WebServices的认证处理

WebServices的认证处理有两种方式：

一. HTTP身份认证:在web服务器中指定可访问IP,或在防火墙中设置IP访问策略,也可以在web服务器中配置验证程序进行身份认证.

二. SOAP Header中进行身份验证，采用JSR181标注的方式进行身份验证，具体步骤如下：

a) 服务端编写验证类，继承AbstractHandler，代码如下：

public class S<a href="/tag/ecurity/" target="_blank" class="keywords">ecurity</a>Handler extends AbstractHandler { public void invoke(MessageContext context) throws Exception { Element headerE = context.getInMessage().getHeader(); if (headerE == null) { throw new Exception("本服务需要收费，请联系QQ:3333333"); } String username = headerE.getChild("username").getText(); String password = headerE.getChildText("password"); if(username==null||"".equals(username)){ throw new Exception("请提供<a href="/tag/yonghuming/" target="_blank" class="keywords">用户名</a>"); } if(password==null||"".equals(password)){ throw new Exception("请提供<a href="/tag/mimap/" target="_blank" class="keywords">密码</a>"); } if(username.equals("jn0909")){ if(password.equals("jn0909")){ }else{ throw new Exception("<a href="/tag/mimap/" target="_blank" class="keywords">密码</a><a href="/tag/cuowu/" target="_blank" class="keywords">错误</a>"); } }else{ throw new Exception("<a href="/tag/yonghuming/" target="_blank" class="keywords">用户名</a><a href="/tag/cuowu/" target="_blank" class="keywords">错误</a>"); } } }

b) services.xml配置如下：

<service> <name>Hello</name> <serviceClass>com<a href="/tag/so/" target="_blank" class="keywords">.so</a>ftfz.IHello</serviceClass> <implementationClass>com<a href="/tag/so/" target="_blank" class="keywords">.so</a>ftfz.HelloImpl</implementationClass> <inHandlers> <handler handlerClass="com<a href="/tag/so/" target="_blank" class="keywords">.so</a>ftfz.S<a href="/tag/ecurity/" target="_blank" class="keywords">ecurity</a>Handler"></handler> </inHandlers> <style>wrapped</style> <use>li<a href="/tag/tera/" target="_blank" class="keywords">tera</a>l</use> <s<a href="/tag/cop/" target="_blank" class="keywords">cop</a>e>application</s<a href="/tag/cop/" target="_blank" class="keywords">cop</a>e> </service>

c) 同样客户端也要编写一个授权信息，继承AbstractHandler,代码如下：

public class ClientHandler extends AbstractHandler { private String username = ""; private String password = ""; public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String <a href="/tag/getpass/" target="_blank" class="keywords">getpass</a>word() { return password; } public void setPassword(String password) { this.password = password; } public void invoke(MessageContext context) throws Exception { OutMessage outMessage = context.g<a href="/tag/eto/" target="_blank" class="keywords">eto</a>utMessage(); Element header = new Element("xxxx"); Element usernameE = new Element("username"); Element passwordE = new Element("password"); header.addContent(usernameE); header.addContent(passwordE); outMessage.setHeader(header); usernameE.setText(username); passwordE.setText(password); } public ClientHandler(String username,String password) { this.username = username; this.password = password; } }

d) 客户端调用服务端(可以以3种方式中的任意一种调用)

第一种方式调用：

public static void main(String[] args) { String webserviceLocation = "http://localhost:81/webservice03/services/Hello"; ObjectServiceFactory objectServiceFactory = new ObjectServiceFactory(); Service service = objectServiceFactory.create(IHello.class); XFireProxyFactory fireProxyFactory = new XFireProxyFactory(); try { IHello hello = (IHello) fireProxyFactory.create(service,webserviceLocation); XFireProxy fireProxy = (XFireProxy) Proxy .getInvocationHandler(hello); fireProxy.getClient().addOutHandler(new ClientHandler("jn0909","jn0909")); hello.example("test"); } catch (MalformedURLException e) { e.<a href="/tag/printstacktrace/" target="_blank" class="keywords">printstacktrace</a>(); } }

第二种方式调用：

public static void main(String[] args) { String wsdlLocation="http://localhost:81/webservice03/services/Hello?wsdl"; try { Client client = new Client(new URL(wsdlLocation)); client.addOutHandler(new ClientHandler("jn0909","jn0909")); client.invoke("example",new Object[]{"test"}); } catch (MalformedURLException e) { // T<a href="/tag/odo/" target="_blank" class="keywords">odo</a> Auto-generated catch block e.<a href="/tag/printstacktrace/" target="_blank" class="keywords">printstacktrace</a>(); } catch (Exception e) { // T<a href="/tag/odo/" target="_blank" class="keywords">odo</a> Auto-generated catch block e.<a href="/tag/printstacktrace/" target="_blank" class="keywords">printstacktrace</a>(); } }

第三种方式调用：

public static void main(String[] args) { HelloClient client = new HelloClient(); // create a default service endpoint HelloPortType service = client.getHelloHttpPort(); XFireProxy fireProxy = (XFireProxy) Proxy.getInvocationHandler(service); fireProxy.getClient().addOutHandler( new ClientHandler("jn0909","jn0909")); service.example("test"); }

WebServices的认证处理

相关推荐