1

我被迫从我的网络服务中删除 CXF。为了消除对身份验证的任何依赖,我设置了一个 HttpAuthSupplier 类来处理基本身份验证。

public class ExchangeAuthSupplier implements HttpAuthSupplier{
       @Override
       public boolean requiresRequestCaching() {
           return false;
       }

       @Override
       public String getAuthorization(AuthorizationPolicy authPolicy, URL url, Message message, String fullHeader) {
           // Lookup authentication information and return appropriate header
       }

}

我试图弄清楚如何使用常规 JAX-WS API 和 Spring 做类似的事情......

4

3 回答 3

8

回答我自己的问题......我决定使用处理程序。所以我创建了一个类似于上面的 ExchangeAuthSupplier 的 SOAPHandler:

public class MyAuthenticationHandler implements SOAPHandler<SOAPMessageContext> {
    @Override
    public boolean handleMessage(SOAPMessageContext context) {
        final Boolean outInd = (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);

        if (outInd.booleanValue()) {
            try {
                UserNamePasswordPair userNamePasswordPair = getAuthorization(); // Method to retrieve credentials from somewhere

                context.put(BindingProvider.USERNAME_PROPERTY, userNamePasswordPair.getUsername());
                context.put(BindingProvider.PASSWORD_PROPERTY, userNamePasswordPair.getPassword());

            } catch (final Exception e) {
                return false;
            }
        }

        return true;
    }

    @Override
    public boolean handleFault(SOAPMessageContext context) {
        logger.error("error occurred when getting auth.");
        return false;
    }

    @Override
    public void close(MessageContext context) {
        logger.debug("closing handler for auth...");
    }

    @Override
    public Set<QName> getHeaders() {
        return null;
    }
}

创建了一个 HandlerResolver 以将解析器添加到链中:

public class MyHandlerResolver implements HandlerResolver {
    private List<Handler> chain;

    public MyHandlerResolver() {
        chain = new ArrayList<Handler>();
        chain.add(new MyAuthenticationHandler();
    }

    @Override
    public List<Handler> getHandlerChain(PortInfo portInfo) {
        return chain;
    }
}

然后在 Spring 中,像这样把它全部连接起来:

<bean id="myJAXWSClient" class="org.springframework.remoting.jaxws.JaxWsPortProxyFactoryBean">
    <property name="serviceInterface" value="Interface to implement"/>
    <property name="wsdlDocumentUrl" value="classpath:/wsdl/theWsdl.wsdl"/>
    <property name="namespaceUri" value="namespace"/>
    <property name="serviceName" value="ServiceName"/>
    <property name="endpointAddress" value="/endpoint"/>
    <property name="handlerResolver" ref="myHandlerResolver"/>
</bean>

<bean id="myHandlerResolver" class="com.mystuff.ExchangeHandlerResolver"/>
于 2012-05-25T14:40:08.267 回答
5

对于 Basic auth 和 Spring 的 JaxWsPortProxyFactoryBean,您可以简单地使用:

<bean id="myJAXWSClient" class="org.springframework.remoting.jaxws.JaxWsPortProxyFactoryBean">
    <property name="serviceInterface" value="Interface to implement"/>
    <property name="wsdlDocumentUrl" value="classpath:/wsdl/theWsdl.wsdl"/>
    <property name="namespaceUri" value="namespace"/>
    <property name="serviceName" value="ServiceName"/>
    <property name="endpointAddress" value="/endpoint"/>
    <property name="username" value="username"/>
    <property name="password" value="password"/>
</bean>
于 2013-01-21T12:11:16.570 回答
0

使用 Spring 的 JaxWsPortProxyFactoryBean 添加基本身份验证的 kaczors 答案,如果 wsdl 或 xsd 不在类路径中并且需要从需要基本身份验证的 url 访问,则创建一个自定义 JaxWsPortProxyFactoryBean 它将启用 WSDL url http 基本身份验证。

公共类 CustomJaxWsPortProxyFactoryBean 扩展 JaxWsPortProxyFactoryBean {

@Override
public Service createJaxWsService() {

    Authenticator.setDefault(new Authenticator() {
        @Override
        protected PasswordAuthentication getPasswordAuthentication() {
            return new PasswordAuthentication(
                    getUsername(),
                    getPassword().toCharArray());
        }
    });
    return super.createJaxWsService();
}

感谢春季论坛的 sundaramss

于 2014-03-11T22:58:08.300 回答