用Soap Header在Xfire中实现安全验证(实例代码)

用Soap Header在Xfire中实现安全验证(实例代码)
<? xml version="1.0" encoding="UTF-8" ?>
< web-app  xmlns ="http://java.sun.com/xml/ns/j2ee"
    xmlns:xsi
="http://www.w3.org/2001/XMLSchema-instance"  version ="2.4"
    xsi:schemaLocation
="http://java.sun.com/xml/ns/j2ee   http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" >
    
< servlet >
        
< display-name > XFire Servlet </ display-name >
        
< servlet-name > XFireServlet </ servlet-name >
        
< servlet-class >
            org.codehaus.xfire.transport.http.XFireConfigurableServlet
        
</ servlet-class >
    
</ servlet >

    
< servlet-mapping >
        
< servlet-name > XFireServlet </ servlet-name >
        
< url-pattern > /servlet/XFireServlet/* </ url-pattern >
    
</ servlet-mapping >

    
< servlet-mapping >
        
< servlet-name > XFireServlet </ servlet-name >
        
< url-pattern > /services/* </ url-pattern >
    
</ servlet-mapping >
</ web-app >
< beans  xmlns ="http://xfire.codehaus.org/config/1.0" >
< service >
< name > EchoService </ name >
< serviceClass > com.hhy.dss.ws.Echo </ serviceClass >
< serviceFactory > jsr181 </ serviceFactory >
< inHandlers >
< handler  handlerClass ="com.hhy.dss.ws.AuthenticationHandler" ></ handler >
</ inHandlers >
</ service >
</ beans >
package  com.hhy.dss.ws;

import  javax.jws.WebMethod;
import  javax.jws.WebService;

@WebService
public   class  Echo
{
    @WebMethod
    
public  String echo(String in)
    
{
        
return  in;
    }


}
package  com.hhy.dss.ws;

import  org.apache.log4j.Logger;
import  org.codehaus.xfire.MessageContext;
import  org.codehaus.xfire.exchange.InMessage;
import  org.codehaus.xfire.fault.XFireFault;
import  org.codehaus.xfire.handler.AbstractHandler;
import  org.jdom.Element;

public   class  AuthenticationHandler  extends  AbstractHandler  {
    
private   static   final  Logger log  =  Logger
            .getLogger(AuthenticationHandler.
class );

    
public   void  invoke(MessageContext context)  throws  Exception  {

        log.info(
" #AuthenticationHandler is invoked " );
        InMessage message 
=  context.getInMessage();

        
if  (message.getHeader()  ==   null {
            
throw   new  XFireFault( " GetRelation Service Should be Authenticated " ,
                    XFireFault.SENDER);
        }


        Element token 
=  message.getHeader().getChild( " AuthenticationToken " );
        
if  (token  ==   null {
            
throw   new  XFireFault( " Request must include authentication token. " ,
                    XFireFault.SENDER);
        }


        String username 
=  token.getChild( " Username " ).getValue();
        String password 
=  token.getChild( " Password " ).getValue();

        System.out.println(
" username= "   +  username);
        System.out.println(
" password= "   +  password);

        
if  (username  ==   null   ||  password  ==   null )
            
throw   new  XFireFault( " Supplied Username and Password Please " ,
                    XFireFault.SENDER);

        
/** */ /**
         * 检查用户名密码是否正确
         
*/

        
if  ( ! username.equals( " ksafe " ||   ! password.equals( " killer " ))
            
throw   new  XFireFault(
                    
" Authentication Fail! Check username/password " ,
                    XFireFault.SENDER);

    }

}

你可能感兴趣的:(用Soap Header在Xfire中实现安全验证(实例代码))