package com.easyway.cxf.service; import javax.jws.WebParam; import javax.jws.WebService; import java.util.List; import com.easyway.cxf.model.User; /** * * 采用JaxWS发布服务 * 备注在接口中必须使用@WebService 注解否则出现错误 * * * @author longgangbai * */ @WebService public interface HelloService { /** * The @WebParam annotation is necessary as java interfaces do not store the Parameter name in the .class file. So if you leave out the annotation your parameter will be named arg0. * @param name * @return */ public String hello(@WebParam(name="text")String name); /** * Advanced usecase of passing an Interface in. JAX-WS/JAXB does not * support interfaces directly. Special XmlAdapter classes need to * be written to handle them */ public String sayHi(User user); public String[] getAllUseNames(List<User> userList); }
package com.easyway.cxf.service; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import javax.jws.WebService; import com.easyway.cxf.model.User; /** * * 采用JaxWS发布服务 * * JAX-WS includes many more annotations as well such as: * * @WebMethod - allows you to customize the operation name, exclude the operation from inclusion in the service, etc * @WebParam - allows you to customize a parameter's name, namespace, direction (IN or OUT), etc * @WebResult - allows you to customize the return value of the web service call * * @author longgangbai * */ @WebService(endpointInterface = "com.easyway.cxf.service.HelloService", serviceName = "HelloService") public class HelloServiceImpl implements HelloService { Map<Integer, User> users = new LinkedHashMap<Integer, User>(); public String hello(String username) { return "Hello " + username; } public String sayHi(User user) { users.put(users.size() + 1, user); return "Hello " + user.getUsername(); } public String[] getAllUseNames(List<User> userList) { String[] userListArr=new String[userList.size()]; for (int i=0;i<userList.size();i++) { userListArr[i]=userList.get(i).getUsername(); } return userListArr; } }
package com.easyway.cxf.security; import java.io.IOException; import java.util.HashMap; import java.util.Map; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; /** * 采用回调方法检测WS调用的安全性 * @author longgangbai * */ public class ServerPasswordHandler implements CallbackHandler{ private Map<String, String> passwords; public ServerPasswordHandler(){ passwords=new HashMap<String, String>(); passwords.put("admin", "admin"); passwords.put("test", "test"); passwords.put("userName", "password"); } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; //获取用户名 String id = pc.getIdentifier(); System.out.println("id==="+id); //获取密码 String password = pc.getPassword(); if(passwords.containsKey(id)){ if(!password.equals(passwords.get(id))){ throw new SecurityException("wrong password"); } }else{ throw new SecurityException("wrong username"); } } }
package com.easyway.cxf.security; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; /** * 客户端的验证校验代码 * @author longgangbai * */ public class ClientPasswordCallback implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; int usage = pc.getUsage(); System.out.println("identifier: " + pc.getIdentifier()); System.out.println("usage: " + pc.getUsage()); if (usage == WSPasswordCallback.USERNAME_TOKEN) { System.out.println("admin ====="); pc.setPassword("admin"); pc.setIdentifier("admin"); } } }
package com.easyway.cxf.test.client.security; import java.util.HashMap; import java.util.Map; import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor; import org.apache.cxf.jaxws.JaxWsProxyFactoryBean; import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor; import org.apache.ws.security.WSConstants; import org.apache.ws.security.handler.WSHandlerConstants; import com.easyway.cxf.security.ClientPasswordCallback; import com.easyway.cxf.service.HelloService; import com.easyway.cxf.test.server.CFX; /** * * @author longgangbai * */ public class CXFClientSecurity { public static void main(String[] args) { JaxWsProxyFactoryBean factory=new JaxWsProxyFactoryBean(); Map<String, Object> outProps = new HashMap<String, Object>(); outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN); outProps.put(WSHandlerConstants.USER, "userName"); outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName()); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); factory.getOutInterceptors().add(wssOut); factory.getOutInterceptors().add(new SAAJOutInterceptor()); factory.setServiceClass(HelloService.class); //和服务端发送路径一样的 factory.setAddress(CFX.SERVICE_ADDRESS); HelloService helloService=(HelloService)factory.create(); String msg=helloService.hello("xiaobai"); System.out.println("msg="+msg); } }
package com.easyway.cxf.test.client.security; import java.util.HashMap; import java.util.Map; import org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor; import org.apache.cxf.jaxws.JaxWsProxyFactoryBean; import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor; import org.apache.ws.security.WSConstants; import org.apache.ws.security.handler.WSHandlerConstants; import com.easyway.cxf.security.ClientPasswordCallback; import com.easyway.cxf.service.HelloService; import com.easyway.cxf.test.server.CFX; /** * * @author longgangbai * */ public class CXFClientSecurity { public static void main(String[] args) { JaxWsProxyFactoryBean factory=new JaxWsProxyFactoryBean(); Map<String, Object> outProps = new HashMap<String, Object>(); outProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME_TOKEN); outProps.put(WSHandlerConstants.USER, "userName"); outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName()); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); factory.getOutInterceptors().add(wssOut); factory.getOutInterceptors().add(new SAAJOutInterceptor()); factory.setServiceClass(HelloService.class); //和服务端发送路径一样的 factory.setAddress(CFX.SERVICE_ADDRESS); HelloService helloService=(HelloService)factory.create(); String msg=helloService.hello("xiaobai"); System.out.println("msg="+msg); } }