- 浏览: 155648 次
- 性别:
- 来自: 奥克兰
文章分类
最新评论
-
u012625419:
...
CXF之用spring配置服务端和客户端实例(转) -
bambooshangye:
CXF之用spring配置服务端和客户端实例(转) -
最佳蜗牛:
写的很好,谢谢!
tomcat下的server.xml文件和context.xml (转) -
mohaowen1989:
亲 有中文版的么?在grails基础上的spring-secu ...
Simplified Spring Security with Grails(转) -
douhongyang:
挺好,,思路很清晰,
spring security详解教程 (转)
转自 http://blog.csdn.net/fhd001/archive/2010/09/05/5864413.aspx
pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>test.cxf</groupId> <artifactId>java_first_spring_support1</artifactId> <packaging>war</packaging> <name>java_first_spring_support1</name> <version>0.0.1-SNAPSHOT</version> <description>CXF使用WSS4J实现WS-Security规范之使用用户名令牌</description> <properties> <cxf.version>2.2.5</cxf.version> </properties> <build> <finalName>java_first_spring_support1</finalName> <plugins> <plugin> <artifactId>maven-compiler-plugin</artifactId> <configuration> <source>1.6</source> <target>1.6</target> <encoding>UTF-8</encoding> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-resources-plugin</artifactId> <configuration> <encoding>UTF-8</encoding> </configuration> </plugin> </plugins> </build> <dependencies> <dependency> <groupId>org.springframework</groupId> <artifactId>spring</artifactId> <version>2.5.6</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-frontend-jaxws</artifactId> <version>${cxf.version}</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-transports-http</artifactId> <version>${cxf.version}</version> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-ws-security</artifactId> <version>${cxf.version}</version> </dependency> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.8.1</version> <scope>test</scope> </dependency> </dependencies> </project>
服务接口:
package cxf.server; import javax.jws.WebService; @WebService public interface HelloWorld { String sayHi(String name); }
接口实现:
package cxf.server; import javax.jws.WebService; @WebService(endpointInterface="cxf.server.HelloWorld") public class HelloWorldImpl implements HelloWorld { @Override public String sayHi(String name) { System.out.println("server: say->" + name); return "say-->" + name; } }
服务端的spring配置:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> <bean id="serverPasswordCallback" class="cxf.server.ServerPasswordCallback" /> <jaxws:endpoint id="helloworld" implementor="cxf.server.HelloWorldImpl" address="/helloworld"> <jaxws:inInterceptors> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor" /> <!-- SAAJInInterceptor只在CXF是2.0.X版本时或之前版本时才是必须的 --> <!-- <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/> --> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="user" value="FHDServer" /> <entry key="passwordCallbackRef"> <ref bean="serverPasswordCallback" /> </entry> </map> </constructor-arg> </bean> </jaxws:inInterceptors> </jaxws:endpoint> <!-- action: UsernameToken 指使用用户名令牌 passwordType: PasswordText 指密码加密策略,这里直接文本 user: FHDServer 指别名 passwordCallBackRef: serverPasswordCallback 指消息验证 --> </beans>
服务端的验证:
package cxf.server; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class ServerPasswordCallback implements CallbackHandler { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; String identifier = pc.getIdentifier(); String password = pc.getPassword(); if ("admin".equals(identifier) && "888888".equals(password)) { System.out.println("验证通过!"); System.out.println("identifier = " + identifier); System.out.println("password = " + password); } else { throw new SecurityException("验证失败"); } } }
客户端的spring配置:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> <bean id="clientPasswordCallback" class="cxf.client.ClientPasswordCallback"/> <jaxws:client id="client" address="http://localhost:8080/java_first_spring_support1/service/helloworld" serviceClass="cxf.server.HelloWorld"> <jaxws:outInterceptors> <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" /> <!-- SAAJInInterceptor只在CXF是2.0.X版本时或之前版本时才是必须的 --> <!-- <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/> --> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="user" value="FHDClient" /> <entry key="passwordCallbackRef"> <ref bean="clientPasswordCallback" /> </entry> </map> </constructor-arg> </bean> </jaxws:outInterceptors> </jaxws:client> </beans>
客户端的验证:
package cxf.client; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class ClientPasswordCallback implements CallbackHandler { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; pc.setPassword("888888"); pc.setIdentifier("admin"); } }
客户端调用代码:
package cxf.client; import org.springframework.context.support.ClassPathXmlApplicationContext; import cxf.server.HelloWorld; public final class Client { public static void main(String args[]) throws Exception { ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext(new String[] {"client-beans.xml"}); HelloWorld client = (HelloWorld)context.getBean("client"); String str = client.sayHi("fuhaidong"); System.out.println("client: " + str); } }
web.xml:
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> <display-name>java_first_spring_support1</display-name> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <context-param> <param-name>contextConfigLocation</param-name> <param-value>classpath:beans.xml</param-value> </context-param> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <servlet> <servlet-name>CXFServlet</servlet-name> <servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>CXFServlet</servlet-name> <url-pattern>/service/*</url-pattern> </servlet-mapping> </web-app>
发表评论
-
Difference between RPC/Document, literal/encoded
2011-12-01 16:39 2288转自 http://www.ibm.com/dev ... -
Java web services: WS-Security with CXF (转)
2011-09-05 17:45 2145This article is refered from h ... -
CXF全接触 --- WS-Security的实现 (转)
2011-09-05 17:36 2268转自 http://blog.csdn.net/kuns ... -
SSL原理解密(转)
2011-07-26 06:47 1519RSA公钥加密在计算机产 ... -
UsernameToken 介绍(转)
2011-04-14 12:39 1726很好的一篇文章,转过 ... -
不同格式证书导入keystore方法(转)
2011-04-14 12:24 2446转自: http://hi.baidu.com/%D3%C ... -
WSDL 规则解释(转)
2011-04-13 11:56 3388转自 http://www.blogjava.net/baoy ... -
深入浅出WS-Addressing(转)
2010-10-28 11:51 12091. 为什么需要 WS-Addressin ... -
WS-Addressing EndpointReference(转)
2010-10-28 11:18 1004WS-Addressing规范主要描述 ... -
WS-Addressing 问题的引出(转)
2010-10-28 11:15 789SOAP 协议定义了在 Web Services 之间传 ... -
WS-Addressing Message Addressing Properties (转)
2010-10-28 11:09 1759相对EndpointReference而言,个人认为在WS-A ... -
SOAP与CORBA,COM/DCOM的区别(转)
2010-09-23 17:49 1701CORBA(Common Object Request Br ... -
Java Web 服务: Axis2 中的 JAXB 和 JAX-WS(转)
2010-09-23 17:41 1260Apache Axis2 支持各种数据 ... -
Web Service简介 (转)
2010-09-23 17:25 6831.定义 由两部分组成 ... -
WSDL & SOAP & Web Service (转)
2010-09-23 17:24 896WSDL 是基于 XML 的用于描述 Web Services ...
相关推荐
CXF使用WSS4J实现WS-Security规范,本例的配置是Timestamp Signature Encrypt,具体使用可以参考我的博客http://blog.csdn.net/wangchsh2008/article/details/6708270
1)参考: ...2)CXFWS工程是基于WS-Security规范,实现X.509身份验证的,同时实现签名和加密 keytool 工具的使用参考 http://hi.baidu.com/qianshuifanchuan/blog/item/6291b8510009ad3c42a75b8e.html ...
CXF WS-Security WSS4J 例子 可以运行,运行的时候只要运行client就行,重点是运行完之后要关掉第一个控制台,才能看到结果。一定要记得改一下client的路径名
赠送jar包:cxf-rt-ws-addr-3.0.1.jar; 赠送原API文档:cxf-rt-ws-addr-3.0.1-javadoc.jar; 赠送源代码:cxf-rt-ws-addr-3.0.1-sources.jar; 赠送Maven依赖信息文件:cxf-rt-ws-addr-3.0.1.pom; 包含翻译后的API...
纯java调用ws-security+CXF实现的webservice安全接口
赠送jar包:cxf-rt-ws-policy-3.0.1.jar; 赠送原API文档:cxf-rt-ws-policy-3.0.1-javadoc.jar; 赠送源代码:cxf-rt-ws-policy-3.0.1-sources.jar; 赠送Maven依赖信息文件:cxf-rt-ws-policy-3.0.1.pom; 包含...
cxf结合ws-security实现webservice 用户名/密码身份认证安全调用,依赖包
android client ksoap2 token apache cxf wss4j authentication
udp-3.0.11.jar,cxf-rt-wsdl-3.0.0.jar,cxf-rt-ws-security-3.0.0.jar,neethi-3.0.3.jar,slf4j-api-1.7.7.jar,stax2-api-3.1.4.jar,woodstox-core-asl-4.4.1.jar,wsdl4j-1.6.3.jar,wss4j-bindings-2.0.9.jar,xml...
cxf ws-Security的实现 WS-SecurityPolicy 安全配置指定在客户机和服务之间交换的消息所需的安全处理。在大多数情况下,Web 服务堆栈还需要更多信息,才能对消息交换应用安全措施。 里面有2个project,分别server ...
赠送jar包:cxf-rt-bindings-soap-3.0.1.jar; 赠送原API文档:cxf-rt-bindings-soap-3.0.1-javadoc.jar; 赠送源代码:cxf-rt-bindings-soap-3.0.1-sources.jar; 赠送Maven依赖信息文件:cxf-rt-bindings-soap-...
赠送jar包:cxf-rt-frontend-simple-3.0.1.jar; 赠送原API文档:cxf-rt-frontend-simple-3.0.1-javadoc.jar; 赠送源代码:cxf-rt-frontend-simple-3.0.1-sources.jar; 赠送Maven依赖信息文件:cxf-rt-frontend-...
赠送jar包:cxf-rt-transports-http-3.0.1.jar; 赠送原API文档:cxf-rt-transports-http-3.0.1-javadoc.jar; 赠送源代码:cxf-rt-transports-http-3.0.1-sources.jar; 赠送Maven依赖信息文件:cxf-rt-transports-...
了解 Web 服务规范_第 4 部分:WS-Security源码
赠送jar包:cxf-rt-frontend-jaxws-3.0.1.jar; 赠送原API文档:cxf-rt-frontend-jaxws-3.0.1-javadoc.jar; 赠送源代码:cxf-rt-frontend-jaxws-3.0.1-sources.jar; 赠送Maven依赖信息文件:cxf-rt-frontend-jaxws...
赠送jar包:cxf-rt-rs-extension-providers-3.0.1.jar; 赠送原API文档:cxf-rt-rs-extension-providers-3.0.1-javadoc.jar; 赠送源代码:cxf-rt-rs-extension-providers-3.0.1-sources.jar; 赠送Maven依赖信息...
cxf-rt-frontend-jaxws-3.0.16.jar jar包下载3.0.16版本下载
赠送jar包:cxf-rt-rs-client-3.0.1.jar; 赠送原API文档:cxf-rt-rs-client-3.0.1-javadoc.jar; 赠送源代码:cxf-rt-rs-client-3.0.1-sources.jar; 赠送Maven依赖信息文件:cxf-rt-rs-client-3.0.1.pom; 包含...
赠送jar包:cxf-rt-bindings-xml-3.0.1.jar; 赠送原API文档:cxf-rt-bindings-xml-3.0.1-javadoc.jar; 赠送源代码:cxf-rt-bindings-xml-3.0.1-sources.jar; 赠送Maven依赖信息文件:cxf-rt-bindings-xml-3.0.1....
transports-http-3.1.18.jar、cxf-rt-transports-udp-3.1.18.jar、cxf-rt-ws-addr-3.1.18.jar、cxf-rt-wsdl-3.1.18.jar、cxf-rt-ws-policy-3.1.18.jar、neethi-3.1.1.jar、slf4j-api-1.7.25.jar、stax2-api-3.1.4....