Vikings

实施WebService Security[WS-Security1.0]的Encrypt和Sign模式(XFire+WSS4J)

转自:
http://www.blogjava.net/security/archive/2006/08/08/xfire_wss4j.html

thanks for springside

鉴于很多系统需要实施WS-Security的标准,我们在SpringSide中提供了XFire+WSS4J的Demo,本文介绍SpringSide中Spring+XFire+WSS4J的基本配置

[WebService Server端配置]
第一,创建一个基本的BookService
public interface BookService {
    
/** *//**
     * 按书名模糊查询图书
     
*/

    List findBooksByName(String name);

    
/** *//**
     * 查找目录下的所有图书
     *
     * 
@param categoryId 如果category为null或“all”, 列出所有图书。
     
*/

    List findBooksByCategory(String categoryId);

    
/** *//**
     * 列出所有分类.
     *
     * 
@return List<Category>,或是null。
     
*/

    List getAllCategorys();
}
第二,接口扩展,即Extend基本的BookService,在XFire中,不同的WSS4J策略需要针对不同的ServiceClass,否则<inHandlers>里面的定义会Overlap。


   <!--BookService 基类-->
    
<bean id="baseWebService" class="org.codehaus.xfire.spring.remoting.XFireExporter" abstract="true">
        
<property name="serviceFactory" ref="xfire.serviceFactory"/>
        
<property name="xfire" ref="xfire"/>
    
</bean>

    
<bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
        
<property name="mappings">
            
<value>
                /BookService=bookService
                /BookServiceWSS4J=bookServiceWSS4J
                /BookServiceWSS4JEnc=bookServiceWSS4JEnc
                /BookServiceWSS4JSign=bookServiceWSS4JSign
            
</value>
        
</property>
    
</bean>

   
<!--(1)BookWebService 不需要认证-->
    
<bean id="bookService" class="org.codehaus.xfire.spring.remoting.XFireExporter">
        
<property name="serviceFactory" ref="xfire.serviceFactory"/>
        
<property name="xfire" ref="xfire"/>
        
<property name="serviceBean" ref="bookManager"/>
        
<property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookService"/>
    
</bean>

    
<!--  (3)BookWebService 使用 WSS4J验证-->
    
<bean id="bookServiceWSS4J" class="org.codehaus.xfire.spring.remoting.XFireExporter">
        
<property name="serviceBean" ref="bookManager"/>
        
<property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookServiceWSS4J"/>
        
<property name="inHandlers">
            
<list>
                
<ref bean="domInHandler"/>
                
<ref bean="wss4jInHandler"/>
                
<ref bean="validateUserTokenHandler"/>
            
</list>
        
</property>
    
</bean>

    
<bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler"/>

    
<bean id="wss4jInHandler" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
        
<property name="properties">
            
<props>
                
<prop key="action">UsernameToken</prop>
                
<prop key="passwordCallbackClass">org.springside.bookstore.plugins.xfire.wss4j.PasswordHandler</prop>
            
</props>
        
</property>
    
</bean>

    
<bean id="validateUserTokenHandler" class="org.springside.bookstore.plugins.xfire.wss4j.WSS4JTokenHandler"/>
    
    
<!--  (4)BookWebService 使用 WSS4J验证 Encrypt模式-->
    
<bean id="bookServiceWSS4JEnc" class="org.codehaus.xfire.spring.remoting.XFireExporter">
        
<property name="serviceBean" ref="bookManager"/>
        
<property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookServiceWSS4JEnc"/>
        
<property name="inHandlers">
            
<list>
                
<ref bean="domInHandler"/>
                
<ref bean="wss4jInHandlerEnc"/>
                
<ref bean="validateUserTokenHandler"/>
            
</list>
        
</property>
    
</bean>
        
    
<bean id="wss4jInHandlerEnc" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
        
<property name="properties">
          
<props>
            
<prop key="action">Encrypt</prop>
            
<prop key="decryptionPropFile">org/springside/bookstore/plugins/xfire/wss4j/insecurity_enc.properties</prop>
            
<prop key="passwordCallbackClass">org.springside.bookstore.plugins.xfire.wss4j.PasswordHandler</prop>
          
</props>
        
</property>
    
</bean>
    
    
<!--  (5)BookWebService 使用 WSS4J验证 Signature模式-->
    
<bean id="bookServiceWSS4JSign" class="org.codehaus.xfire.spring.remoting.XFireExporter">
        
<property name="serviceBean" ref="bookManager"/>
        
<property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookServiceWSS4JSign"/>
        
<property name="inHandlers">
            
<list>
                
<ref bean="domInHandler"/>
                
<ref bean="wss4jInHandlerSign"/>
                
<ref bean="validateUserTokenHandler"/>
            
</list>
        
</property>
    
</bean>
    
    
<bean id="wss4jInHandlerSign" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
        
<property name="properties">
          
<props>
            
<prop key="action">Signature</prop>
            
<prop key="signaturePropFile">org/springside/bookstore/plugins/xfire/wss4j/insecurity_sign.properties</prop>
            
<prop key="passwordCallbackClass">org.springside.bookstore.plugins.xfire.wss4j.PasswordHandler</prop>
          
</props>
        
</property>
    
</bean>
    
</beans>

posted on 2008-10-29 01:55 Vikings 阅读(375) 评论(0)  编辑  收藏


只有注册用户登录后才能发表评论。


网站导航: