Axis2构建webService并且客户端成功调用,现在需添加身份验证,问如何处理?

Axis2构建webService并且客户端成功调用,现在需添加身份验证,问如何处理?问题补充:我定义一个接口,并且实现该接口;在Eclispe中分别构建webService和webService Client,经过测试均成功;这个发布的WebService对任意人都可以访问调用,我这边想来一个身份验证,比如给予用户名和密码的认证,问下怎么来做啊?

解决方案 »

  1.   

    我定义了一个Handler验证用户信息:
    public class AuthenticationHandler extends BasicHandler {    private static final long serialVersionUID = -7685663586762871169L;  
      
        private static final String PUBLIC_USER = "public";  
      
        private static final String PUBLIC_PASSWORD = PUBLIC_USER;  
      
        private static final String AUTHENTICATION_ERROR_MESSAGE = "用户名或密码不正确。";  
      
        /** 
         * 请求认证回到方法 
         *  
         * @param messageContext 
         *            -用户上下文消息对象 
         */  
        public void invoke(MessageContext messageContext) throws AxisFault {  
            HttpServletRequest request = (HttpServletRequest) messageContext  
                    .getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);  
            //从请求header中获取可认证信息,很多人通常用Base64进行转码后认证  
            String user = request.getHeader(Call.USERNAME_PROPERTY);  
            String password = request.getHeader(Call.PASSWORD_PROPERTY);  
            if (!PUBLIC_USER.equals(user) || !PUBLIC_PASSWORD.equals(password)) {  
                throw new AxisFault("Server.Unauthenticated",  
                        AUTHENTICATION_ERROR_MESSAGE, null, null);  
            }  
        }  
    }然后我在Service-config.wsdd中走XML映射了下:
    <ns1:handler name="Authenticate" type="java:com.test.handler.AuthenticationHandler"/>client端:
    //Axis2用户安全设置
    Service service = new Service();

    Call call = (Call) service.createCall();
    //设置用户名
    call.getMessageContext().setUsername("public");
    //设置安全密码
    call.getMessageContext().setPassword("public");

    String endpointURL = "http://localhost:8080/WebService/services/HelloWorldImpl";

    call.setTargetEndpointAddress(endpointURL);

    call.setOperationName(new QName("HelloWorldImpl"));


    String result = (String) call.invoke(new Object[]{"123"});

    System.out.println(result);

    /**
     * 通过endpoint获得一个代理实例
     * 
    HelloWorldImplProxy proxy = new HelloWorldImplProxy(endpointURL);

    try {
    String result = proxy.sayHello("daipeng");
    System.out.println(result);
    } catch (RemoteException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
    }
    */
    }
      

  2.   

    public class WebClientDevWrapper {
    public String wrap2Client(String url,String kpath,String kpassword,String trustpath,String tpassword,String datafile, Map<String, String> data) throws Exception {
    HttpClient httpclient = new DefaultHttpClient();
    KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
    KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
    FileInputStream keystoreInstream = new FileInputStream(new File(kpath));
    FileInputStream trustStoreInstream = new FileInputStream(new File(trustpath));
    try {
    keystore.load(keystoreInstream, kpassword.toCharArray());
    trustStore.load(trustStoreInstream, tpassword.toCharArray());
    } finally {
    keystoreInstream.close();
    trustStoreInstream.close();
    }
    SSLSocketFactory socketFactory = new SSLSocketFactory(SSLSocketFactory.SSL, keystore, kpassword,
    trustStore, null, new TrustStrategy() {
    public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    return true;
    }
    }, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    Scheme sch = new Scheme("https", 4433, socketFactory);
    httpclient.getConnectionManager().getSchemeRegistry().register(sch);
    HttpPost post = new HttpPost(url);

    if(data!=null){
    for(String key : data.keySet()) {
    post.setHeader(key, data.get(key));
    }
    }
    String BK_SERIAL = String.valueOf(System.currentTimeMillis());
    StringEntity entity = new StringEntity(datafile, "text/html", "GBK");
    post.setEntity(entity);
    HttpResponse res = httpclient.execute(post);
    String msg="";
    HttpEntity resEntity = res.getEntity();
    if (resEntity != null) {
    msg=EntityUtils.toString(resEntity,"gbk");
    }
    httpclient.getConnectionManager().shutdown();
    return msg;
    }
    public static void main(String[] args) throws Exception{
    WebClientDevWrapper webClientDevWrapper = new WebClientDevWrapper();
    String url = "https://222.66.65.103:4433/gateway";
    String kpath = "src/com/util/server.ks";
    String trustpath = "src/com/util/server.ks";
    String kpassword = "accident";
    String tpassword= "accident";
    Map<String,String> map01=new LinkedHashMap<String,String>();
    map01.put("GATEWAY_TRANSCODE", "E0101");
    Bean2xml b2x=new Bean2xml();
    String str01=webClientDevWrapper.readXml("src/com/util/a.xml");
    com.pojo.e0101.call.Root root=(com.pojo.e0101.call.Root)b2x.Xml2Bean(str01, "root", com.pojo.e0101.call.Root.class);
    str01=b2x.Bean2xml(root, "root");
    System.out.println(str01);
    String filedate01=str01;
    String msg01=webClientDevWrapper.wrap2Client(url, kpath, kpassword, trustpath, tpassword, filedate01, map01);
    System.out.println(msg01);