我的家園
          
			我的家園
		          		
	
          

          

          

          


          		
	
          
	
          
		
			
		
		
			
          
				
					
	
          
		
		
          
              
          CXF 入門:HelloWorld接口發布
          

          CXF 入門: 遠程接口調用
          

          ?
          

          下面具體的webservice實現類直接用的是上面的,這里不再說明
          

          ?
          

          

          

          CXF攔截器使用,創建一個使用SOAPHeader的安全驗證
xml格式:
<soap:Header>
	<auth:authentication xmlns:auth="http://gd.chinamobile.com//authentication">
		<auth:systemID>1</auth:systemID>
		<auth:userID>test</auth:userID>
		<auth:password>test</auth:password>
	</auth:authentication>
</soap:Header>

一,首先在服務端創建一個攔截器(被調用端),需要繼承org.apache.cxf.phase.AbstractPhaseInterceptor
代碼如下:

import java.util.List;

import javax.xml.soap.SOAPException;

import org.apache.cxf.binding.soap.SoapHeader;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.XMLUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.log4j.Logger;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;


public class AuthIntercetpr extends AbstractPhaseInterceptor<SoapMessage> {
	private static final Logger logger = Logger.getLogger(AuthIntercetpr.class);
    public static final String xml_namespaceUR_att = "http://gd.chinamobile.com//authentication";
	public static final String xml_header_el = "soap:Header";
	public static final String xml_authentication_el = "auth:authentication";
	public static final String xml_systemID_el = "auth:systemID";
	public static final String xml_userID_el = "auth:userID";
	public static final String xml_password_el = "auth:password";
	public AuthIntercetpr() {
		// 指定該攔截器在哪個階段被激發
		super(Phase.PRE_INVOKE);
	}

	// 處理消息
	public void handleMessage(SoapMessage message) {
		logger.info("==================SoapMessage =" + message);
		// 獲取SOAP消息的全部頭
		List<Header> headers = message.getHeaders();

		if (null == headers || headers.size() < 1) {
			throw new Fault(new SOAPException("SOAP消息頭格式不對哦!"));
		}
		for (Header header : headers) {
			SoapHeader soapHeader = (SoapHeader) header;
			// 取出SOAP的Header元素
			Element element = (Element) soapHeader.getObject();
			logger.info("ELEMENT =" + element.toString());
			XMLUtils.printDOM(element);
			NodeList userIdNodes = element
					.getElementsByTagName(xml_userID_el);
			NodeList pwdNodes = element
					.getElementsByTagName(xml_password_el);
			NodeList systemIdNodes = element
					.getElementsByTagName(xml_systemID_el);
			logger.info("############ 打印帳號信息 ##############");
			logger.info(userIdNodes.item(0) + "="
					+ userIdNodes.item(0).getTextContent());
			logger.info(systemIdNodes.item(0) + "="
					+ systemIdNodes.item(0).getTextContent());
			logger.info(pwdNodes.item(0) + "="
					+ pwdNodes.item(0).getTextContent());
			logger.info("############————————##############");
			if (null != userIdNodes
					&& userIdNodes.item(0).getTextContent().equels("test") ) {
				if (null != pwdNodes
						&& pwdNodes.item(0).getTextContent().equals("test")) {
					logger.info("$$$$$$$$ 認證成功");
				} else {//認證失敗則拋出異常,停止繼續操作
					SOAPException soapExc = new SOAPException("閣下可能不是合法用戶!");
					throw new Fault(soapExc);
				}
			} else {//認證失敗則拋出異常,停止繼續操作
				SOAPException soapExc = new SOAPException("閣下可能不是合法用戶!");
				throw new Fault(soapExc);
			}
			
		}
	}
}

二,修改cxf-beans.xml

<!--id:隨意配,implementor:指定接口具體實現類,address:隨意配,訪問時會用到,下面會做說明-->
<!--攔截器-->
<bean id="authIntercetpr" class="unitTest.AuthIntercetpr"></bean>
<jaxws:endpoint id="HelloWorldService" implementor="com.ws.HelloWorldServiceImpl"
		address="/IHelloService">
		<!-- 在此配置調用當前ws所觸發的攔截器-->
		<jaxws:inInterceptors><ref bean="authIntercetpr" /></bean> 
			
		<!--或者直接在這里寫<bean  class="unitTest.AuthIntercetpr"></bean>-->
		</jaxws:inInterceptors>
</jaxws:endpoint>

到此服務端工作完畢!!!
下面是客戶端(調用端)
三,這邊同樣創建一個攔截器,實現org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor

import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;

import javax.xml.namespace.QName;

import org.apache.cxf.binding.soap.SoapHeader;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.helpers.XMLUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.Phase;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

public class AddSoapHeader extends AbstractSoapInterceptor {

	public static final String xml_namespaceUR_att = "http://gd.chinamobile.com//authentication";
	public static final String xml_header_el = "soap:Header";
	public static final String xml_authentication_el = "auth:authentication";
	public static final String xml_systemID_el = "auth:systemID";
	public static final String xml_userID_el = "auth:userID";
	public static final String xml_password_el = "auth:password";

	public AddSoapHeader() {
	// 指定該攔截器在哪個階段被激發
		super(Phase.WRITE);
	}

	public void handleMessage(SoapMessage message) throws Fault {
		SimpleDateFormat sd = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
		Date date = new Date();
		String time = sd.format(date);
		String userId = "test";
		String sysId = "1";
		String password = "test";

		QName qname = new QName("RequestSOAPHeader");//這個值暫時不清楚具體做什么用,可以隨便寫

		Document doc = (Document) DOMUtils.createDocument();
		Element root = doc.createElement(xml_header_el);
		Element eSysId = doc.createElement(xml_systemID_el);
		eSysId.setTextContent(sysId);
		Element eUserId = doc.createElement(xml_userID_el);
		eUserId.setTextContent(userId);
		Element ePwd = doc.createElement(xml_password_el);
		ePwd.setTextContent(password);
		Element child = doc.createElementNS(xml_namespaceUR_att,
				xml_authentication_el);
		child.appendChild(eSysId);
		child.appendChild(eUserId);
		child.appendChild(ePwd);
		root.appendChild(child);
		XMLUtils.printDOM(root);// 只是打印xml內容到控制臺,可刪除
		SoapHeader head = new SoapHeader(qname, root);
		List<Header> headers = message.getHeaders();
		headers.add(head);
		
	}

}

四,具體調用ws的類代碼


	private static final String webServiceConTimeout = "6000";
	private static final String webServiceRevTimeout = "6000";
	。。。。。。。
        HelloWorldServiceImplService hello = new HelloWorldServiceImplService();  
        HelloWorldService service = hello.getHelloWorldServiceImplPort();
        //以上什么意思請參考:http://learning.iteye.com/admin/blogs/1333223
		Client clientProxy = ClientProxy.getClient(service);//通過目標ws獲取代理
		//注入攔截器,getOutInterceptors代表調用服務端時觸發,getInInterceptors就是被調用才觸發
		clientProxy.getOutInterceptors().add(ash);
		// 超時時間設置
		HTTPConduit http = (HTTPConduit) clientProxy.getConduit();
		HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
		httpClientPolicy.setConnectionTimeout(Integer
				.valueOf(webServiceConTimeout));
		httpClientPolicy.setReceiveTimeout(Integer
				.valueOf(webServiceRevTimeout));
		httpClientPolicy.setAllowChunking(false);
		http.setClient(httpClientPolicy);
        //以上插入點超時設置方式
		//下面這行代碼是具體調用服務段的deleteTeskTask()
		CallResult cResult = service.deleteTeskTask("1223");
				
		。
		。
		
客戶端代碼到此結束

五,還有一種方式是通過JaxWsProxyFactoryBean方式,注冊攔截器及實例化ws,代碼如下:

private static final JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();

AddSoapHeader ash = new AddSoapHeader();
		ArrayList list = new ArrayList();
		// 添加soap header 信息
		list.add(ash);
		//注入攔截器,getOutInterceptors代表調用服務端時觸發,getInInterceptors就是被調用才觸發
		 factory.setOutInterceptors(list);
		 factory.setServiceClass(HelloWorldService.class);//實例化ws
		 factory.setAddress("http://xxx.xxx.xxx.xxx:8004/services/IHelloService");
		 Object obj = factory.create();
		 HelloWorldService service = (HelloWorldService) obj;
		 //下面這行代碼是具體調用服務段的deleteTeskTask()
		CallResult cResult = service.deleteTeskTask("1223");
		
##########這段代碼可替代步驟(四)#####

到此全部工作結束
具體一些概念還請自己baidu/google
          
?

          ?
          
              
              

          
              
                
              
              
           
          
              
          
	
          


          
	    
    

          Feedback
          
	
			
          
				
          
					
          
						# re: CXF 入門:創建一個基于SOAPHeader的安全驗證(CXF攔截器使用)  回復  更多評論
						  
					
          
					2015-02-12 16:37 by jaja1900
				
          
				
          樓主,soapheader 驗證未通過,只能以拋出異常的方式防止繼續訪問webservice?
          
			
          
		




          





          


          

	
          
		
          
				
		
	
		
          
		
		
          只有注冊用戶登錄后才能發表評論。
          
		
          
			
		
          
			
		
          
		
		
          
		


          

		          		
		
          
		
          			
		
		
		
		
          
		
          
		
		
          
		
          
			網站導航:
		
		
          
		
          
			
		
          	
		
          
			 
		
          
		
          
			
		
          
		
          
			
				
		
          		
	
          	

          



          

				
			
          
		          		
	
          
	
          
		
			

		
	
          

          


    







          
        
	




主站蜘蛛池模板:
和林格尔县|
游戏|
阆中市|
黄龙县|
福清市|
奈曼旗|
宜城市|
井冈山市|
红原县|
遂宁市|
富蕴县|
道真|
嘉义县|
平顺县|
黎川县|
定陶县|
广宁县|
林州市|
平舆县|
蓬安县|
永泰县|
青田县|
漳浦县|
安新县|
盐源县|
平度市|
达拉特旗|
射洪县|
岳阳县|
兰西县|
呼图壁县|
和静县|
石首市|
华宁县|
新乐市|
新建县|
惠来县|
左贡县|
屏东市|
嘉定区|
庆安县|