xfire身份验证
xfire通过配置Handler进行身份验证拦截,客户端需要通过加头信息的方式访问webservice服务
此实例是spring和xfire继承的
xfire-servlet.xml文件源码如下:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-2.0.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-2.0.xsd">
<import resource="classpath:org/codehaus/xfire/spring/xfire.xml" />
<bean id="jdbcmsg" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="msg"></property>
</bean>
<bean id="androdao" class="webservice.dao.AndroDao" scope="prototype">
<property name="jdbc" ref="jdbccons"></property>
<property name="jdbcmsg" ref="jdbcmsg"></property>
</bean>
<bean id="synem" class="webservice.impl.EmployeeImpl" scope="prototype">
<property name="xmlpar" ref="xmlparse"></property>
<property name="dao" ref="androdao"></property>
</bean>
<bean
class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="urlMap">
<map>
<entry key="/SynWebService">
<ref bean="synser" />
</entry>
</map>
</property>
</bean>
<bean id="synser"
class="org.codehaus.xfire.spring.remoting.XFireExporter">
<property name="serviceFactory">
<ref bean="xfire.serviceFactory" />
</property>
<property name="xfire">
<ref bean="xfire" />
</property>
<property name="serviceBean">
<ref bean="synem" />
</property>
<property name="serviceClass">
<value>webservice.Iemployee</value>
</property>
<property name="name" value="OA_TYYHZX_MMTB_SERVICE"></property>
<span style="white-space:pre"> </span><!-- 身份验证Handler注册 -->
<property name="inHandlers" ref="auth"/>
</bean>
<bean id="auth" class="webservice.XfireHandler" scope="prototype"></bean>
</beans>
<strong>webservice.XfireHandler</strong>
<span style="font-family: Arial, Helvetica, sans-serif;">package webservice;</span>
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;
import org.apache.log4j.Logger;
import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;
public class XfireHandler extends AbstractHandler {
SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
Logger log = Logger.getLogger(XfireHandler.class);
@SuppressWarnings("unchecked")
public void invoke(MessageContext cfx) throws Exception {
if (cfx.getInMessage().getHeader() == null) {
throw new org.codehaus.xfire.fault.XFireFault("请求必须包含验证信息", org.codehaus.xfire.fault.XFireFault.SENDER);
}
List<Element> tokens = cfx.getInMessage().getHeader().getChildren();
Element token = null;
for (int i = 0; i < tokens.size(); i++) {
Element ele = tokens.get(i);
if ("AuthenticationToken".equals(ele.getName()))token = ele;
}
if (token == null) {
throw new org.codehaus.xfire.fault.XFireFault("请求必须包含身份验证信息", org.codehaus.xfire.fault.XFireFault.SENDER);
}
Element usernames = null;
Element pwd = null;
tokens = token.getChildren();
for (int i = 0; i < tokens.size(); i++) {
Element ele = tokens.get(i);
if ("username".equals(ele.getName())) usernames = ele;
if ("password".equals(ele.getName())) pwd = ele;
}
String username = usernames.getText();
String password = pwd.getText();
try {
// 进行身份验证 ,只有abcd@1234的用户为授权用户
if (username.equals("serviceKS") && password.equals("KS")){
log.info("身份验证通过;调用时间:" + format.format(new Date().getTime()));
System.out.println("身份验证通过;调用时间:" + format.format(new Date().getTime()));
}else{
throw new Exception();
}
} catch (Exception e) {
throw new org.codehaus.xfire.fault.XFireFault("非法的用户名和密码", org.codehaus.xfire.fault.XFireFault.SENDER);
}
}
}
客户端调用需要的头信息配置的Handler
package webservice.impl;
import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;
/**
* 构造授权信息类
*
* @author Administrator
*
*/
public class WebserviceClientHandler extends AbstractHandler {
private String username = "serviceKS"; //用户名
private String password = "KS";//密码
private String ns = "http://webservice"; //命名空间
public WebserviceClientHandler() {
}
public WebserviceClientHandler(String username,String password) {
this.username = username;
this.password = password;
}
public void invoke(MessageContext context) throws Exception {
Element header = new Element("header");
context.getOutMessage().setHeader(header);
Element auth = new Element("AuthenticationToken",ns);
Element username_el = new Element("username");
username_el.addContent(username);
Element password_el = new Element("password");
password_el.addContent(password);
auth.addContent(username_el);
auth.addContent(password_el);
header.addContent(auth);
}
}<strong>
</strong>
客户端主体调用程序代码
public static void main(String[] args) {
Service srModel = new ObjectServiceFactory().create(Iemployee.class);
XFireProxyFactory factory = new XFireProxyFactory(XFireFactory.newInstance().getXFire());
String endPoint = "http://localhost:8080/jszyDemo/service/OA_TYYHZX_MMTB_SERVICE";
try {
Iemployee emp = (Iemployee) factory.create(srModel, endPoint);
Client client = ((XFireProxy) Proxy.getInvocationHandler(emp)).getClient();
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="white-space:pre"> </span>// 客户端加头信息</span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="white-space:pre"> </span>client.addOutHandler(new WebserviceClientHandler());</span>
String xml = "<?xml version=\"1.0\" encoding=\"gb2312\"?><DATASETS>" +
"<DATASET>" +
"<USER_ID>jszy</USER_ID>" +
"<USER_NAME>管理员</USER_NAME>" +
"<DEP_ID>001000119</DEP_ID>" +
"<DEP_NAME>信息中心</DEP_NAME>" +
"<PASSWORD>111111</PASSWORD>" +
"<BG_DATE>2011-10-26 14:14:14</BG_DATE>" +
"<LEVELGROUPID>00100000</LEVELGROUPID>" +
"</DATASET></DATASETS>";
System.out.println(xml);
String msg = emp.OA_TYYHZX_MMTB_SERVICE(xml);
System.out.println(msg);
} catch (Exception e) {
e.printStackTrace();
}
}
这里只给出了验证Handler和客户端调用的方法,你可以根据自己建立的服务,直接套用就可以了