这几天学习CXF,单独的发布服务没问题,也可以访问;但是实现用户名令牌验证的时候总是出错;下面我把代码贴出来,请各位指点迷津,谢谢!
1.HelloWorld.javapackage demo;import javax.jws.WebService;@WebService
public interface HelloWorld {
String sayHi(String text);
}
2.HelloWorldImpl.javapackage demo;
public class HelloWorldImpl implements HelloWorld { public String sayHi(String text) {
return "Hello:" + text;
}}
3.WSDemoAuthHandler.javapackage demo;import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;public class WSDemoAuthHandler implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
System.out.println("length:" + callbacks.length);
WSPasswordCallback passwordCallback = (WSPasswordCallback) callbacks[0];
String password = passwordCallback.getPassword();
String identifier = passwordCallback.getIdentifier();
System.out.println("Identifier:" + identifier);
System.out.println("password:" + password);
if (identifier.equals("testws") && password.equals("admin")) {
System.out.println("success!!!");
} else {
throw new IOException("wrong username");
}
}}
4.服务端的spring配置文件bean.xml<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<jaxws:endpoint id="helloWorld" implementor="demo.HelloWorldImpl"
address="/HelloWorld">
<jaxws:inInterceptors>
<!-- 日志 -->
<bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<!-- 表示验证机制是用户姓名令牌,也就是使用用户名和密码机制 -->
<entry key="action" value="UsernameToken" />
<!-- 表示密码类型是文本,还可以是WSConstants.PASSWORD_DIGEST(密码会被加密为MD5) -->
<entry key="passwordType" value="PasswordText" />
<entry key="user" value="server"></entry>
<!-- 表示服务器端验证密码的回调处理类,这个类必须实现CallbackHandler接口 -->
<entry>
<key>
<value>passwordCallbackRef</value>
</key>
<ref bean="passwordCallback" />
</entry>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
<bean id="passwordCallback" class="demo.WSDemoAuthHandler"></bean>
</beans>5.web.xml<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>CXF Servlet</display-name> <context-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/bean.xml</param-value>
</context-param> <listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener> <servlet>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet> <servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/services/*</url-pattern>
</servlet-mapping> <welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
1.HelloWorld.javapackage demo;import javax.jws.WebService;@WebService
public interface HelloWorld {
String sayHi(String text);
}
2.HelloWorldImpl.javapackage demo;
public class HelloWorldImpl implements HelloWorld { public String sayHi(String text) {
return "Hello:" + text;
}}
3.WSDemoAuthHandler.javapackage demo;import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;public class WSDemoAuthHandler implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
System.out.println("length:" + callbacks.length);
WSPasswordCallback passwordCallback = (WSPasswordCallback) callbacks[0];
String password = passwordCallback.getPassword();
String identifier = passwordCallback.getIdentifier();
System.out.println("Identifier:" + identifier);
System.out.println("password:" + password);
if (identifier.equals("testws") && password.equals("admin")) {
System.out.println("success!!!");
} else {
throw new IOException("wrong username");
}
}}
4.服务端的spring配置文件bean.xml<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<jaxws:endpoint id="helloWorld" implementor="demo.HelloWorldImpl"
address="/HelloWorld">
<jaxws:inInterceptors>
<!-- 日志 -->
<bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<!-- 表示验证机制是用户姓名令牌,也就是使用用户名和密码机制 -->
<entry key="action" value="UsernameToken" />
<!-- 表示密码类型是文本,还可以是WSConstants.PASSWORD_DIGEST(密码会被加密为MD5) -->
<entry key="passwordType" value="PasswordText" />
<entry key="user" value="server"></entry>
<!-- 表示服务器端验证密码的回调处理类,这个类必须实现CallbackHandler接口 -->
<entry>
<key>
<value>passwordCallbackRef</value>
</key>
<ref bean="passwordCallback" />
</entry>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
<bean id="passwordCallback" class="demo.WSDemoAuthHandler"></bean>
</beans>5.web.xml<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>CXF Servlet</display-name> <context-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/bean.xml</param-value>
</context-param> <listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener> <servlet>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet> <servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/services/*</url-pattern>
</servlet-mapping> <welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
1.HelloWorldClient.javapackage demo.client;import org.springframework.context.support.ClassPathXmlApplicationContext;import demo.HelloWorld;public class HelloWorldClient { /**
* @param args
*/
public static void main(String[] args) {
ClassPathXmlApplicationContext context=new ClassPathXmlApplicationContext(new String[]{"demo/client/client-bean.xml"});
HelloWorld client=(HelloWorld) context.getBean("helloClient");
System.out.println(client.sayHi("官网都报错"));
}
}
2.WSClientAuthHandler.javapackage demo.client;import java.io.IOException;
import static java.lang.System.out;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;public class WSClientAuthHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
WSPasswordCallback wsPasswordCallback = (WSPasswordCallback) callbacks[0];
int usage = wsPasswordCallback.getUsage();
out.print("identifier:" + wsPasswordCallback.getIdentifier());
out.print("usage:" + usage);
wsPasswordCallback.setPassword("admin");
}
}3.客户端spring配置client-bean.xml<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
<!--
<jaxws:client id="helloClient" serviceClass="demo.spring.HelloWorld"
address="http://localhost:8080/SampleWS/HelloWorld"></jaxws:client>
-->
<bean id="helloClient" class="demo.HelloWorld" factory-bean="helloClientFactory"
factory-method="create"></bean>
<bean id="helloClientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
<property name="serviceClass" value="demo.HelloWorld"></property>
<property name="address"
value="http://localhost:8080/SampleWS/services/HelloWorld"></property>
<property name="outInterceptors">
<list>
<!-- 日志 -->
<bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
<bean id="wss4jOutConfig" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<property name="properties">
<map>
<entry key="action" value="UsernameToken"></entry>
<!-- 用于初始化用户名,这是一个必选项,否则会报错 -->
<entry key="user" value="client"></entry>
<entry key="passwordType" value="PasswordText"></entry>
<entry>
<key>
<value>passwordCallbackRef</value>
</key>
<ref bean="passwordCallback" />
</entry>
</map>
</property>
</bean>
</list>
</property>
</bean>
<bean id="passwordCallback" class="demo.client.WSClientAuthHandler"></bean>
</beans>以上就是全部代码,请各位帮忙看看,lib包里面我用的是apache cxf网站上的2.4.2版本中提供的包,我全部拷进来的。
WSDemoAuthHandler.javaWSPasswordCallback passwordCallback = (WSPasswordCallback) callbacks[0];
String password = passwordCallback.getPassword();
password是null,所以这里报错,不能通过验证。
原本是循环的,现在callbacks里只有一个对象,就直接取了
cxf-rest安全认证的demo有吗?