- 浏览: 759452 次
- 性别:
- 来自: 广州
文章分类
最新评论
-
corelengine:
好文,支持一下!
在 Spring Web Flow 项目中应用 Hessian 服务 -
corelengine:
感谢分享,不过你的工程太简单了,怎么可以导入eclipse
Spring Web Flow 2.0 入门 例子源码 -
chenrongtao2132:
melody404 写道请教博主一个问题
登录成功以后为什么老 ...
CAS 单点登录安装笔记4 -- asp.net client端的设置 -
chxiaowu:
从头到尾没发现 那里有 cxf bean配置啊。。。。
WebService开发笔记 3 -- 增强访问 WebService 的安全性 -
chxiaowu:
严重: StandardWrapper.Throwable
o ...
WebService开发笔记 3 -- 增强访问 WebService 的安全性
在WebService开发笔记 1中我们创建了一个WebService简单实例,下面我们通过一个简单的用户口令验证机制来加强一下WebService的安全性:
1.修改WebService 服务端 spring 配置文件 ws-context.xml
2.服务端添加passwordCallbackClass回调类,该类进行用户口令验证:
3.客户端修改spring 配置文件 wsclient-context.xml 如下:
4.客户端添加passwordCallback类,通过该类设置访问口令
5.junit单元测试程序:
1.修改WebService 服务端 spring 配置文件 ws-context.xml
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation="http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd" default-autowire="byName" default-lazy-init="true"> <jaxws:endpoint id="webServiceSample" address="/WebServiceSample" implementor="cn.org.coral.biz.examples.webservice.WebServiceSampleImpl"> <jaxws:inInterceptors> <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" /> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="passwordCallbackClass" value="cn.org.coral.biz.examples.webservice.handler.WsAuthHandler" /> </map> </constructor-arg> </bean> </jaxws:inInterceptors> </jaxws:endpoint> </beans>
2.服务端添加passwordCallbackClass回调类,该类进行用户口令验证:
package cn.org.coral.biz.examples.webservice.handler; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class WsAuthHandler implements CallbackHandler{ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; if (pc.getIdentifer().equals("ws-client")){ if (!pc.getPassword().equals("admin")) { throw new SecurityException("wrong password"); } }else{ throw new SecurityException("wrong username"); } } }
3.客户端修改spring 配置文件 wsclient-context.xml 如下:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation="http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd" default-autowire="byName" default-lazy-init="true"> <!-- ws clinet --> <bean id="webServiceSampleClient" class="cn.org.coral.biz.examples.webservice.WebServiceSample" factory-bean="webServiceSampleClientFactory" factory-method="create" /> <bean id="webServiceSampleClientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"> <property name="serviceClass" value="cn.org.coral.biz.examples.webservice.WebServiceSample" /> <property name="address" value="http://88.148.29.54:8080/aio/services/WebServiceSample" /> <property name="outInterceptors"> <list> <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" /> <ref bean="wss4jOutConfiguration" /> </list> </property> </bean> <bean id="wss4jOutConfiguration" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <property name="properties"> <map> <entry key="action" value="UsernameToken" /> <entry key="user" value="ws-client" /> <entry key="passwordType" value="PasswordText" /> <entry> <key> <value>passwordCallbackRef</value> </key> <ref bean="passwordCallback" /> </entry> </map> </property> </bean> <bean id="passwordCallback" class="cn.org.coral.biz.examples.webservice.handler.WsClinetAuthHandler"> </bean> </beans>
4.客户端添加passwordCallback类,通过该类设置访问口令
package cn.org.coral.biz.examples.webservice.handler; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class WsClinetAuthHandler implements CallbackHandler{ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; int usage = pc.getUsage(); System.out.println("identifier: " + pc.getIdentifer()); System.out.println("usage: " + pc.getUsage()); if (usage == WSPasswordCallback.USERNAME_TOKEN) { // username token pwd... pc.setPassword("admin"); } else if (usage == WSPasswordCallback.SIGNATURE) { // set the password for client's keystore.keyPassword pc.setPassword("keyPassword"); } } } }
5.junit单元测试程序:
package cn.org.coral.biz.examples.webservice; import org.springframework.test.AbstractDependencyInjectionSpringContextTests; import org.springframework.util.Assert; public class TestWebService extends AbstractDependencyInjectionSpringContextTests { WebServiceSample webServiceSampleClient; @Override protected String[] getConfigLocations() { setAutowireMode(AUTOWIRE_BY_NAME); return new String[] { "classpath:/cn/org/coral/biz/examples/webservice/wsclient-context.xml" }; } /** * @param webServiceSampleClient the webServiceSampleClient to set */ public void setWebServiceSampleClient(WebServiceSample webServiceSampleClient) { this.webServiceSampleClient = webServiceSampleClient; } public void testSay(){ String result = webServiceSampleClient.say(" world"); Assert.hasText(result); } }
评论
8 楼
chxiaowu
2011-11-25
从头到尾没发现 那里有 cxf bean配置啊。。。。
7 楼
chxiaowu
2011-11-25
严重: StandardWrapper.Throwable
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'cxf' is defined
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:387)
at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:971)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:246)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:168)
at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:884)
at org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:60)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.init(CXFNonSpringServlet.java:56)
at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1228)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1147)
at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:836)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:135)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:964)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:1824)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
2011-11-25 16:09:45 org.apache.catalina.core.StandardWrapperValve invoke
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'cxf' is defined
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:387)
at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:971)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:246)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:168)
at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:884)
at org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:60)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.init(CXFNonSpringServlet.java:56)
at org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1228)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1147)
at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:836)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:135)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:964)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:1824)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
2011-11-25 16:09:45 org.apache.catalina.core.StandardWrapperValve invoke
6 楼
chxiaowu
2011-11-25
No bean named 'cxf' is defined
??????????
??????????
5 楼
冰火人
2011-08-31
请问楼主这个是你自己的还是转的别人的,你自己测试了没有!
服务端 passwordCallbackClass中:pc.getPassword()这里有值???
…………
服务端 passwordCallbackClass中:pc.getPassword()这里有值???
…………
4 楼
zhengguang_xia
2009-01-16
如果能加点注释,解释下就好了
3 楼
zhunzhunzhun-sky
2008-09-02
是啊,我想知道你是怎么学的~~~
2 楼
sskhnje
2008-08-20
你好, 我的是cxf2.1.1 出现了以下异常, 谢谢啊!
org.apache.cxf.binding.soap.SoapFault: Problems creating SAAJ object model
at org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInterceptor.java:117)
at org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInterceptor.java:63)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:449)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1996)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1832)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:591)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:296)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:242)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:178)
at $Proxy43.sayHi(Unknown Source)
at a.Client.main(Client.java:38)
Caused by: javax.xml.soap.SOAPException: Failed to create MessageFactory: org.apache.axis.soap.MessageFactoryImpl
at javax.xml.soap.MessageFactory.newInstance(MessageFactory.java:55)
at org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInterceptor.java:77)
... 15 more
org.apache.cxf.binding.soap.SoapFault: Problems creating SAAJ object model
at org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInterceptor.java:117)
at org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInterceptor.java:63)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:449)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1996)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1832)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:591)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:296)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:242)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:178)
at $Proxy43.sayHi(Unknown Source)
at a.Client.main(Client.java:38)
Caused by: javax.xml.soap.SOAPException: Failed to create MessageFactory: org.apache.axis.soap.MessageFactoryImpl
at javax.xml.soap.MessageFactory.newInstance(MessageFactory.java:55)
at org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInterceptor.java:77)
... 15 more
1 楼
sskhnje
2008-08-19
你好, 我也看了CXF的文档, 怎么我除了配helloworld外什么都没学到, 请问你是怎么学的?
期望你的指教, 谢谢啊!
期望你的指教, 谢谢啊!
发表评论
-
Android开发笔记
2009-10-19 09:11 16251.复制数据库文件: D:\Program Files\and ... -
天气预报的 WebService 服务网站
2009-06-29 10:53 0http://www.webxml.com.cn/WebSer ... -
在 Spring Web Flow 项目中应用 Hessian 服务
2009-05-21 11:19 2544原来作的一个项目因为页面跳转比较多,应用了S ... -
Spring Web Flow 2.0 入门 例子源码
2008-12-22 11:34 11747developerWorks 中有一篇教材讲解了 Spr ... -
JAD反编译工具
2008-05-29 11:33 5044This is README file for Jad - t ... -
压力测试与系统调优
2008-05-04 16:19 2298最近用loadrunne ... -
通过压力测试排查Bug(二)--排查Bug
2008-05-04 11:44 1804最近的一个项目 ... -
通过压力测试排查Bug(一)--测试过程
2008-05-04 11:05 1603最近的一个项目应用了Acegi作为安全框架,项目试运 ... -
WebService开发笔记 2 -- VS 2005 访问WebServcie更简单
2008-03-12 19:32 11138WebService开发笔记 2 -- VS 2005 访问W ... -
WebService开发笔记 1 -- 利用cxf开发WebService竟然如此简单
2008-03-12 18:37 27498WebService开发笔记 1 -- 利用cxf开发WebS ... -
Tomcat 配置 -- 打开中文文件名的附件
2008-03-04 10:23 1896设计了文件上传的工具,但在Tomcat服务器上访问中文文件名的 ... -
常用的System.getProperty()
2008-03-02 11:53 29常用的System.getProperty()System.g ... -
CAS 单点登录安装笔记4 -- asp.net client端的设置
2008-03-02 11:51 16449CAS 单点登录安装笔记4 --- asp.net clien ... -
CAS 单点登录安装笔记3 -- 与acegi集成
2008-02-28 23:38 8248CAS 单点登录安装笔记3 -- 与acegi集成 在我的项 ... -
CAS 单点登录安装笔记2 -- 配置CAS,访问自己的用户表
2008-02-27 17:45 6992CAS 单点登录安装笔记2 1.修改cas/webapp/ ... -
CAS 单点登录安装笔记1 -- 基本设置与数字证书的安装
2008-02-26 16:35 5699安装JA-SIG SSO系统笔记1 (关于配置访问数据库的用 ... -
JAVA文档
2007-12-19 16:05 1163JAVA相关文档 http://www.lybbs.net/n ... -
Tomcat性能调优(2)
2007-12-19 15:37 2892原文出处:http://www.lybbs.n ... -
Spring 通过 Tomcat 6.0 下的数据源连接池 访问Oracle数据库
2007-12-17 18:26 5945头疼的老问题,折腾了一天,tomcat6.0数据源配置 to ... -
Tomcat数据源配置总结 转载
2007-12-17 16:52 1465成功配置环境Tomcat5.0.28+MSSQLServer2 ...
相关推荐
包括服务端配置工程和客户端配置工程。 是我这个周末的学习总结.. 已测试可运行。
Xfire在Spring下实现安全的WebService详述---配置 -
OracleEBS-WebService开发笔记.pdf
使用eclipse导入项目,既可使用。 【webservice----xfire 快速入门代码实训】----<下载不扣分,回帖加1分,欢迎下载,童叟无欺>
Webservice基础与实践--课程素材包,里面主要是cxf框架。也可以自己搭建环境。请使用eclipse jee + tomcat 6 才能正确运行。
vc.net2005 MFC调用WebService(C#开发),采用托管实现。 webService实现+-*/,以及返回字符串,通过输入string,返回string.
NULL 博文链接:https://savagegarden.iteye.com/blog/368905
webservice apache-cxf-2.3.5
webservice拦截器demo-服务端和调用端
Laravel开发-laravel-webservice 基于httpful的Laravel Web服务提供商
webservice 燕青 day1-1 共2天 webservice 燕青 day1-1 共2天
开发基于JWS的webservice并通过jun-jaxws发布所需的jar包
WebService培训(基础-非常适合初学者)
linux mint SoapUI chomd -R 777 SoapUI-x64-5.2.1.sh sh SoapUI-x64-5.2.1.sh 亲测可用
Java开发WebService实例--计数器.mht
WebService学习,开发总结--唐木之无线观察.docWebService学习,开发总结--唐木之无线观察.docWebService学习,开发总结--唐木之无线观察.docWebService学习,开发总结--唐木之无线观察.docWebService学习,开发总结--...
用于调试webservice接口,操作简单,方便实用,可以很好的确定接口连通状态以及接口相关参数。版本5.2.1window操作系统均可用
用友NC65-erp开发工具uapstudio进行开发webservice时,需要对开发工具进行必要的设置,文档总结了一些必要配置及创建一个helloworld案例并用soapui进行测试
SSH CXF webservice 开发笔记demo(包含步骤文档及所需war包)