Xfire 认证

关键字: webservices xfire


XFire提供了四种身份验证的方式，分别是http验证，JSR181,Handler验证，WS-Security。

SOAP的原理告诉我们一个WS交互的流程是客户端发送请求－>服务器接收请求－>服务器发送数据->客户端接收数据，handler可以让我们在这四个操作中之前进行编码，所以，我们的验证进行在客户端发送请求和服务器接收请求的时候，因此，我们要写两个handler，然后把它们装配上就可以了。

Handler验证方式如下：

主要参考的实例是XFIREdemo中的BOOK

服务器的代码如下

package com.nstar.xfire.auth;

import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.XFireRuntimeException;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;
import org.jdom.Namespace;

public class XfireAuthenticationHandler  extends AbstractHandler {
 private static final String USERNAME = "biansutao";
 private static final String PASSWORD = "12345678";
 private static final String NS = "http://xfire.codehaus.org/biansutao";
 
 public void invoke(MessageContext ctx) throws Exception {
  // Check if header exists
  
  Element header = ctx.getInMessage().getHeader();
  if (header == null) {
   throw new XFireRuntimeException("Missing SOAP Header");
  }
  // Does it have version tag
  Element name = header.getChild("USERNAME",Namespace.getNamespace(NS));
  Element pass = header.getChild("PASSWORD",Namespace.getNamespace(NS));
  if(name.getValue().equals(USERNAME) && pass.getValue().equals(PASSWORD)){
   System.out.println("验证通过");
  }
  else{
   System.out.println("验证未通过");
   throw new XFireRuntimeException("Authentication Failure");
  }
  ctx.setProperty("USERNAME", USERNAME);
  ctx.setProperty("PASSWORD", PASSWORD);
 }
}

然后需要在services.xml中配置如下：

xml 代码

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://xfire.codehaus.org/config/1.0">
 <service>
  <name>HelloWordService</name>
  <serviceClass>com.nstar.xfire.IHelloWordService</serviceClass>
  <implementationClass>
   com.nstar.xfire.HelloWordServiceImpl
  </implementationClass>
  <style>wrapped</style>
  <use>literal</use>
  <scope>application</scope>
  <inHandlers>
   <handler handlerClass="com.nstar.xfire.auth.XfireAuthenticationHandler"></handler>
     </inHandlers>
 </service>
</beans>


客户端代码

package com.nstar.xfire.client.auth;

import org.codehaus.xfire.MessageContext;
import org.codehaus.xfire.handler.AbstractHandler;
import org.jdom.Element;

public class ClientHeaderHandler extends AbstractHandler {
 //用户验证
 private static final String USERNAME = "biansutao";
 private static final String PASSWORD = "12345678";
 private static final String NS = "http://xfire.codehaus.org/biansutao";
 public void invoke(MessageContext ctx) throws Exception {
  Element header = ctx.getOutMessage().getOrCreateHeader();
  header.addContent(new Element("USERNAME",NS).addContent(USERNAME));
  header.addContent(new Element("PASSWORD",NS).addContent(PASSWORD));
 }

}

 

package com.nstar.xfire.client;

import java.util.List;
import java.lang.reflect.Proxy;
import java.net.MalformedURLException;
import java.util.ArrayList;

import org.codehaus.xfire.*;
import org.codehaus.xfire.client.Client;
import org.codehaus.xfire.client.XFireProxy;
import org.codehaus.xfire.client.XFireProxyFactory;
import org.codehaus.xfire.service.Service;
import org.codehaus.xfire.service.binding.ObjectServiceFactory;
import com.nstar.xfire.IHelloWordService;
import com.nstar.xfire.Student;
import com.nstar.xfire.client.auth.ClientHeaderHandler;

public class HelloWorldClient {

 /**
  * @param args
  */
 public static void main(String[] args) {
  Service serviceModel = new ObjectServiceFactory().create(IHelloWordService.class);
  XFireProxyFactory factory = new XFireProxyFactory(XFireFactory.newInstance().getXFire());
  String url = "http://10.232.75.61:8090/Xfire/services/HelloWordService";
  try {
   IHelloWordService service = (IHelloWordService) factory.create(serviceModel, url);
   
      XFireProxy proxy = (XFireProxy)Proxy.getInvocationHandler(service);
         Client client = proxy.getClient();
         client.addOutHandler(new ClientHeaderHandler());
   
   List list = new ArrayList();
   List list1 = new ArrayList();
   list.add(new String("测试"));
   int age = service.getAge("边苏涛");
   String name = service.getName(1);
   Student s = service.getOneStudent(27);
   list1 = service.getStudent(list);
   System.out.println("边苏涛's age =="+age);
   System.out.println("学号为1的学生姓名 "+name);
   System.out.println("age == "+s.getAge()+" name == "+s.getName()+" list content "+s.getList().get(0).toString());
   System.out.println(list1.size());
   for(int i=0;i<list1.size();i++){
    System.out.println(list1.get(i).toString());
   }
  } catch (MalformedURLException e) {
   e.printStackTrace();
  }
 }
}





这样一来，使用这个原理就可以针对特定用户进行服务调用了。

 

 

示例代码：

服务器端：

 

客户端：