WebService(二)---限定IP访问WSDL

服务端：package com.xxx.authentication;

import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.codehaus.xfire.transport.http.XFireServletController;
import org.jdom.Element;
public class AuthenticationHandler extends AbstractHandler {
/**
 *  安全服务器端
 */
public void invoke(MessageContext cfx) throws Exception {
   if (cfx.getInMessage().getHeader() == null) {
    throw new org.codehaus.xfire.fault.XFireFault("请求必须包含验证信息",
      org.codehaus.xfire.fault.XFireFault.SENDER);
   }
   Element token = cfx.getInMessage().getHeader().getChild(
     "AuthenticationToken");
   String remoteip = XFireServletController.getRequest().getRemoteAddr();
   System.out.println("服务端得到客户端的ip为：" + remoteip );
   String uri = cfx.getInMessage().getUri();
   int port  = XFireServletController.getRequest().getRemotePort();
   System.out.println("服务端得到客户端的端口"+ port+ "  URI为：" + uri);
   if (token == null) {
    throw new org.codehaus.xfire.fault.XFireFault("请求必须包含身份验证信息",
      org.codehaus.xfire.fault.XFireFault.SENDER);
   }
   String username = token.getChild("Username").getValue();
   String password = token.getChild("Password").getValue();
   try {
    // 进行身份验证 ，只有abcd@1234的用户为授权用户
    if (username.equals("abcd") && password.equals("1234"))
     System.out.println("身份验证通过");
    else
     throw new Exception();
   } catch (Exception e) {
    throw new org.codehaus.xfire.fault.XFireFault("非法的用户名和密码",
      org.codehaus.xfire.fault.XFireFault.SENDER);
   }
}
}

 然后再services.xml配置需要验证的service：

 

<service> 
      <name>xx</name> 
      <namespace>www.service/xx</namespace> 
      <serviceClass>com...Ixxx</serviceClass> 
      <implementationClass>com...Ixxx</implementationClass> 
      <!-- 验证 -->
      <inHandlers> 
   		<handler handlerClass ="com.xx.authentication.AuthenticationHandler" ></handler > 
   	  </inHandlers>
	  <style>wrapped</style>
	  <use>literal</use>
	  <scope>application</scope>
   </service> 

 客户端：

 

package com.xx.authentication;
import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;
/**
 *  安全客户调用端
 */
public class ClientAuthenticationHandler extends AbstractHandler {
    private String username = null;
    private String password = null;
    public ClientAuthenticationHandler() { 
    }
    public ClientAuthenticationHandler(String username,String password) { 
    this.username = username; 
        this.password = password;
    }
    public void setUsername(String username) { 
        this.username = username; 
    }
    public void setPassword(String password) { 
        this.password = password; 
    }
    public void invoke(MessageContext context) throws Exception {
        //为SOAP Header构造验证信息
        Element el = new Element("header"); 
        context.getOutMessage().setHeader(el); 
        Element auth = new Element("AuthenticationToken"); 
        Element username_el = new Element("Username"); 
        username_el.addContent(username); 
        Element password_el = new Element("Password"); 
        password_el.addContent(password); 
        auth.addContent(username_el); 
        auth.addContent(password_el); 
        el.addContent(auth); 
    } 
}

 

客户端调用：

 

Service serviceModel = new ObjectServiceFactory().create(IhelloWorld.class);
IhelloWorld service = (IhelloWorld) new XFireProxyFactory().create(serviceModel,  "http://xxx/service/xxx");   
XFireProxy proxy = (XFireProxy)Proxy.getInvocationHandler(service);
Client client = proxy.getClient();
 //发送授权信息
client.addOutHandler(new ClientAuthenticationHandler("abcd","1234"));
 // 下面调用服务端方法....  

 

限定IP 在AuthenticationHandler 里面invoke里面可以验证，访问你的IP都已经得到了，再加上用户名密码验证，这样就可以对其限制。