Java6(一) WebServices (8)Web Service Security
今天把以前写的java6 web service Security的例子拿出来跑一跑,想整理一下写篇文章。结果发现代码不能跑了。
代码如下
--------------------------------------server--------------------------------------------------------
package
publish;
import java.util.LinkedList;
import java.util.List;
import javax.xml.ws.Binding;
import javax.xml.ws.Endpoint;
import javax.xml.ws.handler.Handler;
import security.SecurityHandler;
import service.SecurityHello;
public class SecturityPublishApplication {
/**
* @param args
*/
public static void main(String[] args) {
// wsimport -keep http://127.0.0.1 :8088/SecurityHello?wsdl
System.out.println( " 准备启动服务 " );
Endpoint endpoint = Endpoint.publish( " http://127.0.0.1:8088/SecurityHello " , new SecurityHello());
Binding binding = endpoint.getBinding();
List < Handler > handlerChain = new LinkedList < Handler > ();
handlerChain.add( new SecurityHandler());
binding.setHandlerChain(handlerChain);
System.out.println( " 服务启动完毕 " );
}
}
import java.util.LinkedList;
import java.util.List;
import javax.xml.ws.Binding;
import javax.xml.ws.Endpoint;
import javax.xml.ws.handler.Handler;
import security.SecurityHandler;
import service.SecurityHello;
public class SecturityPublishApplication {
/**
* @param args
*/
public static void main(String[] args) {
// wsimport -keep http://127.0.0.1 :8088/SecurityHello?wsdl
System.out.println( " 准备启动服务 " );
Endpoint endpoint = Endpoint.publish( " http://127.0.0.1:8088/SecurityHello " , new SecurityHello());
Binding binding = endpoint.getBinding();
List < Handler > handlerChain = new LinkedList < Handler > ();
handlerChain.add( new SecurityHandler());
binding.setHandlerChain(handlerChain);
System.out.println( " 服务启动完毕 " );
}
}
package org.hermit.study.jdk.shello;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
/**
* This class was generated by the JAXWS SI.
* JAX-WS RI 2.0_02-b08-fcs
* Generated source version: 2.0
*
*/
@WebService(name = " SecurityHello " , targetNamespace = " http://jdk.study.hermit.org/shello " )
@SOAPBinding(style = SOAPBinding.Style.RPC)
public interface SecurityHello {
/**
*
* @param arg0
* @return
* returns java.lang.String
*/
@WebMethod
@WebResult(partName = " return " )
public String sayHello(
@WebParam(name = " arg0 " , partName = " arg0 " )
String arg0);
}
package org.hermit.study.jdk.shello;
import java.net.MalformedURLException;
import java.net.URL;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import javax.xml.ws.WebEndpoint;
import javax.xml.ws.WebServiceClient;
/**
* This class was generated by the JAXWS SI.
* JAX-WS RI 2.0_02-b08-fcs
* Generated source version: 2.0
*
*/
@WebServiceClient(name = " SecurityHelloService " , targetNamespace = " http://jdk.study.hermit.org/shello " , wsdlLocation = " http://127.0.0.1:8088/SecurityHello?wsdl " )
public class SecurityHelloService
extends Service
{
private final static URL SECURITYHELLOSERVICE_WSDL_LOCATION;
static {
URL url = null ;
try {
url = new URL( " http://127.0.0.1:8088/SecurityHello?wsdl " );
} catch (MalformedURLException e) {
e.printStackTrace();
}
SECURITYHELLOSERVICE_WSDL_LOCATION = url;
}
public SecurityHelloService(URL wsdlLocation, QName serviceName) {
super (wsdlLocation, serviceName);
}
public SecurityHelloService() {
super (SECURITYHELLOSERVICE_WSDL_LOCATION, new QName( " http://jdk.study.hermit.org/shello " , " SecurityHelloService " ));
}
/**
*
* @return
* returns SecurityHello
*/
@WebEndpoint(name = " SecurityHelloPort " )
public SecurityHello getSecurityHelloPort() {
return (SecurityHello) super .getPort( new QName( " http://jdk.study.hermit.org/shello " , " SecurityHelloPort " ), SecurityHello. class );
}
}
user-pass-authenticate-server.xml
<!--
Copyright 2004 Sun Microsystems, Inc. All rights reserved.
SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
-->
< xwss:SecurityConfiguration xmlns:xwss ="http://java.sun.com/xml/ns/xwss/config" dumpMessages ="true" >
< xwss:RequireUsernameToken passwordDigestRequired ="true" />
</ xwss:SecurityConfiguration >
Copyright 2004 Sun Microsystems, Inc. All rights reserved.
SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
-->
< xwss:SecurityConfiguration xmlns:xwss ="http://java.sun.com/xml/ns/xwss/config" dumpMessages ="true" >
< xwss:RequireUsernameToken passwordDigestRequired ="true" />
</ xwss:SecurityConfiguration >
/*
* SecurityHandler.java
*
* Created on March 26, 2007, 12:58 PM
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package security;
import java.io.File;
import java.io.FileInputStream;
import java.util.Set;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.SubjectAccessor;
import com.sun.xml.wss.XWSSProcessor;
import com.sun.xml.wss.XWSSProcessorFactory;
import com.sun.xml.wss.XWSSecurityException;
/**
*
* Kumar Jayanti
*/
public class SecurityHandler implements SOAPHandler < SOAPMessageContext > {
XWSSProcessor sprocessor = null ;
XWSSProcessor cprocessor = null ;
public SecurityHandler() {
FileInputStream serverConfig = null ;
try {
serverConfig = new FileInputStream( new File( " ./src/publish/user-pass-authenticate-server.xml " ));
XWSSProcessorFactory factory = XWSSProcessorFactory.newInstance();
sprocessor = factory.createProcessorForSecurityConfiguration(serverConfig, new SecurityEnvironmentHandler( " server " ));
serverConfig.close();
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
public Set < QName > getHeaders() {
return null ;
}
public boolean handleFault(SOAPMessageContext messageContext) {
return true ;
}
public boolean handleMessage(SOAPMessageContext messageContext) {
secureServer(messageContext);
return true ;
}
public void close(MessageContext messageContext) {
}
private void secureServer(SOAPMessageContext messageContext) {
Boolean outMessageIndicator = (Boolean) messageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
SOAPMessage message = messageContext.getMessage();
if (outMessageIndicator.booleanValue()) {
return ;
} else {
try {
ProcessingContext context = sprocessor.createProcessingContext(message);
context.getExtraneousProperties().putAll(messageContext);
context.setSOAPMessage(message);
SOAPMessage verifiedMsg = sprocessor.verifyInboundMessage(context);
messageContext.setMessage(verifiedMsg);
} catch (XWSSecurityException ex) {
ex.printStackTrace();
throw new WebServiceException(ex);
} catch (Exception ex) {
ex.printStackTrace();
throw new WebServiceException(ex);
}
}
}
}
* SecurityHandler.java
*
* Created on March 26, 2007, 12:58 PM
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package security;
import java.io.File;
import java.io.FileInputStream;
import java.util.Set;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.SubjectAccessor;
import com.sun.xml.wss.XWSSProcessor;
import com.sun.xml.wss.XWSSProcessorFactory;
import com.sun.xml.wss.XWSSecurityException;
/**
*
* Kumar Jayanti
*/
public class SecurityHandler implements SOAPHandler < SOAPMessageContext > {
XWSSProcessor sprocessor = null ;
XWSSProcessor cprocessor = null ;
public SecurityHandler() {
FileInputStream serverConfig = null ;
try {
serverConfig = new FileInputStream( new File( " ./src/publish/user-pass-authenticate-server.xml " ));
XWSSProcessorFactory factory = XWSSProcessorFactory.newInstance();
sprocessor = factory.createProcessorForSecurityConfiguration(serverConfig, new SecurityEnvironmentHandler( " server " ));
serverConfig.close();
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
public Set < QName > getHeaders() {
return null ;
}
public boolean handleFault(SOAPMessageContext messageContext) {
return true ;
}
public boolean handleMessage(SOAPMessageContext messageContext) {
secureServer(messageContext);
return true ;
}
public void close(MessageContext messageContext) {
}
private void secureServer(SOAPMessageContext messageContext) {
Boolean outMessageIndicator = (Boolean) messageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
SOAPMessage message = messageContext.getMessage();
if (outMessageIndicator.booleanValue()) {
return ;
} else {
try {
ProcessingContext context = sprocessor.createProcessingContext(message);
context.getExtraneousProperties().putAll(messageContext);
context.setSOAPMessage(message);
SOAPMessage verifiedMsg = sprocessor.verifyInboundMessage(context);
messageContext.setMessage(verifiedMsg);
} catch (XWSSecurityException ex) {
ex.printStackTrace();
throw new WebServiceException(ex);
} catch (Exception ex) {
ex.printStackTrace();
throw new WebServiceException(ex);
}
}
}
}
package
security;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.ws.BindingProvider;
import com.sun.xml.wss.impl.callback.PasswordCallback;
import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
import com.sun.xml.wss.impl.callback.UsernameCallback;
public class SecurityEnvironmentHandler implements CallbackHandler {
private static final UnsupportedCallbackException unsupported = new UnsupportedCallbackException( null ,
" Unsupported Callback Type Encountered " );
public SecurityEnvironmentHandler(String arg) {
}
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for ( int i = 0 ; i < callbacks.length; i ++ ) {
if (callbacks[i] instanceof PasswordValidationCallback) {
PasswordValidationCallback cb = (PasswordValidationCallback) callbacks[i];
if (cb.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
cb.setValidator( new PlainTextPasswordValidator());
}
else if (cb.getRequest() instanceof PasswordValidationCallback.DigestPasswordRequest) {
PasswordValidationCallback.DigestPasswordRequest request = (PasswordValidationCallback.DigestPasswordRequest) cb
.getRequest();
String username = request.getUsername();
if ( " hermit " .equals(username)) {
request.setPassword( " hermit " );
cb.setValidator( new PasswordValidationCallback.DigestPasswordValidator());
}
}
} else if (callbacks[i] instanceof UsernameCallback) {
UsernameCallback cb = (UsernameCallback) callbacks[i];
String username = (String) cb.getRuntimeProperties().get(BindingProvider.USERNAME_PROPERTY);
System.out.println( " Got Username![]()
![]()
![]()
:
"
+
username);
cb.setUsername(username);
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback cb = (PasswordCallback) callbacks[i];
String password = (String) cb.getRuntimeProperties().get(BindingProvider.PASSWORD_PROPERTY);
System.out.println( " Got Password![]()
![]()
![]()
:
"
+
password);
cb.setPassword(password);
} else {
throw unsupported;
}
}
}
private class PlainTextPasswordValidator implements PasswordValidationCallback.PasswordValidator {
public boolean validate(PasswordValidationCallback.Request request) throws PasswordValidationCallback.PasswordValidationException {
PasswordValidationCallback.PlainTextPasswordRequest plainTextRequest = (PasswordValidationCallback.PlainTextPasswordRequest) request;
if ( " hermit " .equals(plainTextRequest.getUsername()) && " hermit " .equals(plainTextRequest.getPassword())) {
return true ;
}
return false ;
}
}
}
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.ws.BindingProvider;
import com.sun.xml.wss.impl.callback.PasswordCallback;
import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
import com.sun.xml.wss.impl.callback.UsernameCallback;
public class SecurityEnvironmentHandler implements CallbackHandler {
private static final UnsupportedCallbackException unsupported = new UnsupportedCallbackException( null ,
" Unsupported Callback Type Encountered " );
public SecurityEnvironmentHandler(String arg) {
}
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for ( int i = 0 ; i < callbacks.length; i ++ ) {
if (callbacks[i] instanceof PasswordValidationCallback) {
PasswordValidationCallback cb = (PasswordValidationCallback) callbacks[i];
if (cb.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
cb.setValidator( new PlainTextPasswordValidator());
}
else if (cb.getRequest() instanceof PasswordValidationCallback.DigestPasswordRequest) {
PasswordValidationCallback.DigestPasswordRequest request = (PasswordValidationCallback.DigestPasswordRequest) cb
.getRequest();
String username = request.getUsername();
if ( " hermit " .equals(username)) {
request.setPassword( " hermit " );
cb.setValidator( new PasswordValidationCallback.DigestPasswordValidator());
}
}
} else if (callbacks[i] instanceof UsernameCallback) {
UsernameCallback cb = (UsernameCallback) callbacks[i];
String username = (String) cb.getRuntimeProperties().get(BindingProvider.USERNAME_PROPERTY);
System.out.println( " Got Username
cb.setUsername(username);
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback cb = (PasswordCallback) callbacks[i];
String password = (String) cb.getRuntimeProperties().get(BindingProvider.PASSWORD_PROPERTY);
System.out.println( " Got Password
cb.setPassword(password);
} else {
throw unsupported;
}
}
}
private class PlainTextPasswordValidator implements PasswordValidationCallback.PasswordValidator {
public boolean validate(PasswordValidationCallback.Request request) throws PasswordValidationCallback.PasswordValidationException {
PasswordValidationCallback.PlainTextPasswordRequest plainTextRequest = (PasswordValidationCallback.PlainTextPasswordRequest) request;
if ( " hermit " .equals(plainTextRequest.getUsername()) && " hermit " .equals(plainTextRequest.getPassword())) {
return true ;
}
return false ;
}
}
}
-------------------------------------client---------------------------------------------------
import java.util.ArrayList;
import java.util.List;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.handler.Handler;
import org.hermit.study.jdk.shello.SecurityHandler;
import org.hermit.study.jdk.shello.SecurityHello;
import org.hermit.study.jdk.shello.SecurityHelloService;
public class TestSericutyHello {
public static void main(String[] args) {
try {
SecurityHelloService service = new SecurityHelloService();
SecurityHello port = service.getSecurityHelloPort();
((BindingProvider) port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, " hermit " );
((BindingProvider) port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, " hermit " );
List < Handler > chain = new ArrayList < Handler > ();
chain.add( new SecurityHandler());
((BindingProvider) port).getBinding().setHandlerChain(chain);
String result = port.sayHello( " Hermit " );
System.out.println( " Result = " + result);
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
/*
* SecurityEnvironmentHandler.java
*
* Created on March 26, 2007, 1:17 PM
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package org.hermit.study.jdk.shello;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import com.sun.xml.wss.impl.callback.PasswordCallback;
import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
import com.sun.xml.wss.impl.callback.UsernameCallback;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import javax.xml.ws.BindingProvider;
/**
*
* @author sk112103
*/
public class SecurityEnvironmentHandler implements CallbackHandler {
private static final UnsupportedCallbackException unsupported =
new UnsupportedCallbackException( null , " Unsupported Callback Type Encountered " );
/** Creates a new instance of SecurityEnvironmentHandler */
public SecurityEnvironmentHandler(String arg) {
}
private String readLine() throws IOException {
return new BufferedReader
( new InputStreamReader(System.in)).readLine();
}
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for ( int i = 0 ; i < callbacks.length; i ++ ) {
if (callbacks[i] instanceof PasswordValidationCallback) {
PasswordValidationCallback cb = (PasswordValidationCallback) callbacks[i];
if (cb.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
cb.setValidator( new PlainTextPasswordValidator());
} else if (cb.getRequest() instanceof PasswordValidationCallback.DigestPasswordRequest) {
PasswordValidationCallback.DigestPasswordRequest request =
(PasswordValidationCallback.DigestPasswordRequest) cb.getRequest();
String username = request.getUsername();
if ( " Ron " .equals(username)) {
request.setPassword( " noR " );
cb.setValidator( new PasswordValidationCallback.DigestPasswordValidator());
}
}
} else if (callbacks[i] instanceof UsernameCallback) {
UsernameCallback cb = (UsernameCallback)callbacks[i];
String username = (String)cb.getRuntimeProperties().get(BindingProvider.USERNAME_PROPERTY);
System.out.println( " Got Username![]()
![]()
![]()
:
"
+
username);
cb.setUsername(username);
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback cb = (PasswordCallback)callbacks[i];
String password = (String)cb.getRuntimeProperties().get(BindingProvider.PASSWORD_PROPERTY);
System.out.println( " Got Password![]()
![]()
![]()
:
"
+
password);
cb.setPassword(password);
} else {
throw unsupported;
}
}
}
private class PlainTextPasswordValidator implements PasswordValidationCallback.PasswordValidator {
public boolean validate(PasswordValidationCallback.Request request)
throws PasswordValidationCallback.PasswordValidationException {
PasswordValidationCallback.PlainTextPasswordRequest plainTextRequest =
(PasswordValidationCallback.PlainTextPasswordRequest) request;
if ( " Ron " .equals(plainTextRequest.getUsername()) &&
" noR " .equals(plainTextRequest.getPassword())) {
return true ;
}
return false ;
}
}
}
* SecurityEnvironmentHandler.java
*
* Created on March 26, 2007, 1:17 PM
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package org.hermit.study.jdk.shello;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import com.sun.xml.wss.impl.callback.PasswordCallback;
import com.sun.xml.wss.impl.callback.PasswordValidationCallback;
import com.sun.xml.wss.impl.callback.UsernameCallback;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import javax.xml.ws.BindingProvider;
/**
*
* @author sk112103
*/
public class SecurityEnvironmentHandler implements CallbackHandler {
private static final UnsupportedCallbackException unsupported =
new UnsupportedCallbackException( null , " Unsupported Callback Type Encountered " );
/** Creates a new instance of SecurityEnvironmentHandler */
public SecurityEnvironmentHandler(String arg) {
}
private String readLine() throws IOException {
return new BufferedReader
( new InputStreamReader(System.in)).readLine();
}
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for ( int i = 0 ; i < callbacks.length; i ++ ) {
if (callbacks[i] instanceof PasswordValidationCallback) {
PasswordValidationCallback cb = (PasswordValidationCallback) callbacks[i];
if (cb.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {
cb.setValidator( new PlainTextPasswordValidator());
} else if (cb.getRequest() instanceof PasswordValidationCallback.DigestPasswordRequest) {
PasswordValidationCallback.DigestPasswordRequest request =
(PasswordValidationCallback.DigestPasswordRequest) cb.getRequest();
String username = request.getUsername();
if ( " Ron " .equals(username)) {
request.setPassword( " noR " );
cb.setValidator( new PasswordValidationCallback.DigestPasswordValidator());
}
}
} else if (callbacks[i] instanceof UsernameCallback) {
UsernameCallback cb = (UsernameCallback)callbacks[i];
String username = (String)cb.getRuntimeProperties().get(BindingProvider.USERNAME_PROPERTY);
System.out.println( " Got Username
cb.setUsername(username);
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback cb = (PasswordCallback)callbacks[i];
String password = (String)cb.getRuntimeProperties().get(BindingProvider.PASSWORD_PROPERTY);
System.out.println( " Got Password
cb.setPassword(password);
} else {
throw unsupported;
}
}
}
private class PlainTextPasswordValidator implements PasswordValidationCallback.PasswordValidator {
public boolean validate(PasswordValidationCallback.Request request)
throws PasswordValidationCallback.PasswordValidationException {
PasswordValidationCallback.PlainTextPasswordRequest plainTextRequest =
(PasswordValidationCallback.PlainTextPasswordRequest) request;
if ( " Ron " .equals(plainTextRequest.getUsername()) &&
" noR " .equals(plainTextRequest.getPassword())) {
return true ;
}
return false ;
}
}
}
/*
* SecurityHandler.java
*
* Created on March 26, 2007, 12:58 PM
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package org.hermit.study.jdk.shello;
import java.io.FileInputStream;
import java.util.Set;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.SubjectAccessor;
import com.sun.xml.wss.XWSSProcessor;
import com.sun.xml.wss.XWSSProcessorFactory;
import com.sun.xml.wss.XWSSecurityException;
/**
*
* Kumar Jayanti
*/
public class SecurityHandler implements SOAPHandler < SOAPMessageContext > {
XWSSProcessor sprocessor = null ;
XWSSProcessor cprocessor = null ;
/** Creates a new instance of SecurityHandler */
public SecurityHandler() {
FileInputStream clientConfig = null ;
try {
// read client side security config
clientConfig = new java.io.FileInputStream( new java.io.File( " ./src/user-pass-authenticate-client.xml " ));
// Create a XWSSProcessFactory.
XWSSProcessorFactory factory = XWSSProcessorFactory.newInstance();
cprocessor = factory.createProcessorForSecurityConfiguration(clientConfig, new SecurityEnvironmentHandler( " client " ));
clientConfig.close();
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
public Set < QName > getHeaders() {
return null ;
}
public boolean handleFault(SOAPMessageContext messageContext) {
return true ;
}
public boolean handleMessage(SOAPMessageContext messageContext) {
System.out.println( " This is client " );
secureClient(messageContext);
return true ;
}
public void close(MessageContext messageContext) {
}
private SOAPMessage createFaultResponse(XWSSecurityException ex) {
return null ;
}
private void secureClient(SOAPMessageContext messageContext) {
Boolean outMessageIndicator = (Boolean) messageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
SOAPMessage message = messageContext.getMessage();
System.out.println( " Came to Secure Client![]()
![]()
![]()
![]()
.
"
);
if (outMessageIndicator.booleanValue()) {
System.out.println( " \nOutbound SOAP: " );
ProcessingContext context;
try {
context = cprocessor.createProcessingContext(message);
context.getExtraneousProperties().putAll(messageContext);
context.setSOAPMessage(message);
SOAPMessage secureMsg = cprocessor.secureOutboundMessage(context);
secureMsg.writeTo(System.out);
messageContext.setMessage(secureMsg);
} catch (XWSSecurityException ex) {
ex.printStackTrace();
throw new RuntimeException(ex);
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
return ;
} else {
System.out.println( " \nInbound SOAP: " );
System.out.println( " DO Nothing in Secure Client![]()
![]()
![]()
![]()
.
"
);
// do nothing
return ;
}
}
}
* SecurityHandler.java
*
* Created on March 26, 2007, 12:58 PM
*
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
*/
package org.hermit.study.jdk.shello;
import java.io.FileInputStream;
import java.util.Set;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import com.sun.xml.wss.ProcessingContext;
import com.sun.xml.wss.SubjectAccessor;
import com.sun.xml.wss.XWSSProcessor;
import com.sun.xml.wss.XWSSProcessorFactory;
import com.sun.xml.wss.XWSSecurityException;
/**
*
* Kumar Jayanti
*/
public class SecurityHandler implements SOAPHandler < SOAPMessageContext > {
XWSSProcessor sprocessor = null ;
XWSSProcessor cprocessor = null ;
/** Creates a new instance of SecurityHandler */
public SecurityHandler() {
FileInputStream clientConfig = null ;
try {
// read client side security config
clientConfig = new java.io.FileInputStream( new java.io.File( " ./src/user-pass-authenticate-client.xml " ));
// Create a XWSSProcessFactory.
XWSSProcessorFactory factory = XWSSProcessorFactory.newInstance();
cprocessor = factory.createProcessorForSecurityConfiguration(clientConfig, new SecurityEnvironmentHandler( " client " ));
clientConfig.close();
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
public Set < QName > getHeaders() {
return null ;
}
public boolean handleFault(SOAPMessageContext messageContext) {
return true ;
}
public boolean handleMessage(SOAPMessageContext messageContext) {
System.out.println( " This is client " );
secureClient(messageContext);
return true ;
}
public void close(MessageContext messageContext) {
}
private SOAPMessage createFaultResponse(XWSSecurityException ex) {
return null ;
}
private void secureClient(SOAPMessageContext messageContext) {
Boolean outMessageIndicator = (Boolean) messageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
SOAPMessage message = messageContext.getMessage();
System.out.println( " Came to Secure Client
if (outMessageIndicator.booleanValue()) {
System.out.println( " \nOutbound SOAP: " );
ProcessingContext context;
try {
context = cprocessor.createProcessingContext(message);
context.getExtraneousProperties().putAll(messageContext);
context.setSOAPMessage(message);
SOAPMessage secureMsg = cprocessor.secureOutboundMessage(context);
secureMsg.writeTo(System.out);
messageContext.setMessage(secureMsg);
} catch (XWSSecurityException ex) {
ex.printStackTrace();
throw new RuntimeException(ex);
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
return ;
} else {
System.out.println( " \nInbound SOAP: " );
System.out.println( " DO Nothing in Secure Client
// do nothing
return ;
}
}
}
package org.hermit.study.jdk.shello;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
/**
* This class was generated by the JAX-WS RI.
* JAX-WS RI 2.1.1 in JDK 6
* Generated source version: 2.1
*
*/
@WebService(name = " SecurityHello " , targetNamespace = " http://jdk.study.hermit.org/shello " )
@SOAPBinding(style = SOAPBinding.Style.RPC)
public interface SecurityHello {
/**
*
* @param arg0
* @return
* returns java.lang.String
*/
@WebMethod
@WebResult(partName = " return " )
public String sayHello(
@WebParam(name = " arg0 " , partName = " arg0 " )
String arg0);
}
package org.hermit.study.jdk.shello;
import java.net.MalformedURLException;
import java.net.URL;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import javax.xml.ws.WebEndpoint;
import javax.xml.ws.WebServiceClient;
import javax.xml.ws.WebServiceFeature;
/**
* This class was generated by the JAX-WS RI.
* JAX-WS RI 2.1.1 in JDK 6
* Generated source version: 2.1
*
*/
@WebServiceClient(name = " SecurityHelloService " , targetNamespace = " http://jdk.study.hermit.org/shello " , wsdlLocation = " http://127.0.0.1:8088/SecurityHello?wsdl " )
public class SecurityHelloService
extends Service
{
private final static URL SECURITYHELLOSERVICE_WSDL_LOCATION;
static {
URL url = null ;
try {
url = new URL( " http://127.0.0.1:8088/SecurityHello?wsdl " );
} catch (MalformedURLException e) {
e.printStackTrace();
}
SECURITYHELLOSERVICE_WSDL_LOCATION = url;
}
public SecurityHelloService(URL wsdlLocation, QName serviceName) {
super (wsdlLocation, serviceName);
}
public SecurityHelloService() {
super (SECURITYHELLOSERVICE_WSDL_LOCATION, new QName( " http://jdk.study.hermit.org/shello " , " SecurityHelloService " ));
}
/**
*
* @return
* returns SecurityHello
*/
@WebEndpoint(name = " SecurityHelloPort " )
public SecurityHello getSecurityHelloPort() {
return (SecurityHello) super .getPort( new QName( " http://jdk.study.hermit.org/shello " , " SecurityHelloPort " ), SecurityHello. class );
}
/**
*
* @param features
* A list of { @link javax.xml.ws.WebServiceFeature} to configure on the proxy. Supported features not in the <code>features</code> parameter will have their default values.
* @return
* returns SecurityHello
*/
@WebEndpoint(name = " SecurityHelloPort " )
public SecurityHello getSecurityHelloPort(WebServiceFeature
return (SecurityHello) super .getPort( new QName( " http://jdk.study.hermit.org/shello " , " SecurityHelloPort " ), SecurityHello. class , features);
}
}
user-pass-authenticate-client.xml
<!--
Copyright 2004 Sun Microsystems, Inc. All rights reserved.
SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
-->
< xwss:SecurityConfiguration xmlns:xwss ="http://java.sun.com/xml/ns/xwss/config" dumpMessages ="true" >
< xwss:UsernameToken digestPassword ="true" />
</ xwss:SecurityConfiguration >
Copyright 2004 Sun Microsystems, Inc. All rights reserved.
SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
-->
< xwss:SecurityConfiguration xmlns:xwss ="http://java.sun.com/xml/ns/xwss/config" dumpMessages ="true" >
< xwss:UsernameToken digestPassword ="true" />
</ xwss:SecurityConfiguration >
终于贴完了
报异常
<S:Envelope xmlns:S=" http://schemas.xmlsoap.org/soap/envelope/"><S:Header>
<wsse:Security xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" S:mustUnderstand="1"><wsse:UsernameToken xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1212378178718-1762088361"><wsse:Username>hermit</wsse:Username><wsse:Password Type=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">HmGpnf6+FOReizFMyZMmvOJI3Cs=</wsse:Password><wsse:Nonce EncodingType=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">PED+zrhDAVFnEYXOC6loZM4i</wsse:Nonce><wsu:Created>2008-06-02T03:42:58.937Z</wsu:Created></wsse:UsernameToken></wsse:Security></S:Header><S:Body><ns2:sayHello xmlns:ns2=" http://jdk.study.hermit.org/shello"><arg0>Hermit</arg0></ns2:sayHello></S:Body></S:Envelope>Exception in thread "main" java.lang.ExceptionInInitializerError
at com.sun.xml.internal.ws.message.AttachmentUnmarshallerImpl.<clinit>(AttachmentUnmarshallerImpl.java:77)
at com.sun.xml.internal.ws.message.stream.StreamMessage.readPayloadAsJAXB(StreamMessage.java:201)
at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.create(SOAPFaultBuilder.java:463)
at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:239)
at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:210)
at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:103)
at $Proxy22.sayHello(Unknown Source)
at TestSericutyHello.main(TestSericutyHello.java:26)
Caused by: java.lang.IllegalArgumentException: com.sun.xml.messaging.saaj.soap.LocalStrings != com.sun.xml.internal.messaging.saaj.soap.LocalStrings
at java.util.logging.Logger.getLogger(Logger.java:328)
at com.sun.xml.internal.messaging.saaj.soap.AttachmentPartImpl.<clinit>(AttachmentPartImpl.java:71)
... 8 more
google了一下貌似是jdk新版本的bug(Java(TM) SE Runtime Environment (build 1.6.0_06-b02))
http://forums.java.net/jive/thread.jspa?threadID=41696&tstart=0
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6481282
希望下个版本能解决这个问题。