchecked") private Map passwords = new HashMap();
@SuppressWarnings("unchecked") public PasswordHandler() { passwords.put("server", "serverpass"); passwords.put("client", "clientpass"); } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { System.out.println("Handling Password!"); WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; String id = pc.getIdentifer(); System.out.println("id:"+id+" ,password:"+(String) passwords.get(id)); pc.setPassword((String) passwords.get(id)); } } |
2、outsecurity.properties文件,位于<工程目录>/src/下。
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin |
将clientStore.jks拷贝到<工程目录>/src目录下。
3、客户端访问类
package com.test.wsses.client; import java.net.MalformedURLException; import org.apache.ws.security.WSConstants; import org.apache.ws.security.handler.WSHandlerConstants; import org.codehaus.xfire.client.Client; import org.codehaus.xfire.client.XFireProxyFactory; import org.codehaus.xfire.security.wss4j.WSS4JOutHandler; import org.codehaus.xfire.service.Service; import org.codehaus.xfire.service.binding.ObjectServiceFactory; import org.codehaus.xfire.transport.http.CommonsHttpMessageSender; import org.codehaus.xfire.util.dom.DOMOutHandler; public class SayHelloClient { public static void main(String args[]){ String serviceURL = "http://localhost:8080/wsses/services/SayHelloService"; //创建service对象 Service serviceModel = new ObjectServiceFactory().create(SayHelloService.class); XFireProxyFactory serviceFactory = new XFireProxyFactory(); try{ //获取服务对象 SayHelloService service = (SayHelloService) serviceFactory.create(serviceModel, serviceURL);
//忽略http连接的超时时间,0为不设置超时时间,》=1为超时毫秒数 Client client = Client.getInstance(service); client.setProperty(CommonsHttpMessageSender.HTTP_TIMEOUT, "0");
WSS4JOutHandler wsOut = new WSS4JOutHandler(); String actions =WSHandlerConstants.ENCRYPT; //报文加密;WSHandlerConstants.SIGNATURE代表数字签名 wsOut.setProperty(WSHandlerConstants.ACTION, actions); wsOut.setProperty(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");//WSHandlerConstants.SIG_PROP_FILE代表数字签名
wsOut.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PASSWORD_DIGEST);//密码为加密 wsOut.setProperty(WSHandlerConstants.USER, "client"); //用户名为密钥库中密钥对的别名,密码为私钥 的访问密钥(数字签名为client,报文加密为server)
wsOut.setProperty(WSHandlerConstants.ENCRYPTION_USER, "server");//报文加密为server
//wsOut.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName()); //wsOut.setProperty(WSHandlerConstants.SIG_KEY_ID, "IssuerSerial"); client.addOutHandler(new DOMOutHandler()); client.addOutHandler(wsOut);
//调用服务 String helloMsg = service.sayHello("dabing"); System.out.println(helloMsg); helloMsg = service.sayHello(null); System.out.println(helloMsg); } catch (MalformedURLException e){ e.printStackTrace(); } } } |
运行结果如下:
dabing,早上好,还没有去工作吗 ?
你叫什么名字呢?
<!--EndFragment-->