Java and. NET based ws-security Web Services Integration Implementation (next)

Services|web Java and. NET based ws-security Web Services Integration Implementation (next)

Rottenapple

4. Open Jbuilder9, create a new Java class, named Testnetservice. The axis-wsse-1.0 jar package is added to the JBuilder jdk (tools->configions jdks->class tab->add) code as follows:

Package mywebservicejavaclient;

Import Java.util.Date;

Import Java.text.DateFormat;

Import Org.apache.axis.MessageContext;

Import org.apache.axis.message.*;

Import org.apache.axis.client.*;

Import org.apache.axis.utils.*;

Import Javax.xml.namespace.QName;

Import Java.lang.Integer;

Import Javax.xml.rpc.ParameterMode;

Import Net.vitale.filippo.axis.handlers.WsseClientHandler;

/**

* <p>title: </p>

* <p>description: </p>

* <p>copyright:copyright (c) 2004</p>

* <p>company: </p>

* @author not attributable

* @version 1.0

*/



public class Testnetservice {

static String UsernameS = null;

static String passwords = null;

Public Testnetservice () {

}



public static void Main (string[] args) {

try {

Integer i = new Integer (2);

Integer j = new Integer (2);

String endpoint= "Http://localhost/MyServices/WebServiceTest/SumService.asmx";



Service service = new service ();

Call call = (call) Service.createcall ();



Call.settargetendpointaddress (new Java.net.URL (endpoint));

Call.setoperationname (New QName ("Http://www.contoso.com/SU", "Intadd"));

Call.addparameter ("A", org.apache.axis.encoding.xmltype.xsd_date,javax.xml.rpc.parametermode.in);

Call.addparameter ("B", org.apache.axis.encoding.xmltype.xsd_date,javax.xml.rpc.parametermode.in);

Call.setreturntype (Org.apache.axis.encoding.XMLType.XSD_INT);

Call.setusesoapaction (TRUE);

Call.setsoapactionuri ("http://www.contoso.com/Rpc");



Add a User Token

UsernameS = "username";

passwords = "Love";

Call.setusername (UsernameS);

Call.setpassword (Passwords);

Call.setproperty (Wsseclienthandler.password_option, wsseclienthandler.password_digest_with_nonce);

Call.setclienthandlers (New Wsseclienthandler (), NULL);





Integer k = (integer) call.invoke (New object[]{i,j});



SYSTEM.OUT.PRINTLN ("result is" + k.tostring () + ".");



}

catch (Org.apache.axis.AxisFault e)

{



if (E.getfaultcode (). toString (). Equals ("{http://schemas.xmlsoap.org/ws/2002/07/secext}failedauthentication"))

System.err.println ("The UsernameToken and password aren ' t right!");

else {

System.err.println (E.getfaultcode (). toString ());



}

}

catch (Exception e)

{

System.err.println (E.tostring ());

}



}



}

5. Compile and run this Java program with the following results:

The username and password aren ' t right!

As you can see, in the PasswordProvider class in Web Services, the GetPassword () method is used to return the appropriate password. In the above example, because Username= "Usename", GetPassword returns "password", and the password passed by Java is "Love", so the two do not match. The system throws an exception, we capture it in Java and display our own hints.

6. Modify some Java code and run

passwords = "Love"; Replace with passwords = "password"; recompile the run, the result is as follows:

Result is 4.

In this way, you can see that the user name and password sent by the Java client are certified in Web services and that the Intadd method is executed, returning the correct calculation results. At this point, the interconnection of a simple ws-security Java client with. Net Web Services is basically achieved.



Four: Expandable places

1. The user name of the Java side, and the password is available from the UI interface.

2. The Java end of the password transmission mode in three kinds, can be freely selected.

3. The password for the WEB service can be obtained from databases, AD, files, and so on.

4. The exception information after the validation error on the Web service side can be developed by itself.

5. You can use X.509 as a certificate to add Third-party Digital signature Authentication (currently asix-wsse1.0 not implemented)

6. Interested friends can look at the source code of axis-wsse-1.0, very simple, a file, but I look very laborious, because the call a lot of axis inside things, that I am not familiar with, so I can not see, hehe.



V: Deficiencies

1. X.509 is included in the ws-security, but there is no Java-based open source implementation. IBM's WebSphere has a corresponding implementation.

2. I personally think that this is also one of the big problems that is invoked between different platforms based on Web services is exception handling. At present, I think the best way is to record in the log. If you want to capture the exception information that is provided by different systems, it is really a difficult thing to know who has a good way. I found that there are very few articles on Web services on the Internet to introduce this aspect, perhaps everyone is unfamiliar and dare not write (out of my).