简单的WebService 拦截器进行身份验证

服务端新增一个 获得请求的拦截器

import java.util.List;

import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/**
 * In拦截器
 * @author lin
 *
 */
class AuthInterceptor extends AbstractPhaseInterceptor
{
    public AuthInterceptor()
    {
        //显示调用父类的构造器，在发送消息之前调用，in拦截器
        super(Phase.PRE_INVOKE);
    }


    @Override
    public void handleMessage(SoapMessage msg) throws Fault
    {
        // 得到soap消息的所有header消息
        List
 headers = msg.getHeaders();
        if (headers.size() < 1 || headers.isEmpty())
        {
            throw new Fault(new IllegalArgumentException("没有header"));
        }

        for(Header header:headers){
            Element element= (Element) header.getObject();
            NodeList userId = element.getElementsByTagName("userId");
            String user = userId.item(0).getTextContent();
            if(user==null){
                throw new Fault(new IllegalArgumentException("用户名格式不正确"));
            }
            if(!"aa".equals(user)){
                throw new Fault(new IllegalArgumentException("用户名不正确"));
            }
            NodeList passId = element.getElementsByTagName("userPass");
            String pass = passId.item(0).getTextContent();
            if(pass==null){
                throw new Fault(new IllegalArgumentException("密码格式不正确"));
            }
            if(!"123".equals(pass)){
                throw new Fault(new IllegalArgumentException("密码不正确"));
            }
        }
    }


}

服务端进行发布：endpoint.publish(),同时新增拦截器

import javax.xml.ws.Endpoint;

import org.apache.cxf.jaxws.EndpointImpl;
import org.apache.cxf.phase.Phase;

public class Server {

    protected Server() throws Exception {
        // START SNIPPET: publish
        System.out.println("Starting Server");
        HelloServiceImpl implementor = new HelloServiceImpl();
        String address = "http://localhost:8111/helloWorld";

        //有header 身份验证
        EndpointImpl publish =(EndpointImpl) Endpoint.publish(address, implementor);
        publish.getInInterceptors().add(new AuthInterceptor());

        //无header 验证
//        Endpoint.publish(address, implementor);
    }

    public static void main(String[] args) throws Exception {
        new Server();
        System.out.println("Server ready...");

    }
}

 

java 客户端访问新增out 拦截器 

import javax.xml.namespace.QName;

import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/**
 * soap消息分两部分，第一部分Header中携带身份等信息，第二部分body里面携带具体的操作信息
 * AbstractPhaseInterceptor中的SoapMessage就是操作其Header信息，
 * 在Header中添加身份信息。
 * @author xushuai
 *    Out拦截器
 */
class AddHeaderInterceptor extends AbstractPhaseInterceptor
{

	private String userId;
	private String pwd;

	public AddHeaderInterceptor(String userid, String pwd)
	{
		// 准备发送消息的时候启用该拦截器
		super(Phase.PREPARE_SEND);
		this.pwd = pwd;
		this.userId = userid;
	}

	@Override
	public void handleMessage(SoapMessage mgs) throws Fault
	{
		List
 headers = mgs.getHeaders();

		Document doc = DOMUtils.createDocument();
		/**
		 * 
		 *    
		 *    
		 * 
		 */
		Element ele = doc.createElement("authElement");
		Element useridEle = doc.createElement("userId");
		useridEle.setTextContent(userId);
		Element pwdEle = doc.createElement("userPass");
		pwdEle.setTextContent(pwd);

		ele.appendChild(useridEle);
		ele.appendChild(pwdEle);
		System.err.println(ele.getTagName());
		headers.add(new Header(new QName("web"),ele));
	}

}

 

Soap格式访问：

   
   	
	   	aa
	   	123
   	
   
   
      
         
         2