我采用的是cxf
加密端用的 WSS4J
服务端查询数据库 信息 然后发布服务 客户端调用 服务端 实现数据保护加密服务的功能
WSS4J有三种验证方式本项目采用 最简单的一种 UsernameToken用户名密码验证
Cxf mss4j加密模块 系统集成说明:所需环境 Spring
因为cxf是非常方便与spring集成的 并且支持注解
client_Spring.xml放到src/main/resources下
<?xml version="1.0" encoding="utf-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd">
<bean id="clientPasswordCallback" class="com.prisys.ws.client.ClientPasswordCallback"></bean>
<bean id="wss4jOutInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<!-- 用户认证(明文密码) -->
<entry key="action" value="UsernameToken"/>
<entry key="user" value="client"/>
<entry key="passwordType" value="PasswordText"/>
<entry key="passwordCallbackRef" value-ref="clientPasswordCallback"/>
</map>
</constructor-arg>
</bean>
<jaxws:client id="client" address="http://localhost:9080/SOA_Server/webservice/gtinfo"
serviceClass="com.prisys.ws.service.CxfClientSOA">
<jaxws:inInterceptors>
<bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</jaxws:inInterceptors>
<jaxws:outInterceptors>
<bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
<ref bean="wss4jOutInterceptor"/>
</jaxws:outInterceptors>
</jaxws:client>
<jaxws:client id="updateFile" address="http://localhost:9080/SOA_Server/webservice/updateFile"
serviceClass="com.prisys.ws.service.CxfClientSOA">
</jaxws:client>
<!-- 对所有的服务配置超时机制 只对服务名为{http://service.ws.cxfdemo.com/}HelloWorldService的服务生效. -->
<http-conf:conduit name="*.http-conduit">
<!-- ConnectionTimeout获取连接超时 ReceiveTimeout获取结果超时-->
<http-conf:client ConnectionTimeout="15000" ReceiveTimeout="30000"/>
</http-conf:conduit>
</beans>
Pom.xml:
<!-- CXF START -->
<!-- CXF依赖 -->
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-api</artifactId>
<version>2.7.9</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>2.7.9</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-bindings-soap</artifactId>
<version>2.7.9</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>2.7.9</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>2.7.9</version>
</dependency>
<!-- CXF END -->
加密支持类 :
package com.prisys.ws.client;
import java.io.IOException;
import java.util.Date;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class ClientPasswordCallback implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback callback = (WSPasswordCallback) callbacks[0];
System.out.println(new Date());
try {
Thread.sleep(1000L);
} catch (InterruptedException e) {
e.printStackTrace();
}
callback.setPassword("这里填你自己想填的密码");
}
}
其他按照cxf正常发布模式就好了
需要源码的 进群讨论 186408628