AXIS2 Study notes: User identity authentication

Note: User authentication here is not based on the authentication of the certificate system, if you need to authenticate through the certificate system, use Rampart.

User identity authentication is a lot of business systems must have the function, WebService also, after I these days study, found that Axis2 security module Rampart does not support business-based user authentication, can only be certificate-based identity authentication, and in many cases, We need to be based on the identity of business users, and even need to integrate with CAs, Shiro and other security frameworks, Rampart module will not be useful. And the individual handler, after I actually test, after adding, the client can not call the service directly, fortunately Axis2 provides the module extension, we can write our own extension module to achieve this function.

Needless to say, now let's start our own authentication based on business users. To implement this function, we need to do three things: 1, to implement an extension module based on the authentication of business users, 2, load the extension module on the server, 3, add identity information to the SOAP header when the client calls.

One, the realization of the business user-based Identity authentication extension Module

This is a good implementation, first of all, we need to create a new common Java project, new two classes, one is the module and the other is handler. The module class must implement the Org.apache.axis2.modules.Module interface, without having to implement any interface methods specifically, unless your extension has initialization and destruction operations. This is required by the AXIS2 architecture.

The handler class must inherit the Org.apache.axis2.handlers.AbstractHandler base class. Implement the Invoke method, and the specific user authentication logic is implemented in this method.
Public Invocationresponse Invoke (Messagecontext arg0) throws Axisfault {
Checkuserpwd (arg0);
return invocationresponse.continue;
}

Next, we need to write module.xml to show axis2 what the implementation of our extended module is. This file requires us to create a new Meta-inf folder under the SRC directory and place this file under the Meta-inf folder.

<module name= "Logging" class= "Com.dbw.checker.UserCheckModule" > <InFlow> In Module.xml, in addition to <InFlow>, there are <OutFlow>,<Infaultflow> and <Outfaultflow, respectively, corresponding to the in, out, error, error four processes, we can configure as needed, as I now need, as long as the request to enter the verification, so long as the configuration <InFlow> can.
Finally, we can export the module using the jar command or Eclipse's export jar feature, note: The Axis2 module file must have a. mar extension.
second, the use of Identity authentication module
After you have created the identity extension module, the next step is to use it. 1, willThe Mar file of the authentication module is copied to the modules directory, and if there is a models.list file in this directory, the file name of the authentication module is added in this file. 2, at the end of the Axis2.xml <InFlow> add phase, like my this for<phase name= "Usercheckphase"/>. 3, modify the Services.xml file, in the need for authentication services to reference the authentication module,<module ref= "Logging"/>. Third, invoking the service on the client
Through the above two large steps, we completed the development of the service side, we can through the Axis2 code generator function, generated for the client to invoke the stub. When we do not modify anything, we find that the call failed because the SOAP header of our client does not contain the user identity information.
1. Transformation stubs
/**
* Client adds SOAP header information
*
* @param Sfunc method Name, note case
* @param suser User Name
* @param spass Password
*/
public void Addclientsoapheader (string sfunc, String suser, string spass) {
Omelement Header = Headeromelement.createheaderomelement (
"Http://test.com", Sfunc, Suser, Spass);
_serviceclient.addheader (header);
}
2. Add user identity information to the SOAP header before invoking a specific method
Calculateservicestub client = new Calculateservicestub ();
Client.addclientsoapheader ("Sum", "Toone", "111111");
The examples in this blog post are:
Axis2 user authentication Extension Module Axis2 service-side source code, with user authentication Axis2 client Call server, with user identity authentication

AXIS2 Study notes: User identity authentication