Xfire 认证
关键字: webservices xfire
XFire提供了四种身份验证的方式,分别是http验证,JSR181,Handler验证,WS-Security。
SOAP的原理告诉我们一个WS交互的流程是客户端发送请求->服务器接收请求->服务器发送数据->客户端接收数据,handler可以让我们在这四个操作中之前进行编码,所以,我们的验证进行在客户端发送请求和服务器接收请求的时候,因此,我们要写两个handler,然后把它们装配上就可以了。
Handler验证方式如下:
主要参考的实例是XFIREdemo中的BOOK
服务器的代码如下
package com.nstar.xfire.auth;
import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.XFireRuntimeException;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;
import org.jdom.Namespace;
public class XfireAuthenticationHandler extends AbstractHandler {
private static final String USERNAME = "biansutao";
private static final String PASSWORD = "12345678";
private static final String NS = "http://xfire.codehaus.org/biansutao";
public void invoke(MessageContext ctx) throws Exception {
// Check if header exists
Element header = ctx.getInMessage().getHeader();
if (header == null) {
throw new XFireRuntimeException("Missing SOAP Header");
}
// Does it have version tag
Element name = header.getChild("USERNAME",Namespace.getNamespace(NS));
Element pass = header.getChild("PASSWORD",Namespace.getNamespace(NS));
if(name.getValue().equals(USERNAME) && pass.getValue().equals(PASSWORD)){
System.out.println("验证通过");
}
else{
System.out.println("验证未通过");
throw new XFireRuntimeException("Authentication Failure");
}
ctx.setProperty("USERNAME", USERNAME);
ctx.setProperty("PASSWORD", PASSWORD);
}
}
然后需要在services.xml中配置如下:
xml 代码
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://xfire.codehaus.org/config/1.0">
<service>
<name>HelloWordService</name>
<serviceClass>com.nstar.xfire.IHelloWordService</serviceClass>
<implementationClass>
com.nstar.xfire.HelloWordServiceImpl
</implementationClass>
<style>wrapped</style>
<use>literal</use>
<scope>application</scope>
<inHandlers>
<handler handlerClass="com.nstar.xfire.auth.XfireAuthenticationHandler"></handler>
</inHandlers>
</service>
</beans>
客户端代码
package com.nstar.xfire.client.auth;
import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;
public class ClientHeaderHandler extends AbstractHandler {
//用户验证
private static final String USERNAME = "biansutao";
private static final String PASSWORD = "12345678";
private static final String NS = "http://xfire.codehaus.org/biansutao";
public void invoke(MessageContext ctx) throws Exception {
Element header = ctx.getOutMessage().getOrCreateHeader();
header.addContent(new Element("USERNAME",NS).addContent(USERNAME));
header.addContent(new Element("PASSWORD",NS).addContent(PASSWORD));
}
}
package com.nstar.xfire.client;
import java.util.List;
import java.lang.reflect.Proxy;
import java.net.MalformedURLException;
import java.util.ArrayList;
import org.codehaus.xfire.*;
import org.codehaus.xfire.client.Client;
import org.codehaus.xfire.client.XFireProxy;
import org.codehaus.xfire.client.XFireProxyFactory;
import org.codehaus.xfire.service.Service;
import org.codehaus.xfire.service.binding.ObjectServiceFactory;
import com.nstar.xfire.IHelloWordService;
import com.nstar.xfire.Student;
import com.nstar.xfire.client.auth.ClientHeaderHandler;
public class HelloWorldClient {
/**
* @param args
*/
public static void main(String[] args) {
Service serviceModel = new ObjectServiceFactory().create(IHelloWordService.class);
XFireProxyFactory factory = new XFireProxyFactory(XFireFactory.newInstance().getXFire());
String url = "http://10.232.75.61:8090/Xfire/services/HelloWordService";
try {
IHelloWordService service = (IHelloWordService) factory.create(serviceModel, url);
XFireProxy proxy = (XFireProxy)Proxy.getInvocationHandler(service);
Client client = proxy.getClient();
client.addOutHandler(new ClientHeaderHandler());
List list = new ArrayList();
List list1 = new ArrayList();
list.add(new String("测试"));
int age = service.getAge("边苏涛");
String name = service.getName(1);
Student s = service.getOneStudent(27);
list1 = service.getStudent(list);
System.out.println("边苏涛's age =="+age);
System.out.println("学号为1的学生姓名 "+name);
System.out.println("age == "+s.getAge()+" name == "+s.getName()+" list content "+s.getList().get(0).toString());
System.out.println(list1.size());
for(int i=0;i<list1.size();i++){
System.out.println(list1.get(i).toString());
}
} catch (MalformedURLException e) {
e.printStackTrace();
}
}
}
这样一来,使用这个原理就可以针对特定用户进行服务调用了。
示例代码:
服务器端:
客户端: