由于開發(fā)的需要,要用到xfire,對(duì)于開發(fā)我比較關(guān)心的是安全和速度!所以就找了xfire中的ws-security,利用它的安全證書和key,安全足夠了
先到網(wǎng)上下載最新版的xfire,一般都去官方網(wǎng)站下載,了解下詳情!其官網(wǎng)為
http://xfire.codehaus.org
現(xiàn)在最新版為1.2.6,把
xfire-all-1.2.6.jar 和
xfire-distribution-1.2.6.zip下載
準(zhǔn)備前,先看看ws-securitye的步驟,在
http://xfire.codehaus.org/WS-Security里面可以看到,它提示我們installed Unlimited Strength Jurisdiction Policy Files,我就在
http://java.sun.com/j2se/1.5.0/download.jsp里面下載兩個(gè)包,因?yàn)槲野惭b的是jdk1.6最新版,在
http://java.sun.com/j2se/1.5.0/download.jsp最下面的Other Downloads的Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0,點(diǎn)擊下載,下載下來后,按照里面的步驟,把這兩個(gè)jar放到
Java/jre6/lib/security里面,修改java.security,把
security.provider.6=com.sun.security.sasl.Provider改為
security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider
其效果為
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider
#security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.8=sun.security.smartcardio.SunPCSC
security.provider.9=sun.security.mscapi.SunMSCAPI
準(zhǔn)備工作做好后,解壓xfire-distribution-1.2.6.zip,然后你會(huì)看到xfire-1.2.6這個(gè)文件夾,進(jìn)去,你會(huì)看到有個(gè)examples文件夾,再進(jìn)去,你就發(fā)現(xiàn)很多demo啦,在這里就找到了ws-security的demo
啟動(dòng)Myeclipse,看到里面的.classpath和.project文件,這個(gè)是eclipse的項(xiàng)目!用myeclipse打開,你發(fā)現(xiàn)都不正確,這些錯(cuò)誤我就不理!
新建一個(gè)Web Progect項(xiàng)目,項(xiàng)目名隨你命名。設(shè)置下該項(xiàng)目,點(diǎn)擊該項(xiàng)目,右鍵,properties,找到Java Compiler,修改項(xiàng)目的jdk為1.5以上(里面用到的有注入)!解壓xfire-distribution-1.2.6.zip,進(jìn)入ws-security文件夾下,進(jìn)入src下,再進(jìn)入main的文件夾,把里面的文件全部都拷貝到你新建的項(xiàng)目的src下。點(diǎn)中該項(xiàng)目,右鍵,新建Source Folder,命名為test。后退,找到test的文件夾,把里面的文件全部拷貝到項(xiàng)目test的文件夾下。后退,再把web-inf里面的web.xml拷貝到項(xiàng)目里面,替換。最后在項(xiàng)目中加入jar,在xfire-1.2.6根文件夾下面有個(gè)lib,把這些lib全部放到項(xiàng)目的web-inf下的lib文件夾中,把xfire-all-1.2.6.jar也加入到項(xiàng)目中。整個(gè)項(xiàng)目的結(jié)構(gòu)為:
生成key:在ws-security根目錄下有個(gè)keys的文件夾,雙擊進(jìn)去,運(yùn)行g(shù)enerateServerKey.bat,將默認(rèn)的key生成。里面的參數(shù)讓你們研究,很好用(上面我跳過不安裝j2se1.4就是因?yàn)橛羞@個(gè))!生成后,將serverKey.rsa和serverStore.jks扔到META-INF\xfire下,有個(gè)相同的那就替換,clientStore.jks同理
修改服務(wù)器參數(shù):在org.codehaus.xfire.client下的BookClient.java,把變量SERVICE_NAMESPACE的值改為
http://localhost:端口號(hào)/上下文路徑/BookService,下面的都同理。要修改到的文件META-INF\xfire下的services.xml。記得把http://xfire.codehaus.org修改為http://localhost:端口號(hào)/上下文路徑/BookService。因?yàn)閔ttp://xfire.codehaus.org不開放那些接口
修改完畢后,把項(xiàng)目部署到tomcat,啟動(dòng)服務(wù)器后,org.codehaus.xfire.client下運(yùn)行BookClientEnc.java
。運(yùn)行后會(huì)報(bào)下面的錯(cuò)誤
Running client : Encryption Client
Looking for isbn : 0123456789 
.Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/xml/utils/URI$MalformedURIException
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:407)
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:399)
at org.apache.ws.security.message.WSSecEncrypt.encryptForInternalRef(WSSecEncrypt.java:306)
at org.apache.ws.security.message.WSSecEncrypt.build(WSSecEncrypt.java:264)
at org.apache.ws.security.action.EncryptionAction.execute(EncryptionAction.java:62)
at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:192)
at org.codehaus.xfire.security.wss4j.WSS4JOutHandler.invoke(WSS4JOutHandler.java:158)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at $Proxy0.findBook(Unknown Source)
at org.codehaus.xfire.client.BookClient.executeClient(BookClient.java:63)
at org.codehaus.xfire.client.BookClientEnc.main(BookClientEnc.java:23)
Caused by: java.lang.ClassNotFoundException: org.apache.xml.utils.URI$MalformedURIException
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
16 more
這是因?yàn)槟氵€沒把xalan.jar加入去,到
http://www.apache.org/dyn/closer.cgi/xml/xalan-j 下載最新版
,現(xiàn)在最新去到2_7_1,找到xalan-j_2_7_1-bin.zip,把其下載后,添加xalan.jar到項(xiàng)目
再運(yùn)行,如果出現(xiàn)下面的結(jié)果,那就正常啦
Running client : Encryption Client
Looking for isbn : 0123456789 ....Using XFire : Dan Diephouse
我的做好的示例文件在
http://www.aygfsteel.com/Files/czmchen/ws-security.rar可以下載,下載后要做的事情就是把jar按上面的方法加進(jìn)去,因?yàn)閖ar太大了,上傳不上!還有要改下tomcat的端口為8001,再部署項(xiàng)目