web service faultString: (401)Unauthorized

web service faultString: (401)Unauthorized

 

 

 

web service 安全性-----Tomcat级

 

 

1.tomcat 修改tomcat-users.xml

Web应用的基本认证是建立在J2EE角色和用户的基础之上,首先在Tomcat角色配置文件中增加一个角色和一个帐号。

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="axis"/>
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="axis" password="axis" roles="axis"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="role1" password="tomcat" roles="role1"/>
<user username="manager" password="manager" roles="manager"/>
<user username="admin" password="admin" roles="admin"/>
</tomcat-users>

 

2. 修改tomcat 的server.xml

打开Tomcat_Home\conf\server.xml配置文件,在GlobalNamingResources中添加以下描述:

<GlobalNamingResources>
...
<Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
       description="User database that can be updated and saved">
    </Resource>
    <ResourceParams name="UserDatabase">
      <parameter>
        <name>factory</name>
        <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
      </parameter>
      <parameter>
        <name>pathname</name>
        <value>conf/tomcat-users.xml</value>
      </parameter>
    </ResourceParams>
</GlobalNamingResources>

<!-- Global JNDI resources -->
<GlobalNamingResources>

    <!-- Test entry for demonstration purposes -->
    <Environment name="simpleValue" type="java.lang.Integer" value="30"/>

    <!-- Editable user database that can also be used by
         UserDatabaseRealm to authenticate users -->
    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
       description="User database that can be updated and saved"
           factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
          pathname="conf/tomcat-users.xml" />

</GlobalNamingResources>

3.修改web.xml

<security-constraint>
  <web-resource-collection>
    <web-resource-name>Tax Web service </web-resource-name>
    <url-pattern>/services/personTaxService</url-pattern>
  </web-resource-collection>
  <auth-constraint>
    <role-name>axis</role-name>
  </auth-constraint>
</security-constraint>
<login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>Axis Basic Authentication Area</realm-name>
</login-config>
<security-role>
  <role-name>axis</role-name>
</security-role>
 
4.服务端
package com.service;
public class PersonTaxService {
 final double base=1200;//所得税上缴基数。 
 public  double getTax(double salary)
      {
       double tax_salary=salary-base;       
       double tax=0.0d;//计算后的所得税。       
       if(0>tax_salary)                               tax=0;
       else if(0<tax_salary&&tax_salary <=500)        tax=tax_salary*0.05-0;
       else if(500<tax_salary&&tax_salary<=2000)      tax=tax_salary*0.10-25;
       else tax = tax_salary*0.2;
       return tax;
      } 
}
server-config.wsdd
<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> 
<handler type="java:org.apache.axis.handlers.http.URLMapper" name="URLMapper"/>       
     <service name="myService" provider="java:RPC"> 
          <parameter name="className" value="com.service.MyService"/> 
          <parameter name="allowedMethods" value="sayHello"/> 
      </service>  
      <service name="personTaxService" provider="java:RPC"> 
          <parameter name="className" value="com.service.PersonTaxService"/> 
          <parameter name="allowedMethods" value="getTax"/> 
      </service>  
<transport name="http"> 
<requestFlow> 
      <handler type="URLMapper"/> 
</requestFlow> 
</transport> 
</deployment>
5.客户端
package com.client;
import javax.xml.namespace.QName;
import javax.xml.rpc.ParameterMode;
import org.apache.axis.client.Call;
import org.apache.axis.client.Service;
import org.apache.axis.encoding.XMLType;
public class PersonTaxClient {
 
 static final double salary=5000;
      public static void main(String [] args)
      {
          try {
           // 服务端的url,需要根据情况更改。
              String endpointURL = "http://localhost:8080/AxisTest/services/personTaxService?wsdl";// Web服务端点地址
              Service  service = new Service();
              Call       call      = (Call) service.createCall();
              call.setTargetEndpointAddress( new java.net.URL(endpointURL) );
              call.setOperationName("getTax");// 设置操作的名称。
              // 由于需要认证,故需要设置调用的用户名和密码。
              call.getMessageContext().setUsername("axis");// 设置用户名。
              call.getMessageContext().setPassword("axis");// 设置密码
              call.addParameter( "op1", XMLType.XSD_DOUBLE, ParameterMode.IN );// 参数的类型
        call.setReturnType( XMLType.XSD_DOUBLE );// 返回的数据类型
              Double ret = (Double) call.invoke( new Object [] { new Double(salary) });// 执行调用
        System.out.println("使用HTTP协议来作为Web服务的传输协议!");   
              System.out.println("已经成功调用。请参看服务端的输出!");
              System.out.println("输入工资"+salary+"元,应交个人所得税:"+ret);       
         }catch(Exception e){
            e.printStackTrace();
         }
      }
}
如果用户名或密码出错, 则:
AxisFault
 faultCode: {http://xml.apache.org/axis/}HTTP
 faultSubcode: 
 faultString: (401)Unauthorized
 faultActor: 
 faultNode: 
 faultDetail: 
 {}:return code:  401
&lt;html&gt;&lt;head&gt;&lt;title&gt;Apache Tomcat/5.5.25 - Error report&lt;/title&gt;&lt;style&gt;&lt;!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--&gt;&lt;/style&gt; &lt;/head&gt;&lt;body&gt;&lt;h1&gt;HTTP Status 401 - &lt;/h1&gt;&lt;HR size=&quot;1&quot; noshade=&quot;noshade&quot;&gt;&lt;p&gt;&lt;b&gt;type&lt;/b&gt; Status report&lt;/p&gt;&lt;p&gt;&lt;b&gt;message&lt;/b&gt; &lt;u&gt;&lt;/u&gt;&lt;/p&gt;&lt;p&gt;&lt;b&gt;description&lt;/b&gt; &lt;u&gt;This request requires HTTP authentication ().&lt;/u&gt;&lt;/p&gt;&lt;HR size=&quot;1&quot; noshade=&quot;noshade&quot;&gt;&lt;h3&gt;Apache Tomcat/5.5.25&lt;/h3&gt;&lt;/body&gt;&lt;/html&gt;
 {http://xml.apache.org/axis/}HttpErrorCode:401
(401)Unauthorized
 at org.apache.axis.transport.http.HTTPSender.readFromSocket(HTTPSender.java:744)
 at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:144)
 at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
 at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
 at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
 at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
 at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
 at org.apache.axis.client.Call.invoke(Call.java:2767)
 at org.apache.axis.client.Call.invoke(Call.java:2443)
 at org.apache.axis.client.Call.invoke(Call.java:2366)
 at org.apache.axis.client.Call.invoke(Call.java:1812)
 at com.client.PersonTaxClient.main(PersonTaxClient.java:28)

 

 

 

你可能感兴趣的:(web Service)