觉得用soapHeader来控制访问比较简单，特贴出代码以供大家分享

研究webservice有一段时间了，觉得用soapHeader来控制访问比较简单，特贴出代码以供大家分享

1.我们可以做一个很简单的ws测试，服务端的接口代码如下：

Java代码
package ws;
//Generated by MyEclipse

public interface HelloWord {
public String example(String message);

}

package ws;
//Generated by MyEclipse

public interface HelloWord {
public String example(String message);

}

实现类：

Java代码
package ws.impl;

import ws.HelloWord;
public class HelloWordImpl implements HelloWord {

public String example(String message) {
System.out.println(message);
return message;
}
}

package ws.impl;

import ws.HelloWord;
public class HelloWordImpl implements HelloWord {

public String example(String message) {
System.out.println(message);
return message;
}
} 服务端的验证类：

Java代码
import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;
public class AuthenticationHandler extends AbstractHandler{

public void invoke(MessageContext cfx) throws Exception{
if(cfx.getInMessage().getHeader() == null)
{
throw new org.codehaus.xfire.fault.XFireFault("请求必须包含验证信息",org.codehaus.xfire.fault.XFireFault.SENDER);
}
Element token=cfx.getInMessage().getHeader().getChild("AuthenticationToken");
if (token == null)
{
throw new org.codehaus.xfire.fault.XFireFault("请求必须包含身份验证信息", org.codehaus.xfire.fault.XFireFault.SENDER);
}
String username = token.getChild("Username").getValue();
String password = token.getChild("Password").getValue();
try
{
//进行身份验证 ，只有test@test的用户为授权用户
if(username.equals("test") && password.equals("test"))
System.out.println("身份验证通过");
else throw new Exception();
}
catch (Exception e)
{
throw new org.codehaus.xfire.fault.XFireFault("非法的用户名和密码", org.codehaus.xfire.fault.XFireFault.SENDER);
}
}
}

import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;
public class AuthenticationHandler extends AbstractHandler{

public void invoke(MessageContext cfx) throws Exception{
if(cfx.getInMessage().getHeader() == null)
{
throw new org.codehaus.xfire.fault.XFireFault("请求必须包含验证信息",org.codehaus.xfire.fault.XFireFault.SENDER);
}
Element token=cfx.getInMessage().getHeader().getChild("AuthenticationToken");
if (token == null)
{
throw new org.codehaus.xfire.fault.XFireFault("请求必须包含身份验证信息", org.codehaus.xfire.fault.XFireFault.SENDER);
}
String username = token.getChild("Username").getValue();
String password = token.getChild("Password").getValue();
try
{
//进行身份验证 ，只有test@test的用户为授权用户
if(username.equals("test") && password.equals("test"))
System.out.println("身份验证通过");
else throw new Exception();
}
catch (Exception e)
{
throw new org.codehaus.xfire.fault.XFireFault("非法的用户名和密码", org.codehaus.xfire.fault.XFireFault.SENDER);
}
}
}

这样服务端的任务就算完成，客户端调用是也需要一个授权信息，如下：

Java代码
import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;

public class ClientAuthenticationHandler extends AbstractHandler{

private String username = null;
private String password = null;

public ClientAuthenticationHandler() { }

public ClientAuthenticationHandler(String username,String password) {
this.username = username;
this.password = password;
}

public void setUsername(String username) {
this.username = username;
}

public void setPassword(String password) {
this.password = password;

}

public void invoke(MessageContext context) throws Exception {

//为SOAP Header构造验证信息
Element el = new Element("header");
context.getOutMessage().setHeader(el);
Element auth = new Element("AuthenticationToken");
Element username_el = new Element("Username");
username_el.addContent(username);
Element password_el = new Element("Password");
password_el.addContent(password);
auth.addContent(username_el);
auth.addContent(password_el);
el.addContent(auth);
}
}

import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;

public class ClientAuthenticationHandler extends AbstractHandler{

private String username = null;
private String password = null;

public ClientAuthenticationHandler() { }

public ClientAuthenticationHandler(String username,String password) {
this.username = username;
this.password = password;
}

public void setUsername(String username) {
this.username = username;
}

public void setPassword(String password) {
this.password = password;

}

public void invoke(MessageContext context) throws Exception {

//为SOAP Header构造验证信息
Element el = new Element("header");
context.getOutMessage().setHeader(el);
Element auth = new Element("AuthenticationToken");
Element username_el = new Element("Username");
username_el.addContent(username);
Element password_el = new Element("Password");
password_el.addContent(password);
auth.addContent(username_el);
auth.addContent(password_el);
el.addContent(auth);
}
}

然后就是客户端的调用了，其代码如下

Java代码
import java.net.URL;
public class HelloWorkClient {

public static void main(String[] args) throws Exception {
String wsdlUrl="http://127.0.0.1:8080/testWS/services/helloWord?wsdl";
org.codehaus.xfire.client.Client client = new org.codehaus.xfire.client.Client(new URL(wsdlUrl));
client.addOutHandler(new ClientAuthenticationHandler("abcd","1234"));
Object[] obj = client.invoke("example",new Object[]{"调用成功"});
System.out.println(obj[0]);

}
}

import java.net.URL;
public class HelloWorkClient {

public static void main(String[] args) throws Exception {
String wsdlUrl="http://127.0.0.1:8080/testWS/services/helloWord?wsdl";
org.codehaus.xfire.client.Client client = new org.codehaus.xfire.client.Client(new URL(wsdlUrl));
client.addOutHandler(new ClientAuthenticationHandler("abcd","1234"));
Object[] obj = client.invoke("example",new Object[]{"调用成功"});
System.out.println(obj[0]);

}
}client.addOutHandler表示客户端调用服务端的验证码，你如果没有这行则无法调用，另外就是service.xml的配置文件必须要配置soapHeader，代码如下：

Xml代码

helloWord
ws.HelloWord
ws.impl.HelloWordImpl




literal
application



helloWord
ws.HelloWord
ws.impl.HelloWordImpl




literal
application



这样，一个完整的测试权限的例子就算完成了。