CXF请求带安全验证的webservice 在header头里面添加一个UsernameToken 带用户密码的soap报文信息,如:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="0"> <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-1815911473"> <wsse:Username>bps</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">000000</wsse:Password> </wsse:UsernameToken> </wsse:Security> </soap:Header> <soap:Body> <ns2:begin xmlns="http://exception.model.bps.primeton.com" xmlns:ns2="http://www.primeton.com/WSGlobalTransactionManagerService"/> </soap:Body> </soap:Envelope>
请求方法如下
@Test
public void begin(){
String wsdlUrl="http://127.0.0.1:8080/default/WSGlobalTransactionManagerService?wsdl";
// 创建动态客户端
JaxWsDynamicClientFactory dcf = JaxWsDynamicClientFactory.newInstance();
Client client = dcf.createClient(wsdlUrl);
client.getOutInterceptors().add(new AddSoapHeader());
//输入报文拦截器
// client.getInInterceptors().add(new InInterceptor());
// 输出报文拦截器
// client.getOutInterceptors().add(new OutInterceptor());
Object[] objects = new Object[0];
try {
// invoke("方法名",参数1,参数2,参数3....);
objects = client.invoke("begin");
System.out.println("返回数据 TXID:" + objects[0]);
} catch (Exception e) {
e.printStackTrace();
}
}
如果是客户端代码生成的添加下面红色部分
拦截器代码:
package io.terminus.bps;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;
import javax.xml.namespace.QName;
import org.apache.cxf.binding.soap.SoapHeader;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.DOMUtils;
//import org.apache.cxf.helpers.XMLUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.Phase;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
public class AddSoapHeader extends AbstractSoapInterceptor {
public AddSoapHeader() {
// 指定该拦截器在哪个阶段被激发
super(Phase.WRITE);
}
/**
* <soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="0">
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1815911473">
<wsse:Username>bps</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">000000</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
* @param message
* @throws Fault
*/
public void handleMessage(SoapMessage message) throws Fault {
QName qname = new QName("wsse:Security");//这个值暂时不清楚具体做什么用,可以随便写
Document doc = (Document) DOMUtils.createDocument();
Element wsse = doc.createElement("wsse:Security");
wsse.setAttribute("xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
wsse.setAttribute("soap:mustUnderstand","0");
Element userNameToken = doc.createElement("wsse:UsernameToken");
userNameToken.setAttribute("xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
userNameToken.setAttribute("wsu:Id","UsernameToken-1815911473");
Element userName = doc.createElement("wsse:Username");
userName.setTextContent("bps");
Element passWord = doc.createElement("wsse:Password");
passWord.setAttribute("Type","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
passWord.setTextContent("000000");
userNameToken.appendChild(userName);
userNameToken.appendChild(passWord);
wsse.appendChild(userNameToken);
SoapHeader head = new SoapHeader(qname, wsse);
List<Header> headers = message.getHeaders();
headers.add(head);
System.out.print(headers.size());
}
}