Cxf+ws-security+spring WebService server side + client and attention issues

The project to use the webservice, just heard the time is very happy, because I have contacted before, it should not be difficult to come.

Well, that's not the case ...., let me have a good effort.

Not to mention, below the code, this is the entry level, so will be more detailed, look carefully:

Server-side:

1. Interface + Implementation Class

Interface Package Com.ekservice.service;import Javax.jws.webmethod;import Javax.jws.webparam;import javax.jws.WebResult; Import Javax.jws.webservice;import com.ek.entry.user.user;/**  * @author Administrator  * Class Description  */@ WebService (targetnamespace= "http://jeeek-dp/", Name= "Exampleservice") public interface Exampleservice {@WebResult ( Name= "password") @WebMethod (action= "http://jeeek-dp/ExampleService/getStr") public User getstr (@WebParam (name= " Name ") String userName);}

Implement class package Com.ekservice.impl;import Javax.jws.webservice;import Com.ek.entry.user.user;import com.ekservice.service.exampleservice;/**  * @author Administrator * Class description *  /@WebService (targetnamespace= "http ://jeeek-dp/", servicename=" Exampleservice ", Name=" Exampleservice ") public class Exampleserviceimpl implements Exampleservice {public user getstr (String userName) {User user = new User () user.setaddress (No. 222 Haidian District, Beijing); User.setmobilephone ("010-1101111"); return user;}}

2. Ws-security Safety Verification-Filter

Package Com.ekservice.interceptor;import Java.io.ioexception;import Java.util.hashmap;import java.util.Map;import Javax.security.auth.callback.callback;import Javax.security.auth.callback.callbackhandler;import Javax.security.auth.callback.unsupportedcallbackexception;import Org.apache.ws.security.WSPasswordCallback; Import org.apache.ws.security.wssecurityexception;/** * @author Administrator * Class description */public class Exampleserviceinterc Eptor implements Callbackhandler{private map<string, string> passwords = new hashmap<string, String> (); Public Exampleserviceinterceptor () {passwords.put ("admin", "password");//The corresponding authentication information here-username + password, must be consistent with the client to verify through}public void handle (callback[] callbacks) throws ioexception,unsupportedcallbackexception {for (int i = 0; i < callbacks.length ; i++) {Wspasswordcallback pc = (wspasswordcallback) callbacks[i]; String identifier = Pc.getidentifier ();//user name int usage = pc.getusage ();//authentication method if (Usage = = Wspasswordcallback.username_ TOKEN) {//Key mode Username_tokEnif (!passwords.containskey (identifier)) {try {throw new wssecurityexception ("User not match-" +identifier);} catch (Wssecurityexception e) {e.printstacktrace ();}} Username Token pwd...//▲ Here The value must be the same value as the client set, from the cxf2.4.x after the check to CXF internal implementation of the check, do not have to compare password is the same//please refer to:/http cxf.apache.org/docs/24-migration-guide.html runtime//Changes Fragment Pc.setpassword (Passwords.get (identifier));//▲ " This is very important "▲//▲ps if it differs from the client will throw org.apache.ws.security.wssecurityexception://the//security token could not being authenticated or//authorized exception, the server will assume that the client is illegally calling}else if (usage = = wspasswordcallback.signature) {//Key mode Signatureif (! Passwords.containskey (identifier)) {try {throw new wssecurityexception ("User not match-" +identifier); catch (Wssecurityexception e) {e.printstacktrace ();}} Set the password for client's keystore.keypassword//▲ the value here must be the same as the value set by the client, change from cxf2.4.x to CXF internal implementation check, do not have to compare password is the same ;//Please refer to: Http://cxf.apache.org/docs/24-migration-guide.html's runtime//changes fragment Pc.setpassword (Passwords.get ( identifier));///▲ "very important here" ▲//▲ps: If different from the client will be thrown org.apache.ws.security.wssecurityexception:the//security token could not be Authenticated or//authorized exception, the server will consider the client to be an illegal call}}}

3. Spring configuration file

<?xml version= "1.0" encoding= "UTF-8"? ><beans xmlns= "Http://www.springframework.org/schema/beans" xmlns:p= "http://www.springframework.org/schema/p" xmlns:xsi= "Http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws= " Http://cxf.apache.org/jaxws "xsi:schemalocation=" http://www.springframework.org/schema/beanshttp:// www.springframework.org/schema/beans/spring-beans-3.0.xsdhttp://cxf.apache.org/jaxwshttp://cxf.apache.org/ Schemas/jaxws.xsd "><import resource=" Classpath:/meta-inf/cxf/cxf.xml "/><import resource=" classpath:/ Meta-inf/cxf/cxf-servlet.xml "/><import resource=" Classpath:/meta-inf/cxf/cxf-extension-soap.xml "/> < !--Security Validation Filter--><bean id= "Exampleserviceinterceptor" class= " Com.ekservice.interceptor.ExampleServiceInterceptor "></bean><!--Interface Implementation class--><bean id=" Exampleserviceimpl "class=" Com.ekservice.impl.ExampleServiceImpl "/> <!--Publishing interface SPRING+CXF--<j Axws:endpoint implementor= "#exampleServiceImpl" address= "/exampleservice" > <!--Add security validation filters to the interface-- <jaxws:ininterceptors><bean class= "org.a Pache.cxf.interceptor.LoggingInInterceptor "/><!--This place does not know why, wasting my precious time, Official documents said cxf2.0.x need to add this filter, 2.1.x and later version can not add, but I use is CXF2.7.7 not add saajininterceptor filter error--><bean class= " Org.apache.cxf.binding.soap.saaj.SAAJInInterceptor "/><bean id=" Wss4jininterceptor "class=" Org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor "><constructor-arg><map><entry key=" action "Value=" UsernameToken "></entry><entry key=" Passwordtype "value=" Passwordtext "></entry><! --Set the password type to encrypt <entry key= "Passwordtype" value= "Passworddigest"/>--><entry key= "Passwordcallbackclass" Value= "Com.ekservice.interceptor.ExampleServiceInterceptor" ></entry></map></constructor-arg ></bean></jaxws:ininterceptors><jaxws:outinterceptors><bean class= " Org.apache.cxf.interceptor.LoggingOutIntercEptor "/></jaxws:outinterceptors></jaxws:endpoint></beans> 

4, User.java

Package Com.ek.entry.user;import java.io.serializable;import java.util.date;/** * @ Pack Name Ek.entry.user.po * @ file name User.java * @ VERSION V 1.0 */public class User implements serializable{private static final long serialversionuid = 1l;private int ID;PR Ivate string username;//user name private string password;//password private string address;private string Mobilephone;private Date entrytime;//input Time Private date updatetime;//update time private string entryuserid;//input person Idprivate string validflag;// Valid identity private Integer access;/** * @return the UserName */public String getusername () {return userName;} /** * @param userName the userName to set */public void Setusername (String userName) {this.username = UserName;} /** * @return The PassWord */public String GetPassword () {return passWord;} /** * @param passWord the PassWord to set */public void SetPassword (String passWord) {This.password = PassWord;} Public String getaddress () {return address;} public void setaddress (String address) {this.address = address;} Public String GetmobilePhone () {return mobilephone;} public void Setmobilephone (String mobilephone) {this.mobilephone = Mobilephone;} public static long Getserialversionuid () {return serialversionuid;} /** * @return The Entrytime */public Date getentrytime () {return entrytime;} /** * @param entrytime the entrytime to set */public void Setentrytime (Date entrytime) {this.entrytime = Entrytime;} /** * @return The UpdateTime */public Date getupdatetime () {return updatetime;} /** * @param updatetime the updatetime to set */public void Setupdatetime (Date updatetime) {this.updatetime = UpdateTime;} /** * @return The Entryuserid */public String Getentryuserid () {return entryuserid;} /** * @param entryuserid the Entryuserid to set */public void Setentryuserid (String entryuserid) {This.entryuserid = entry UserId;} /** * @return The Validflag */public String Getvalidflag () {return validflag;} /** * @param validflag the validflag to set */public void Setvalidflag (String validflag) {this.validflag = Validflag;} /** * @return The ID*/public int getId () {return ID;} /** * @param id The ID to set */public void setId (int id) {this.id = ID;} Public User () {super (); this.entrytime = new Date (); this.updatetime = new Date (); This.validflag = "1";} /** * @return The Access */public Integer getaccess () {return access;} /** * @param access the access to set */public void Setaccess (Integer access) {this.access = Access;}}

At this point, the server-side development is complete, start Tomcat to access the interface, HTTP://LOCALHOST:8080/JEEEK-DP/SERVICES/EXAMPLESERVICE?WSDL

Client:

1, using the Wsdl2java command to generate the client code, only to keep the generated JavaBean and interface can, the other files can be all deleted, I left the file.

2, write the Client interface access authentication interceptor, just make sure the user name password is the same as the server (I understand), the code:

Package Com.ek.client.interceptor;import Java.io.ioexception;import Java.util.hashmap;import java.util.Map;import Javax.security.auth.callback.callback;import Javax.security.auth.callback.callbackhandler;import Javax.security.auth.callback.unsupportedcallbackexception;import Org.apache.ws.security.WSPasswordCallback; Import org.apache.ws.security.wssecurityexception;/** * @author * class description */public class Exampleserviceclientinterceptor IM Plements callbackhandler{private map<string, string> passwords = new hashmap<string, String> ();p ublic Exampleserviceclientinterceptor () {passwords.put ("admin", "password");} public void handle (callback[] callbacks) throws ioexception,unsupportedcallbackexception {for (int i = 0; I < callbacks . length; i++) {Wspasswordcallback pc = (wspasswordcallback) callbacks[i]; String identifier = Pc.getidentifier (); int usage = Pc.getusage (); if (usage = = Wspasswordcallback.username_token) {//Key mode USERNAME_TOKENSystem.out.println (Passwords.containskey (IdenTifier) + "=" +passwords.get (identifier) + "-" +identifier); if (!passwords.containskey (identifier)) {try {throw new Wssecurityexception ("User not match-" +identifier);} catch (Wssecurityexception e) {e.printstacktrace ();}} Pc.setpassword (Passwords.get (identifier));////▲ "very important here" ▲}else if (usage = = wspasswordcallback.signature) {// Key Mode Signatureif (!passwords.containskey (identifier)) {try {throw new wssecurityexception ("User not match-" +identifier );} catch (Wssecurityexception e) {e.printstacktrace ();}} Pc.setpassword (Passwords.get (identifier))////▲ "very important Here" ▲}}}

3. Client configuration file

<?xml version= "1.0" encoding= "UTF-8"? ><beans xmlns= "Http://www.springframework.org/schema/beans" xmlns: Xsi= "Http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws= "Http://cxf.apache.org/jaxws" xsi:schemalocation= "  Http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd Http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd "><bean id=" Exampleserviceclientinterceptor "class=" Com.ek.client.interceptor.ExampleServiceClientInterceptor "></bean ><jaxws:client id= "service" address= "Http://localhost:8080/jeeek-dp/services/ExampleService" serviceclass= " Com.ek.client.services.example.ExampleService "><jaxws:outInterceptors> <bean class=" Org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor "></bean><bean id=" Wss4joutinterceptor "class=" Org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor "><constructor-arg><map><entry key=" Action "value=" UsernameToken "/><Entry key= "Passwordtype" value= "Passwordtext"/><entry key= "user" value= "admin"/><!--<entry key= " MustUnderstand "value=" false "></entry>--><entry key=" passwordcallbackref "><ref bean=" Exampleserviceclientinterceptor "/></entry></map></constructor-arg></bean></jaxws :outinterceptors></jaxws:client></beans>

4. Client call Interface:

Package Com.ek.client.call;import Org.springframework.context.support.classpathxmlapplicationcontext;import Com.ek.client.services.example.exampleservice;import com.ek.client.services.example.user;/**  * @author  * Class Description  */public class Exampleserviceclient {public static void main (string[] args) {Classpathxmlapplicationcontext ctx = new Classpathxmlapplicationcontext ("Spring-cxf-client.xml"); Exampleservice es = (exampleservice) ctx.getbean ("service"); User u = es.getstr ("SSSs"); System.out.println (u.getaddress);}}

The entire project package directory structure is not, the configuration file to create a new src file inside can be, or directly into the SRC directory.

Because the whole thing took a lot of time to sit down and record.

Share!

Cxf+ws-security+spring WebService Server-side + client and attention issues