Mule ESB 学习笔记(14)CXF SOAP基于UsernameToken的验证
程序员文章站
2022-07-12 19:00:44
...
简单需求:
针对在webservice中一些商业数据的机密性采用加密等验证的方式实现,这里主要说明soap使用UsernameToken的验证方式.
mule-config.xml配置:
<mule xmlns:core="http://www.mulesoft.org/schema/mule/core" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:spring="http://www.springframework.org/schema/beans" xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:http="http://www.mulesoft.org/schema/mule/http" xsi:schemaLocation=" http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/current/mule-cxf.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd " version="EE-3.3.0"> <flow name="UnsecureServiceFlow" doc:name="UnsecureServiceFlow"> <http:inbound-endpoint address="http://localhost:63082/services/unsecure" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/> <cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Unsecure service"/> <component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service" /> </flow> <flow name="UsernameTokenServiceFlow" doc:name="UsernameTokenServiceFlow"> <http:inbound-endpoint address="http://localhost:63082/services/username" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/> <cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Secure UsernameToken service"> <cxf:ws-security> <cxf:ws-config> <cxf:property key="action" value="UsernameToken Timestamp"/> <cxf:property key="passwordCallbackClass" value="com.mulesoft.mule.soap.security.PasswordCallback"/> </cxf:ws-config> </cxf:ws-security> </cxf:jaxws-service> <component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service"/> </flow> </mule>
package com.mulesoft.mule.soap.security; import javax.jws.WebParam; import javax.jws.WebResult; import javax.jws.WebService; @WebService public interface Greeter { @WebResult(name="name") public String greet(@WebParam(name="name") String name); }
package com.mulesoft.mule.soap.security; public class GreeterService implements Greeter { public String greet(String name) { return "Hello " + name; } }
回调类:
package com.mulesoft.mule.soap.security; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; /** * * <p>功能描述,该部分必须以中文句号结尾。<p> * * 创建日期 2013-8-27<br> * @author $Author$<br> * @version $Revision$ $Date$ * @since 3.0.0 */ public class PasswordCallback implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; if (pc.getIdentifier().equals("joe")) { pc.setPassword("secret"); } else if (pc.getIdentifier().equals("stan")) { pc.setPassword("elephant"); } } }
服务端测试
public class MuleServerApp { public static void main(String[] args) throws MuleException { String configFile = "mule-config.xml"; System.setProperty("mule.verbose.exceptions","true"); String[] configFileArr = new String[] {configFile }; MuleContextFactory muleContextFactory = new DefaultMuleContextFactory(); MuleContext muleContext = muleContextFactory .createMuleContext(new SpringXmlConfigurationBuilder(configFileArr)); muleContext.start(); } }
客户端测试
package com.mulesoft.mule.soap.test; import java.net.MalformedURLException; import java.net.URL; import java.util.HashMap; import java.util.Map; import javax.xml.namespace.QName; import javax.xml.ws.Service; import org.apache.cxf.endpoint.Client; import org.apache.cxf.frontend.ClientProxy; import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor; import com.mulesoft.mule.soap.security.Greeter; import com.mulesoft.mule.soap.security.PasswordCallback; /** * * <p>功能描述,该部分必须以中文句号结尾。<p> * * 创建日期 2013-8-27<br> * @author $Author$<br> * @version $Revision$ $Date$ * @since 3.0.0 */ public class MuleSecureClient { public static void main(String[] args) throws Exception { Greeter service1 = createService("http://localhost:63082/services/unsecure?wsdl", null); System.out.println(service1.greet("Mule")); Greeter service2 = createService("http://localhost:63082/services/username?wsdl", getUsernameTokenProps("UsernameToken Timestamp")); System.out.println(service2.greet("Mule")); } protected static Map<String, Object> getUsernameTokenProps(String action) { Map<String, Object> wss4jProps = new HashMap<String, Object>(); //设置请求时候的参数信息 wss4jProps.put("action", action); wss4jProps.put("user", "joe"); //回调类 wss4jProps.put("passwordCallbackClass", PasswordCallback.class.getName()); return wss4jProps; } public static Greeter createService(String url, Map<String, Object> wss4jProps) { URL wsdlDocumentLocation; try { wsdlDocumentLocation = new URL(url); } catch (MalformedURLException e) { throw new RuntimeException("Invalid test definition", e); } QName serviceName = new QName("http://security.soap.mule.mulesoft.com/", "GreeterService"); Service dynService = Service.create(wsdlDocumentLocation, serviceName); Greeter service = dynService.getPort(Greeter.class); Client client = ClientProxy.getClient(service); if (wss4jProps != null) { client.getOutInterceptors().add(new WSS4JOutInterceptor(wss4jProps)); } return service; } }