如果用XFire 实现WS-Secuiry 在http://xfire.codehaus.org/WS-Security
下面说说如何写Client 去 调用User Token Authentication 的 WS-Security.
1.用Xfire 根据WSDL 去生成 Client stub.
通常,用eclipse的XFire plug-in, 里面有一个Code generation from WSDL document的Wizard.生成的java文件里通常有xxxxServiceClient.java xxxxServcie.java xxxxServiceImpl.java 等文件.
如果不考虑WS-Security Client code 很容易写
例如:
xxxxServiceClient service = new xxxxxServiceClient();
xxxxService client = service.getxxxServiceHttpPort("http://localhost:8080/services/xxxxService");
2. 加WS-Security
最好不要改XFire 生成的文件, 而是在自己的调用程序里增加.这样将来WSDL改变, 可以在用XFire 生成Code 而不影响自己的程序
xxxxServiceClient service = new xxxServiceClient();
xxxxService client = service.getxxxxServiceHttpPort("http://localhost:8080/services/xxxxService");
addWSSecurity(stallInfoClient);
public void addWSSecurity(StallInfoService stallInfoService)
{
Client client = org.codehaus.xfire.client.Client.getInstance(stallInfoService);
client.addOutHandler(new DOMOutHandler());
Properties properties = new Properties();
configureOutProperties(properties);
WSS4JOutHandler wss4jOutHandler = new WSS4JOutHandler(properties);
Map props = wss4jOutHandler.getProperties();
PasswordHandler pwdHandler = new PasswordHandler();
pwdHandler.setPassword(password);
props.put(WSHandlerConstants.PW_CALLBACK_REF, pwdHandler);
wss4jOutHandler.setProperties(props);
client.addOutHandler(wss4jOutHandler);
}
protected void configureOutProperties(Properties config)
{
// Action to perform : user token
config.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
// Password type : plain text
config.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
// for hashed password use:
//properties.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
// User name to send
config.setProperty(WSHandlerConstants.USER, username);
}
public class PasswordHandler implements CallbackHandler {
private String password = " ";
public PasswordHandler() { }
public void setPassword(String password) {
this.password = password;
}
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
String uid = pc.getIdentifer();
pc.setPassword(password);
}
}
当使用
WSHandlerConstants.PW_CALLBACK_REF Xfire 有缺陷, 如果不手动把 passwordhandler 加入wss4jOutHandler的properties里, 将来是XFire无法调用自己的passwordhandler变量, WSHandlerConstants.PW_CALLBACK_CLASS 没有这个问题.
通过这种方法,Client 就会在SOAP request 加入 security head.
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soap:Header>
<wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-26235040" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">username
</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">password
</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<GetRequest xmlns="....">11</GetRequest>
</soap:Body>
</soap:Envelope>
posted on 2008-11-14 15:08
happyy2k 阅读(2338)
评论(2) 编辑 收藏 所属分类:
Web Service