Mule ESB 学习笔记(14)CXF SOAP基于UsernameToken的验证
程序员文章站
2022-07-12 19:00:44
...
简单需求:
针对在webservice中一些商业数据的机密性采用加密等验证的方式实现,这里主要说明soap使用UsernameToken的验证方式.
mule-config.xml配置:
<mule xmlns:core="http://www.mulesoft.org/schema/mule/core" xmlns="http://www.mulesoft.org/schema/mule/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:spring="http://www.springframework.org/schema/beans"
xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf"
xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
xmlns:http="http://www.mulesoft.org/schema/mule/http"
xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/current/mule-cxf.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd " version="EE-3.3.0">
<flow name="UnsecureServiceFlow" doc:name="UnsecureServiceFlow">
<http:inbound-endpoint address="http://localhost:63082/services/unsecure" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/>
<cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Unsecure service"/>
<component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service" />
</flow>
<flow name="UsernameTokenServiceFlow" doc:name="UsernameTokenServiceFlow">
<http:inbound-endpoint address="http://localhost:63082/services/username" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/>
<cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Secure UsernameToken service">
<cxf:ws-security>
<cxf:ws-config>
<cxf:property key="action" value="UsernameToken Timestamp"/>
<cxf:property key="passwordCallbackClass" value="com.mulesoft.mule.soap.security.PasswordCallback"/>
</cxf:ws-config>
</cxf:ws-security>
</cxf:jaxws-service>
<component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service"/>
</flow>
</mule>
package com.mulesoft.mule.soap.security;
import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;
@WebService
public interface Greeter
{
@WebResult(name="name")
public String greet(@WebParam(name="name") String name);
}
package com.mulesoft.mule.soap.security;
public class GreeterService implements Greeter
{
public String greet(String name)
{
return "Hello " + name;
}
}
回调类:
package com.mulesoft.mule.soap.security;
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
/**
*
* <p>功能描述,该部分必须以中文句号结尾。<p>
*
* 创建日期 2013-8-27<br>
* @author $Author$<br>
* @version $Revision$ $Date$
* @since 3.0.0
*/
public class PasswordCallback implements CallbackHandler
{
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
if (pc.getIdentifier().equals("joe"))
{
pc.setPassword("secret");
}
else if (pc.getIdentifier().equals("stan"))
{
pc.setPassword("elephant");
}
}
}
服务端测试
public class MuleServerApp {
public static void main(String[] args) throws MuleException {
String configFile = "mule-config.xml";
System.setProperty("mule.verbose.exceptions","true");
String[] configFileArr = new String[] {configFile };
MuleContextFactory muleContextFactory = new DefaultMuleContextFactory();
MuleContext muleContext = muleContextFactory
.createMuleContext(new SpringXmlConfigurationBuilder(configFileArr));
muleContext.start();
}
}
客户端测试
package com.mulesoft.mule.soap.test;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.ws.Service;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import com.mulesoft.mule.soap.security.Greeter;
import com.mulesoft.mule.soap.security.PasswordCallback;
/**
*
* <p>功能描述,该部分必须以中文句号结尾。<p>
*
* 创建日期 2013-8-27<br>
* @author $Author$<br>
* @version $Revision$ $Date$
* @since 3.0.0
*/
public class MuleSecureClient
{
public static void main(String[] args) throws Exception
{
Greeter service1 = createService("http://localhost:63082/services/unsecure?wsdl", null);
System.out.println(service1.greet("Mule"));
Greeter service2 = createService("http://localhost:63082/services/username?wsdl",
getUsernameTokenProps("UsernameToken Timestamp"));
System.out.println(service2.greet("Mule"));
}
protected static Map<String, Object> getUsernameTokenProps(String action)
{
Map<String, Object> wss4jProps = new HashMap<String, Object>();
//设置请求时候的参数信息
wss4jProps.put("action", action);
wss4jProps.put("user", "joe");
//回调类
wss4jProps.put("passwordCallbackClass", PasswordCallback.class.getName());
return wss4jProps;
}
public static Greeter createService(String url, Map<String, Object> wss4jProps)
{
URL wsdlDocumentLocation;
try
{
wsdlDocumentLocation = new URL(url);
}
catch (MalformedURLException e)
{
throw new RuntimeException("Invalid test definition", e);
}
QName serviceName = new QName("http://security.soap.mule.mulesoft.com/", "GreeterService");
Service dynService = Service.create(wsdlDocumentLocation, serviceName);
Greeter service = dynService.getPort(Greeter.class);
Client client = ClientProxy.getClient(service);
if (wss4jProps != null)
{
client.getOutInterceptors().add(new WSS4JOutInterceptor(wss4jProps));
}
return service;
}
}