欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

Mule ESB 学习笔记(14)CXF SOAP基于UsernameToken的验证

程序员文章站 2022-07-12 19:00:44
...

 简单需求:

         针对在webservice中一些商业数据的机密性采用加密等验证的方式实现,这里主要说明soap使用UsernameToken的验证方式.

mule-config.xml配置:

<mule xmlns:core="http://www.mulesoft.org/schema/mule/core" xmlns="http://www.mulesoft.org/schema/mule/core"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:spring="http://www.springframework.org/schema/beans"
    xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf"
    xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
    xmlns:http="http://www.mulesoft.org/schema/mule/http"
    xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd 
http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/current/mule-cxf.xsd 
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd 
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd " version="EE-3.3.0">

    <flow name="UnsecureServiceFlow" doc:name="UnsecureServiceFlow">
        <http:inbound-endpoint address="http://localhost:63082/services/unsecure" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/>
        <cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Unsecure service"/>
        <component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service" />
    </flow>

    <flow name="UsernameTokenServiceFlow" doc:name="UsernameTokenServiceFlow">
        <http:inbound-endpoint address="http://localhost:63082/services/username" exchange-pattern="request-response" doc:name="HTTP Inbound Endpoint"/>
        <cxf:jaxws-service serviceClass="com.mulesoft.mule.soap.security.Greeter" doc:name="Secure UsernameToken service">
            <cxf:ws-security>
                <cxf:ws-config>
                    <cxf:property key="action" value="UsernameToken Timestamp"/>
                    <cxf:property key="passwordCallbackClass" value="com.mulesoft.mule.soap.security.PasswordCallback"/>
                </cxf:ws-config>
            </cxf:ws-security>
        </cxf:jaxws-service>
        <component class="com.mulesoft.mule.soap.security.GreeterService" doc:name="Greeter Service"/>
    </flow>
</mule>

 

 

package com.mulesoft.mule.soap.security;

import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;

@WebService
public interface Greeter
{
    @WebResult(name="name")
    public String greet(@WebParam(name="name") String name);
}

 

 

package com.mulesoft.mule.soap.security;

public class GreeterService implements Greeter
{
    public String greet(String name)
    {
        return "Hello " + name;
    }
}

 

 

回调类:

package com.mulesoft.mule.soap.security;

import java.io.IOException;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;

import org.apache.ws.security.WSPasswordCallback;
/**
 * 
 * <p>功能描述,该部分必须以中文句号结尾。<p>
 *
 * 创建日期 2013-8-27<br>
 * @author  $Author$<br>
 * @version $Revision$ $Date$
 * @since   3.0.0
 */
public class PasswordCallback implements CallbackHandler
{
    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
    {
        WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];

        if (pc.getIdentifier().equals("joe"))
        {
            pc.setPassword("secret");
        }
        else if (pc.getIdentifier().equals("stan"))
        {
            pc.setPassword("elephant");
        }
    }
}

 

 

服务端测试

public class MuleServerApp {
      public static void main(String[] args) throws MuleException {
    	  String configFile = "mule-config.xml";
          System.setProperty("mule.verbose.exceptions","true");
          String[] configFileArr = new String[] {configFile };
          MuleContextFactory muleContextFactory = new DefaultMuleContextFactory();
          MuleContext muleContext = muleContextFactory
                  .createMuleContext(new SpringXmlConfigurationBuilder(configFileArr));
          muleContext.start();
      }
}

 

客户端测试

package com.mulesoft.mule.soap.test;

import java.net.MalformedURLException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;

import javax.xml.namespace.QName;
import javax.xml.ws.Service;

import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;

import com.mulesoft.mule.soap.security.Greeter;
import com.mulesoft.mule.soap.security.PasswordCallback;
/**
 * 
 * <p>功能描述,该部分必须以中文句号结尾。<p>
 *
 * 创建日期 2013-8-27<br>
 * @author  $Author$<br>
 * @version $Revision$ $Date$
 * @since   3.0.0
 */
public class MuleSecureClient
{
    public static void main(String[] args) throws Exception
    {
        Greeter service1 = createService("http://localhost:63082/services/unsecure?wsdl", null);
        System.out.println(service1.greet("Mule"));
        Greeter service2 = createService("http://localhost:63082/services/username?wsdl",
            getUsernameTokenProps("UsernameToken Timestamp"));
        System.out.println(service2.greet("Mule"));
    }
    
  

    protected static Map<String, Object> getUsernameTokenProps(String action)
    {
        Map<String, Object> wss4jProps = new HashMap<String, Object>();
        //设置请求时候的参数信息
        wss4jProps.put("action", action);
        wss4jProps.put("user", "joe");
        //回调类
        wss4jProps.put("passwordCallbackClass", PasswordCallback.class.getName());
        return wss4jProps;
    }
    

    
    public static Greeter createService(String url, Map<String, Object> wss4jProps)
    {
        URL wsdlDocumentLocation;
        try
        {
            wsdlDocumentLocation = new URL(url);
        }
        catch (MalformedURLException e)
        {
            throw new RuntimeException("Invalid test definition", e);
        }
        QName serviceName = new QName("http://security.soap.mule.mulesoft.com/", "GreeterService");

        Service dynService = Service.create(wsdlDocumentLocation, serviceName);
        Greeter service = dynService.getPort(Greeter.class);
        Client client = ClientProxy.getClient(service);

        if (wss4jProps != null)
        {
            client.getOutInterceptors().add(new WSS4JOutInterceptor(wss4jProps));
        }

        return service;
    }
    
}