cxf+wss4j+mysql webservice 加密服务开发

我采用的是cxf

加密端用的 WSS4J

服务端查询数据库 信息 然后发布服务 客户端调用 服务端 实现数据保护加密服务的功能
WSS4J有三种验证方式本项目采用 最简单的一种 UsernameToken用户名密码验证


Cxf mss4j加密模块 系统集成说明：所需环境 Spring
因为cxf是非常方便与spring集成的 并且支持注解
client_Spring.xml放到src/main/resources下

<?xml version="1.0" encoding="utf-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xmlns:jaxws="http://cxf.apache.org/jaxws"
	xmlns:http-conf="http://cxf.apache.org/transports/http/configuration"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
                       http://www.springframework.org/schema/beans/spring-beans.xsd
                       http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
                       http://cxf.apache.org/transports/http/configuration
                       http://cxf.apache.org/schemas/configuration/http-conf.xsd">


	<bean id="clientPasswordCallback" class="com.prisys.ws.client.ClientPasswordCallback"></bean>
	
	<bean id="wss4jOutInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
        <constructor-arg>
            <map>
                <!-- 用户认证（明文密码） -->
                <entry key="action" value="UsernameToken"/>
                <entry key="user" value="client"/>
                <entry key="passwordType" value="PasswordText"/>
                <entry key="passwordCallbackRef" value-ref="clientPasswordCallback"/> 
            </map>
        </constructor-arg>
    </bean>

	<jaxws:client id="client" address="http://localhost:9080/SOA_Server/webservice/gtinfo"
		serviceClass="com.prisys.ws.service.CxfClientSOA">
		<jaxws:inInterceptors>
			<bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
		</jaxws:inInterceptors>
		<jaxws:outInterceptors>
			<bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
            <ref bean="wss4jOutInterceptor"/>
        </jaxws:outInterceptors>
	</jaxws:client>
	
	<jaxws:client id="updateFile" address="http://localhost:9080/SOA_Server/webservice/updateFile"
		serviceClass="com.prisys.ws.service.CxfClientSOA">
	</jaxws:client>
	
	<!-- 对所有的服务配置超时机制   只对服务名为{http://service.ws.cxfdemo.com/}HelloWorldService的服务生效.   -->
	<http-conf:conduit name="*.http-conduit">       
		<!-- ConnectionTimeout获取连接超时   ReceiveTimeout获取结果超时-->
		<http-conf:client ConnectionTimeout="15000" ReceiveTimeout="30000"/>
	</http-conf:conduit>
</beans>

Pom.xml:

 <!-- CXF START -->
		<!-- CXF依赖 -->
		<dependency>
			<groupId>org.apache.cxf</groupId>
			<artifactId>cxf-api</artifactId>
			<version>2.7.9</version>
		</dependency>
		<dependency>
			<groupId>org.apache.cxf</groupId>
			<artifactId>cxf-rt-transports-http</artifactId>
			<version>2.7.9</version>
		</dependency>
		<dependency>
			<groupId>org.apache.cxf</groupId>
			<artifactId>cxf-rt-bindings-soap</artifactId>
			<version>2.7.9</version>
		</dependency>
		<dependency>
			<groupId>org.apache.cxf</groupId>
			<artifactId>cxf-rt-frontend-jaxws</artifactId>
			<version>2.7.9</version>
		</dependency>
		<dependency>
			<groupId>org.apache.cxf</groupId>
			<artifactId>cxf-rt-ws-security</artifactId>
			<version>2.7.9</version>
		</dependency>
		<!-- CXF END -->

加密支持类 ：

package com.prisys.ws.client;
import java.io.IOException;
import java.util.Date;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;

import org.apache.ws.security.WSPasswordCallback;
 
public class ClientPasswordCallback implements CallbackHandler {
 
    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
        WSPasswordCallback callback = (WSPasswordCallback) callbacks[0];
        System.out.println(new Date());
        try {
			Thread.sleep(1000L);
		} catch (InterruptedException e) {
			e.printStackTrace();
		}
        callback.setPassword("这里填你自己想填的密码");
    }
}

其他按照cxf正常发布模式就好了

需要源码的 进群讨论 186408628