CXF WebService 授权
作者:互联网
服务端添加拦截器
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import java.util.List;
import org.apache.cxf.binding.soap.SoapHeader;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
import javax.xml.soap.SOAPException;
@Component
public class WsAuthInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
private static final String USERNAME = "root";
private static final String PASSWORD = "admin";
public WsAuthInterceptor() {
// 定义在哪个阶段进行拦截
super(Phase.PRE_PROTOCOL);
}
@Override
public void handleMessage(SoapMessage soapMessage) throws Fault {
List<Header> headers = soapMessage.getHeaders();
String username = null;
String password = null;
if (headers == null || headers.isEmpty()) {
throw new Fault(new IllegalArgumentException("找不到Header,无法验证用户信息"));
}
// 获取用户名,密码
for (Header header : headers) {
SoapHeader soapHeader = (SoapHeader) header;
Element e = (Element) soapHeader.getObject();
username = e.getAttribute("username");
password = e.getAttribute("password");
if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
throw new Fault(new IllegalArgumentException("用户信息为空"));
}
}
// 校验用户名密码
if (!(USERNAME.equals(username) && PASSWORD.equals(password))) {
SOAPException soapExc = new SOAPException("认证失败");
System.err.println("用户认证信息错误");
throw new Fault(soapExc);
}
}
}
@Bean
public Endpoint endpoint() {
EndpointImpl endpoint = new EndpointImpl(springBus(), demoService()); //绑定要发布的服务
endpoint.publish("/api"); // 暴露webService api,用在资源访问
endpoint.getInInterceptors().add(wsAuthInterceptor);
return endpoint;
}
--------
客户端调用
SOAP UI
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.his.thoth.com">
<soapenv:Header>
<Author username="root" password="admin"></Author>
</soapenv:Header>
<soapenv:Body>
<ser:sayHello>
<!--Optional:-->
<arg>Test</arg>
</ser:sayHello>
</soapenv:Body>
</soapenv:Envelope>
动态调用
@Override
public String soapDynamicTest(String ip) {
//创建动态客户端
JaxWsDynamicClientFactory factory = JaxWsDynamicClientFactory.newInstance();
// Client client = factory.createClient("http://www.webxml.com.cn/WebServices/IpAddressSearchWebService.asmx?wsdl");
Client client = factory.createClient("http://192.168.1.216:9090/ws/api?wsdl");
// 需要密码的情况需要加上用户名和密码
//client.getOutInterceptors().add(new ClientLoginInterceptor("USER_NAME","PASS_WORD"));
HTTPConduit conduit = (HTTPConduit) client.getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout(2000); //连接超时
httpClientPolicy.setAllowChunking(false); //取消块编码
httpClientPolicy.setReceiveTimeout(120000); //响应超时
conduit.setClient(httpClientPolicy);
client.getOutInterceptors().add(new ClientCheckInterceptor());
try{
Object[] objects = new Object[0];
// invoke("方法名",参数1,参数2,参数3....);
// objects = client.invoke("getCountryCityByIp", ip);
objects = client.invoke("sayHello", ip);
System.out.println("返回数据:" + objects[0]);
// return ((ArrayOfString) objects[0]).getString().toString();
return objects[0].toString();
}catch (Exception e){
e.printStackTrace();
}
return "";
}
ClientCheckInterceptor.java
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import javax.xml.namespace.QName;
import java.util.List;
public class ClientCheckInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
private static final String USERNAME = "root";
private static final String PASSWORD = "admin";
public ClientCheckInterceptor() {
super(Phase.PREPARE_SEND);
}
@Override
public void handleMessage(SoapMessage message) throws Fault {
List<Header> headers = message.getHeaders();
Document document = DOMUtils.createDocument();
Element authorEle = document.createElement("author");
authorEle.setAttribute("username", USERNAME);
authorEle.setAttribute("password", PASSWORD);
headers.add(new Header(new QName(""), authorEle));
}
}
标签:cxf,WebService,import,new,CXF,org,apache,授权,String 来源: https://www.cnblogs.com/vipsoft/p/14994471.html