`
longgangbai
  • 浏览: 7250648 次
  • 性别: Icon_minigender_1
  • 来自: 上海
社区版块
存档分类
最新评论

Mule ESB 学习笔记(14)CXF SOAP基于UsernameToken的验证

MuleESBSOASOAP UsernameTokenWebService认证 
阅读更多

 简单需求:

         针对在webservice中一些商业数据的机密性采用加密等验证的方式实现,这里主要说明soap使用UsernameToken的验证方式.

mule-config.xml配置:

<mule xmlns:core="http://www.mulesoft.org/schema/mule/core" xmlns="http://www.mulesoft.org/schema/mule/core"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:spring="http://www.springframework.org/schema/beans"
    xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf"
    xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
    xmlns:http="http://www.mulesoft.org/schema/mule/http"
    xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd 
http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/current/mule-cxf.xsd 
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd 
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd " version="EE-3.3.0">

    <flow name="UnsecureServiceFlow" doc:name="UnsecureServiceFlow">
        <http:inbound-endpoint address="http://localhost:63082/services/unsecure" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/>
        <cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Unsecure service"/>
        <component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service" />
    </flow>

    <flow name="UsernameTokenServiceFlow" doc:name="UsernameTokenServiceFlow">
        <http:inbound-endpoint address="http://localhost:63082/services/username" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/>
        <cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Secure UsernameToken service">
            <cxf:ws-security>
                <cxf:ws-config>
                    <cxf:property key="action" value="UsernameToken Timestamp"/>
                    <cxf:property key="passwordCallbackClass" value="com.mulesoft.mule.soap.security.PasswordCallback"/>
                </cxf:ws-config>
            </cxf:ws-security>
        </cxf:jaxws-service>
        <component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service"/>
    </flow>
</mule>

 

 

package com.mulesoft.mule.soap.security;

import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;

@WebService
public interface Greeter
{
    @WebResult(name="name")
    public String greet(@WebParam(name="name") String name);
}

 

 

package com.mulesoft.mule.soap.security;

public class GreeterService implements Greeter
{
    public String greet(String name)
    {
        return "Hello " + name;
    }
}

 

 

回调类:

package com.mulesoft.mule.soap.security;

import java.io.IOException;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;

import org.apache.ws.security.WSPasswordCallback;
/**
 * 
 * <p>功能描述,该部分必须以中文句号结尾。<p>
 *
 * 创建日期 2013-8-27<br>
 * @author  $Author$<br>
 * @version $Revision$ $Date$
 * @since   3.0.0
 */
public class PasswordCallback implements CallbackHandler
{
    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
    {
        WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];

        if (pc.getIdentifier().equals("joe"))
        {
            pc.setPassword("secret");
        }
        else if (pc.getIdentifier().equals("stan"))
        {
            pc.setPassword("elephant");
        }
    }
}

 

 

服务端测试

public class MuleServerApp {
      public static void main(String[] args) throws MuleException {
    	  String configFile = "mule-config.xml";
          System.setProperty("mule.verbose.exceptions","true");
          String[] configFileArr = new String[] {configFile };
          MuleContextFactory muleContextFactory = new DefaultMuleContextFactory();
          MuleContext muleContext = muleContextFactory
                  .createMuleContext(new SpringXmlConfigurationBuilder(configFileArr));
          muleContext.start();
      }
}

 

客户端测试

package com.mulesoft.mule.soap.test;

import java.net.MalformedURLException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;

import javax.xml.namespace.QName;
import javax.xml.ws.Service;

import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;

import com.mulesoft.mule.soap.security.Greeter;
import com.mulesoft.mule.soap.security.PasswordCallback;
/**
 * 
 * <p>功能描述,该部分必须以中文句号结尾。<p>
 *
 * 创建日期 2013-8-27<br>
 * @author  $Author$<br>
 * @version $Revision$ $Date$
 * @since   3.0.0
 */
public class MuleSecureClient
{
    public static void main(String[] args) throws Exception
    {
        Greeter service1 = createService("http://localhost:63082/services/unsecure?wsdl", null);
        System.out.println(service1.greet("Mule"));
        Greeter service2 = createService("http://localhost:63082/services/username?wsdl",
            getUsernameTokenProps("UsernameToken Timestamp"));
        System.out.println(service2.greet("Mule"));
    }
    
  

    protected static Map<String, Object> getUsernameTokenProps(String action)
    {
        Map<String, Object> wss4jProps = new HashMap<String, Object>();
        //设置请求时候的参数信息
        wss4jProps.put("action", action);
        wss4jProps.put("user", "joe");
        //回调类
        wss4jProps.put("passwordCallbackClass", PasswordCallback.class.getName());
        return wss4jProps;
    }
    

    
    public static Greeter createService(String url, Map<String, Object> wss4jProps)
    {
        URL wsdlDocumentLocation;
        try
        {
            wsdlDocumentLocation = new URL(url);
        }
        catch (MalformedURLException e)
        {
            throw new RuntimeException("Invalid test definition", e);
        }
        QName serviceName = new QName("http://security.soap.mule.mulesoft.com/", "GreeterService");

        Service dynService = Service.create(wsdlDocumentLocation, serviceName);
        Greeter service = dynService.getPort(Greeter.class);
        Client client = ClientProxy.getClient(service);

        if (wss4jProps != null)
        {
            client.getOutInterceptors().add(new WSS4JOutInterceptor(wss4jProps));
        }

        return service;
    }
    
}

 

分享到:
| Mule ESB 学习笔记(13)CSV数据文件到数 ...
评论
3 楼 hj01kkk 2014-06-06  
hj01kkk 写道
用用户名及密码的方式报错啊,是不是缺少什么配置啊?
还有就是,这个是在发soap时加上个soapheader而已,并不是在mule esb 的ws中做权限认证的啊?不知道我理解的对不对.

看了些关于wss4j的内容,知道了,
2 楼 hj01kkk 2014-05-25  
用用户名及密码的方式报错啊,是不是缺少什么配置啊?
还有就是,这个是在发soap时加上个soapheader而已,并不是在mule esb 的ws中做权限认证的啊?不知道我理解的对不对.
1 楼 hj01kkk 2014-05-25  
Caused by: org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers: [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood.
at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:75)
at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:46)
at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:35)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:114)
at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69)
at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:801)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1679)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1517)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1425)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:650)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:531)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:462)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:365)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:318)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:95)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

Magicbox
Global site tag (gtag.js) - Google Analytics