实现Webservice 中Soap Header 的用户验证

WebService 采用Apache CXF

SoapHeader 中结构如下

   
       
 
 
          
  
  
              
  
  UserOrgID
               
  
  Hubs1
               
  
  password
          
     
 
 

   采用Handler 处理链 来拦截SOAP Message 进行验证
  代码实现:

import java.util.Set;
import javax.xml.namespace.QName;
import javax.xml.soap.Name;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/**
 * AuthenticationHandler.java
 * 
 * @author waterborn
 */
public class AuthenticationHandler implements SOAPHandler
  
   {

    private static final Log log = LogFactory.getLog(AuthenticationHandler.class);

    private boolean checkAuthentication(String userOrgID, String userID, String userPSW) {
        log.debug("checkAuthentication : userOrgID=" + userOrgID + " , userID=" + userID + " ,  userPSW=" + userPSW);
        boolean check = false;
        if ("Hubs1".equals(userID) && "password".equals(userPSW)) {
            check = true;
        }
        return check;
    }

    @SuppressWarnings("unchecked")
    public boolean handleMessage(SOAPMessageContext messageContext) {
        log.debug("LoggingHandler : handleMessage Called....");
        Boolean outboundProperty = (Boolean) messageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
        if (!outboundProperty) { // InBound Message
            String userOrgID = "";
            String userID = "";
            String userPSW = "";
            SOAPMessage message = messageContext.getMessage();
            try {
                SOAPHeader soapHeader = message.getSOAPHeader();
                NodeList nodeList = soapHeader.getChildNodes();
                for (int i = 0; i < nodeList.getLength(); i++) {
                    Node nodeAuth = nodeList.item(i);
                    if (nodeAuth.getNodeType() == Node.ELEMENT_NODE && "Authentication".equals(nodeAuth.getNodeName())) {
                        for (Node node = nodeAuth.getFirstChild(); node != null; node = node.getNextSibling()) {
                            if (node.getNodeType() == Node.ELEMENT_NODE) {
                                if ("UserOrgID".equals(node.getNodeName()) && node.getFirstChild() != null) {
                                    userOrgID = node.getFirstChild().getTextContent();
                                } else if ("UserID".equals(node.getNodeName()) && node.getFirstChild() != null) {
                                    userID = node.getFirstChild().getTextContent();
                                } else if ("UserPSW".equals(node.getNodeName()) && node.getFirstChild() != null) {
                                    userPSW = node.getFirstChild().getTextContent();
                                }
                            }
                        }
                    }
                }
            } catch (SOAPException e) {
                log.warn(e);
                throw new RuntimeException(e);
            }
            if (!checkAuthentication(userOrgID, userID, userPSW)) {
                try {
                    message.getSOAPHeader().removeContents();
                    SOAPBody soapBody = message.getSOAPBody();
                    soapBody.removeContents();
                    SOAPEnvelope envelope = message.getSOAPPart().getEnvelope();
                    Name faultCode = envelope.createName("0001", "", envelope.getNamespaceURI());
                    String faultString = "Invaild userame or password !";
                    soapBody.addFault(faultCode, faultString);
                } catch (SOAPException e) {
                    log.warn(e);
                    throw new RuntimeException(e);
                }
                return false;
            }
        }
        return true;
    }

    public Set
  
   getHeaders() {
        return null;
    }

    public boolean handleFault(SOAPMessageContext messageContext) {
        log.debug("handleFault");
        return true;
    }

    public void close(MessageContext messageContext) {
        log.debug("close");
    }
}
在cxf-bean.xml 配置中插入
    

 
 
      
  
  
    

 
 
  • 0
    点赞
  • 4
    收藏
    觉得还不错? 一键收藏
  • 9
    评论
评论 9
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值