xfire和Spring良好的结合,促使我将原有的axis方式改造到xfire方式。下面将整个过程简述一下,首先看一下如何配置xfire。在Web.xml中有两种方式来配置xfire,
一种是通过spring提供的org.springframework.web.servlet.DispatcherServlet来实现,配置方法是这样的:
1、web.xml中配置[code]<servlet>
<servlet-name>xfire</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>xfire</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>[/code]
2、WEB-INF下添加xfire-servlet.xml文件,配置方法如下:[code]<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="urlMap">
<map>
<entry key="/EchoService"> <!-- 这里是WebService的名称 -->
<ref bean="echo"/>
</entry>
</map>
</property>
</bean>
<bean id="echo" class="org.codehaus.xfire.spring.remoting.XFireExporter">
<property name="serviceFactory">
<ref bean="xfire.serviceFactory"/>
</property>
<property name="xfire">
<ref bean="xfire"/>
</property>
<property name="serviceBean">
<ref bean="echoBean"/>
</property>
<property name="serviceClass">
<value>xxx.com.webservice.Echo</value>
</property>
</bean>
</beans>[/code]
配置完成后,定义一个接口,然后启动Server,通过client可实现WebService的访问。
同时,xfire提供了另外一种阅读性更好,更符合spring配置习惯的配置方法,配置方法如下:
1、web.xml[code]<servlet>
<servlet-name>XFireServlet</servlet-name>
<servlet-class>
org.codehaus.xfire.spring.XFireSpringServlet
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>XFireServlet</servlet-name>
<url-pattern>/servlet/XFireServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>XFireServlet</servlet-name>
<url-pattern>/service/*</url-pattern>
</servlet-mapping>[/code]
这种方式不需要单独配置一个xfire-servlet.xml文件,只需要在spring的applicationContext文件中进行配置就能实现WebService的配置
2、applicationContext.xml[code]<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!-- 需要import下面这个xml文件 -->
<import resource="classpath:org/codehaus/xfire/spring/xfire.xml" />
<!-- WebService Impl WebService接口的实现类-->
<bean id="accountWebServiceImpl" class="xxx.com.account.webservice.impl.AccountWebServiceImpl" autowire="byName" />
<!-- end -->
<!-- 下面的配置是WebService的标准配置 -->
<bean id="AccountWebService" class="org.codehaus.xfire.spring.remoting.XFireExporter"> <!-- WebService的名字 -->
<property name="xfire" ref="xfire" />
<property name="serviceBean" ref="accountWebServiceImpl" /> <!-- WebService的实现类bean -->
<property name="serviceClass" value="xxx.com.account.webservice.AccountWebService" />
<property name="inHandlers" ref="authenticationHandler"/> <!--普通的用户名密码的方式进行WebService的验证-->
</bean>
<bean id="authenticationHandler"
class="xxx.com.account.webservice.authentcation.AuthenticationHandler"/>
</beans>[/code]
通过上面的配置,就可以将Spring的bean和xfire的WebService很好的结合起来了,以上的方式在WebService上只是做了简单的密码验证,并不能保证WebService的安全性,下面将详细描述如何通过WSS4J的方式来实现WebService的数字证书的加密验证,这里大量的参考了SpringSide,非常感谢!
下面看一下关于WSS4J的spring配置文件[code]<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<import resource="classpath:org/codehaus/xfire/spring/xfire.xml" />
<!-- WebService Impl -->
<bean id="accountWebServiceImpl" class="xxx.com.account.webservice.impl.AccountWebServiceImpl" autowire="byName" />
<!-- end -->
<!-- 使用 WSS4J验证 -->
<bean id="accountWebServiceWSS4J" class="org.codehaus.xfire.spring.remoting.XFireExporter">
<property name="serviceBean" ref="accountWebServiceImpl"/>
<property name="serviceClass" value="xxx.com.account.webservice.wss4j.AccountWebServiceWSS4J"/>
<property name="inHandlers">
<list>
<ref bean="domInHandler"/>
<ref bean="wss4jInHandler"/>
<ref bean="validateUserTokenHandler"/>
</list>
</property>
</bean>
<bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler"/>
<bean id="wss4jInHandler" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
<property name="properties">
<props>
<prop key="action">UserToken</prop>
<prop key="passwordCallbackClass">xxx.com.account.webservice.wss4j.PasswordHandler</prop>
</props>
</property>
</bean>
<!-- 使用 WSS4J验证 Signature模式 -->
<bean id="accountWebServiceWSS4JSign" class="org.codehaus.xfire.spring.remoting.XFireExporter">
<property name="serviceBean" ref="accountWebServiceImpl"/>
<property name="serviceClass" value="xxx.com.account.webservice.wss4j.AccountWebServiceWSS4JSign"/>
<property name="inHandlers">
<list>
<ref bean="domInHandler"/>
<ref bean="wss4jInHandlerSign"/>
<ref bean="validateUserTokenHandler"/>
</list>
</property>
</bean>
<bean id="wss4jInHandlerSign" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
<property name="properties">
<props>
<prop key="action">Signature</prop>
<prop key="signaturePropFile">com/real/cn/account/webservice/wss4j/server_security_sign.properties</prop>
<prop key="passwordCallbackClass">xxx.com.account.webservice.wss4j.PasswordHandler</prop>
</props>
</property>
</bean>
<!-- 使用 WSS4J验证 Encrypt模式 -->
<bean id="accountWebServiceWSS4JEnc" class="org.codehaus.xfire.spring.remoting.XFireExporter">
<property name="serviceBean" ref="accountWebServiceImpl"/>
<property name="serviceClass" value="xxx.com.account.webservice.wss4j.AccountWebServiceWSS4JEnc"/>
<property name="inHandlers">
<list>
<ref bean="domInHandler"/>
<ref bean="wss4jInHandlerEnc"/>
<ref bean="validateUserTokenHandler"/>
</list>
</property>
</bean>
<bean id="wss4jInHandlerEnc" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
<property name="properties">
<props>
<prop key="action">Encrypt</prop>
<prop key="decryptionPropFile">com/real/cn/account/webservice/wss4j/server_security_enc.properties</prop>
<prop key="passwordCallbackClass">xxx.com.account.webservice.wss4j.PasswordHandler</prop>
</props>
</property>
</bean>
<bean id="validateUserTokenHandler"
class="xxx.com.account.webservice.wss4j.WSS4JTokenHandler"/>
</beans>[/code]
Encrypt模式是指客户端使用公钥加密数据流,然后发送到服务端,服务端通过私钥进行校验,这种方式适合集中式的服务;Signature模式是指客户端使用私钥加密数据流,服务端通过公钥来校验,这种方式适合分布式服务。
对于Encrypt模式和Signature模式的接口,只要继承AccountWebService就可以。
server_security_enc.properties和server_security_sign.properties文件保存了证书的位置以及用户名和密码,这里的用户名和密码,这样就有密码和证书两重的校验方式
对于server端和client端来讲
私钥,格式如下:[code]org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=xxx
org.apache.ws.security.crypto.merlin.alias.password=xxx
org.apache.ws.security.crypto.merlin.keystore.alias=xxx
org.apache.ws.security.crypto.merlin.file=.../account_server_enc.jks[/code]
公钥,格式如下:[code]org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=xxx
org.apache.ws.security.crypto.merlin.keystore.alias=xxx
org.apache.ws.security.crypto.merlin.file=.../account_client_enc.jks[/code]
一种是通过spring提供的org.springframework.web.servlet.DispatcherServlet来实现,配置方法是这样的:
1、web.xml中配置[code]<servlet>
<servlet-name>xfire</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>xfire</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>[/code]
2、WEB-INF下添加xfire-servlet.xml文件,配置方法如下:[code]<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="urlMap">
<map>
<entry key="/EchoService"> <!-- 这里是WebService的名称 -->
<ref bean="echo"/>
</entry>
</map>
</property>
</bean>
<bean id="echo" class="org.codehaus.xfire.spring.remoting.XFireExporter">
<property name="serviceFactory">
<ref bean="xfire.serviceFactory"/>
</property>
<property name="xfire">
<ref bean="xfire"/>
</property>
<property name="serviceBean">
<ref bean="echoBean"/>
</property>
<property name="serviceClass">
<value>xxx.com.webservice.Echo</value>
</property>
</bean>
</beans>[/code]
配置完成后,定义一个接口,然后启动Server,通过client可实现WebService的访问。
同时,xfire提供了另外一种阅读性更好,更符合spring配置习惯的配置方法,配置方法如下:
1、web.xml[code]<servlet>
<servlet-name>XFireServlet</servlet-name>
<servlet-class>
org.codehaus.xfire.spring.XFireSpringServlet
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>XFireServlet</servlet-name>
<url-pattern>/servlet/XFireServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>XFireServlet</servlet-name>
<url-pattern>/service/*</url-pattern>
</servlet-mapping>[/code]
这种方式不需要单独配置一个xfire-servlet.xml文件,只需要在spring的applicationContext文件中进行配置就能实现WebService的配置
2、applicationContext.xml[code]<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!-- 需要import下面这个xml文件 -->
<import resource="classpath:org/codehaus/xfire/spring/xfire.xml" />
<!-- WebService Impl WebService接口的实现类-->
<bean id="accountWebServiceImpl" class="xxx.com.account.webservice.impl.AccountWebServiceImpl" autowire="byName" />
<!-- end -->
<!-- 下面的配置是WebService的标准配置 -->
<bean id="AccountWebService" class="org.codehaus.xfire.spring.remoting.XFireExporter"> <!-- WebService的名字 -->
<property name="xfire" ref="xfire" />
<property name="serviceBean" ref="accountWebServiceImpl" /> <!-- WebService的实现类bean -->
<property name="serviceClass" value="xxx.com.account.webservice.AccountWebService" />
<property name="inHandlers" ref="authenticationHandler"/> <!--普通的用户名密码的方式进行WebService的验证-->
</bean>
<bean id="authenticationHandler"
class="xxx.com.account.webservice.authentcation.AuthenticationHandler"/>
</beans>[/code]
通过上面的配置,就可以将Spring的bean和xfire的WebService很好的结合起来了,以上的方式在WebService上只是做了简单的密码验证,并不能保证WebService的安全性,下面将详细描述如何通过WSS4J的方式来实现WebService的数字证书的加密验证,这里大量的参考了SpringSide,非常感谢!
下面看一下关于WSS4J的spring配置文件[code]<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<import resource="classpath:org/codehaus/xfire/spring/xfire.xml" />
<!-- WebService Impl -->
<bean id="accountWebServiceImpl" class="xxx.com.account.webservice.impl.AccountWebServiceImpl" autowire="byName" />
<!-- end -->
<!-- 使用 WSS4J验证 -->
<bean id="accountWebServiceWSS4J" class="org.codehaus.xfire.spring.remoting.XFireExporter">
<property name="serviceBean" ref="accountWebServiceImpl"/>
<property name="serviceClass" value="xxx.com.account.webservice.wss4j.AccountWebServiceWSS4J"/>
<property name="inHandlers">
<list>
<ref bean="domInHandler"/>
<ref bean="wss4jInHandler"/>
<ref bean="validateUserTokenHandler"/>
</list>
</property>
</bean>
<bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler"/>
<bean id="wss4jInHandler" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
<property name="properties">
<props>
<prop key="action">UserToken</prop>
<prop key="passwordCallbackClass">xxx.com.account.webservice.wss4j.PasswordHandler</prop>
</props>
</property>
</bean>
<!-- 使用 WSS4J验证 Signature模式 -->
<bean id="accountWebServiceWSS4JSign" class="org.codehaus.xfire.spring.remoting.XFireExporter">
<property name="serviceBean" ref="accountWebServiceImpl"/>
<property name="serviceClass" value="xxx.com.account.webservice.wss4j.AccountWebServiceWSS4JSign"/>
<property name="inHandlers">
<list>
<ref bean="domInHandler"/>
<ref bean="wss4jInHandlerSign"/>
<ref bean="validateUserTokenHandler"/>
</list>
</property>
</bean>
<bean id="wss4jInHandlerSign" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
<property name="properties">
<props>
<prop key="action">Signature</prop>
<prop key="signaturePropFile">com/real/cn/account/webservice/wss4j/server_security_sign.properties</prop>
<prop key="passwordCallbackClass">xxx.com.account.webservice.wss4j.PasswordHandler</prop>
</props>
</property>
</bean>
<!-- 使用 WSS4J验证 Encrypt模式 -->
<bean id="accountWebServiceWSS4JEnc" class="org.codehaus.xfire.spring.remoting.XFireExporter">
<property name="serviceBean" ref="accountWebServiceImpl"/>
<property name="serviceClass" value="xxx.com.account.webservice.wss4j.AccountWebServiceWSS4JEnc"/>
<property name="inHandlers">
<list>
<ref bean="domInHandler"/>
<ref bean="wss4jInHandlerEnc"/>
<ref bean="validateUserTokenHandler"/>
</list>
</property>
</bean>
<bean id="wss4jInHandlerEnc" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
<property name="properties">
<props>
<prop key="action">Encrypt</prop>
<prop key="decryptionPropFile">com/real/cn/account/webservice/wss4j/server_security_enc.properties</prop>
<prop key="passwordCallbackClass">xxx.com.account.webservice.wss4j.PasswordHandler</prop>
</props>
</property>
</bean>
<bean id="validateUserTokenHandler"
class="xxx.com.account.webservice.wss4j.WSS4JTokenHandler"/>
</beans>[/code]
Encrypt模式是指客户端使用公钥加密数据流,然后发送到服务端,服务端通过私钥进行校验,这种方式适合集中式的服务;Signature模式是指客户端使用私钥加密数据流,服务端通过公钥来校验,这种方式适合分布式服务。
对于Encrypt模式和Signature模式的接口,只要继承AccountWebService就可以。
server_security_enc.properties和server_security_sign.properties文件保存了证书的位置以及用户名和密码,这里的用户名和密码,这样就有密码和证书两重的校验方式
对于server端和client端来讲
私钥,格式如下:[code]org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=xxx
org.apache.ws.security.crypto.merlin.alias.password=xxx
org.apache.ws.security.crypto.merlin.keystore.alias=xxx
org.apache.ws.security.crypto.merlin.file=.../account_server_enc.jks[/code]
公钥,格式如下:[code]org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=xxx
org.apache.ws.security.crypto.merlin.keystore.alias=xxx
org.apache.ws.security.crypto.merlin.file=.../account_client_enc.jks[/code]
4776
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
