The cxf version is 2.6.1.
Java code for server callback:
Serverauthhandler. Java
Package COM. jysd. ms. entity; import Java. io. ioexception; import javax. security. auth. callback. callback; import javax. security. auth. callback. callbackhandler; import javax. security. auth. callback. unsupportedcallbackexception; import Org. apache. WS. security. wspasswordcallback; public class serverauthhandler implements callbackhandler {public void handle (callback [] callbacks) throws ioexception, unsupportedcallba Ckexception {wspasswordcallback Pc = (wspasswordcallback) callbacks [0]; If (PC. getidentifier (). equals ("jysd") {PC. setpassword ("jysdsoft"); If (! PC. GetPassword (). Equals ("jysdsoft") {system. Out. println ("Incorrect password"); throw new securityexception ("Incorrect password! ") ;}} Else {system. Out. println (" username error "); throw new securityexception (" username error! ");}}}
Server spring configuration file:
Bean. xml
<Beans xmlns = "http://www.springframework.org/schema/beans" xmlns: xsi = "http://www.w3.org/2001/XMLSchema-instance" xmlns: context = "http://www.springframework.org/schema/context" xmlns: Tx = "http://www.springframework.org/schema/tx" xmlns: AOP = "http://www.springframework.org/schema/aop" xmlns: jaxws = "http://cxf.apache.org/jaxws" xsi: schemalocation = "http://www.springframework.org/schema/beanshttp://www.springf ✓ Http://cxf.apa Che.org/schemas/jaxws.xsd "> <import resource =" classpath: META-INF/cxf. XML "/> <import resource =" classpath: META-INF/cxf/cxf-extension-soap.xml "/> <import resource =" classpath: META-INF/cxf/cxf-servlet.xml "/> <AOP: aspectj-autoproxy/> <context: component-scan base-package = "com. jysd "/> <bean id =" entitymanagerfactory "class =" org. springframework. orm. JPA. localentitymanagerfactorybean "> <property name =" PE Rsistenceunitname "value =" bjjysd "/> </bean> <bean id =" transactionmanager "class =" org. springframework. orm. JPA. jpatransactionmanager "> <property name =" entitymanagerfactory "ref =" entitymanagerfactory "/> </bean> <TX: annotation-driven transaction-Manager =" transactionmanager "/> <jaxws: endpoint id = "CSH" implementor = "com. jysd. ms. service. imp. userserviceimpl "address ="/CSH "> <! -- Configure interceptor --> <jaxws: ininterceptors> <Bean class = "org. apache. cxf. binding. soap. SAAJ. saajininterceptor "/> <Bean class =" org. apache. cxf. interceptor. loggingininterceptor "/> <! -- <Bean class = "org. web. soapheader. readsoapheader "/> --> <Bean class =" org. apache. cxf. WS. security. wss4j. wss4jininterceptor "> <constructor-Arg> <map> <Entry key =" action "value =" userNameToken "/> <Entry key =" passwordtype "value =" passwordtext "/> <entry key = "passwordcallbackclass" value = "com. jysd. ms. entity. serverauthhandler "/> </map> </constructor-Arg> </bean> </jaxws: ininterceptors> <! -- End the interceptor configuration --> </jaxws: endpoint> </beans>
Client callback Java code:
Clientauthhandler. Java
package com.jysd.ms.client;import java.io.IOException;import javax.security.auth.callback.Callback;import javax.security.auth.callback.CallbackHandler;import javax.security.auth.callback.UnsupportedCallbackException;import org.apache.ws.security.WSPasswordCallback;public class ClientAuthHandler implements CallbackHandler {public void handle(Callback[] callbacks) throws IOException,UnsupportedCallbackException {WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];int usage = pc.getUsage();System.out.println("identifier: "+pc.getIdentifier());System.out.println("usage: "+pc.getUsage());if(usage == WSPasswordCallback.USERNAME_TOKEN){pc.setPassword("jysdsoft");}}}
Client spring Configuration:
Beans. xml
<?xml version="1.0" encoding="UTF-8"?> <!-- START SNIPPET: beans --> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/spring-beans.xsdhttp://cxf.apache.org/jaxwshttp://cxf.apache.org/schema/jaxws.xsd"> <bean id="client" class="com.jysd.ms.UserService" factory-bean="clientFactory" factory-method="create"/> <bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"> <property name="address" value="http://localhost:8080/CSHServer/csh"/> <property name="serviceClass" value="com.jysd.ms.UserService"/> <property name="outInterceptors"> <list> <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"/> <!-- <bean class="org.web.soapHeader.AddSoapHeader"/> --> <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" /> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" > <constructor-arg > <map > <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="user" value="jysd" /> <entry key="passwordCallbackRef" value="com.jysd.ms.entity.ClientAuthHandler" /> </map> </constructor-arg> </bean> </list> </property> </bean> </beans>
<?xml version="1.0" encoding="UTF-8"?> <!-- START SNIPPET: beans --> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/spring-beans.xsdhttp://cxf.apache.org/jaxwshttp://cxf.apache.org/schema/jaxws.xsd"> <bean id="client" class="com.jysd.ms.UserService" factory-bean="clientFactory" factory-method="create"/> <bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"> <property name="address" value="http://localhost:8080/CSHServer/csh"/> <property name="serviceClass" value="com.jysd.ms.UserService"/> <property name="outInterceptors"> <list> <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor"/> <!-- <bean class="org.web.soapHeader.AddSoapHeader"/> --> <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" /> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" > <constructor-arg > <map > <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="user" value="jysd" /> <entry key="passwordCallbackRef" value="com.jysd.ms.entity.ClientAuthHandler" /> </map> </constructor-arg> </bean> </list> </property> </bean> </beans>
Client running:
package com.jysd.ms.client;import java.util.HashMap;import java.util.Map;import org.apache.cxf.jaxws.JaxWsProxyFactoryBean;import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;import org.springframework.context.ApplicationContext;import org.springframework.context.support.ClassPathXmlApplicationContext;import com.jysd.ms.UserInfo;import com.jysd.ms.UserService;@SuppressWarnings("all")public class Client {public static void main(String[] args) { ApplicationContext context=new ClassPathXmlApplicationContext("beans.xml"); UserService us=(UserService) context.getBean("client"); String name = us.getName(new Integer(1)); System.out.println("id=1, name="+name); } }
When wss4joutinterceptor is not configured, the main method can be run and printed, and the browser can access and return information.
After wss4joutinterceptor is configured, the browser can also access and return information. However, when the main method is run and an exception is reported, the Exception Code is as follows:
Warning interceptor for {http://service.ms.jysd.com/?userserviceservice=#http://service.ms.jysd.com/#getname has thrown exception, unwinding now
Java. Lang. classcastexception: Java. Lang. String cannot be cast to javax. Security. Auth. Callback. callbackhandler
At org. Apache. ws. Security. handler. wshandler. getcallbackhandler (wshandler. Java: 858)
At org. Apache. ws. Security. handler. wshandler. getpasswordcallbackhandler (wshandler. Java: 879)
At org.apache.ws.security.action.usernametokenaction.exe cute (usernametokenaction. Java: 35)
At org. Apache. ws. Security. handler. wshandler. dosenderaction (wshandler. Java: 202)
At org. Apache. cxf. ws. Security. wss4j. wss4joutinterceptor. acc$ 200 (wss4joutinterceptor. Java: 52)
At org. Apache. cxf. ws. Security. wss4j. wss4joutinterceptor $ wss4joutinterceptorinternal. handlemessage (wss4joutinterceptor. Java: 260)
At org. Apache. cxf. ws. Security. wss4j. wss4joutinterceptor $ wss4joutinterceptorinternal. handlemessage (wss4joutinterceptor. Java: 136)
At org. Apache. cxf. phase. phaseinterceptorchain. dointercept (phaseinterceptorchain. Java: 262)
At org. Apache. cxf. endpoint. clientimpl. doinvoke (clientimpl. Java: 532)
At org. Apache. cxf. endpoint. clientimpl. Invoke (clientimpl. Java: 464)
At org. Apache. cxf. endpoint. clientimpl. Invoke (clientimpl. Java: 367)
At org. Apache. cxf. endpoint. clientimpl. Invoke (clientimpl. Java: 320)
At org. Apache. cxf. frontend. clientproxy. invokesync (clientproxy. Java: 89)
At org. Apache. cxf. jaxws. jaxwsclientproxy. Invoke (jaxwsclientproxy. Java: 134)
At $ proxy39.getname (unknown source)
At com. jysd. Ms. Client. Client. Main (client. Java: 27)
Exception in thread "Main" javax. xml. ws. Soap. soapfaultexception: Java. Lang. String cannot be cast to javax. Security. Auth. Callback. callbackhandler
At org. Apache. cxf. jaxws. jaxwsclientproxy. Invoke (jaxwsclientproxy. Java: 156)
At $ proxy39.getname (unknown source)
At com. jysd. Ms. Client. Client. Main (client. Java: 27)
Caused by: Java. Lang. classcastexception: Java. Lang. String cannot be cast to javax. Security. Auth. Callback. callbackhandler
At org. Apache. ws. Security. handler. wshandler. getcallbackhandler (wshandler. Java: 858)
At org. Apache. ws. Security. handler. wshandler. getpasswordcallbackhandler (wshandler. Java: 879)
At org.apache.ws.security.action.usernametokenaction.exe cute (usernametokenaction. Java: 35)
At org. Apache. ws. Security. handler. wshandler. dosenderaction (wshandler. Java: 202)
At org. Apache. cxf. ws. Security. wss4j. wss4joutinterceptor. acc$ 200 (wss4joutinterceptor. Java: 52)
At org. Apache. cxf. ws. Security. wss4j. wss4joutinterceptor $ wss4joutinterceptorinternal. handlemessage (wss4joutinterceptor. Java: 260)
At org. Apache. cxf. ws. Security. wss4j. wss4joutinterceptor $ wss4joutinterceptorinternal. handlemessage (wss4joutinterceptor. Java: 136)
At org. Apache. cxf. phase. phaseinterceptorchain. dointercept (phaseinterceptorchain. Java: 262)
At org. Apache. cxf. endpoint. clientimpl. doinvoke (clientimpl. Java: 532)
At org. Apache. cxf. endpoint. clientimpl. Invoke (clientimpl. Java: 464)
At org. Apache. cxf. endpoint. clientimpl. Invoke (clientimpl. Java: 367)
At org. Apache. cxf. endpoint. clientimpl. Invoke (clientimpl. Java: 320)
At org. Apache. cxf. frontend. clientproxy. invokesync (clientproxy. Java: 89)
At org. Apache. cxf. jaxws. jaxwsclientproxy. Invoke (jaxwsclientproxy. Java: 134)
... 2 more
Which of the following experts can give you some advice?