0

在将在 JBoss 4.3 中执行的现有应用程序转换为 JBoss 7 时,我遇到了 Web 服务身份验证 (WS-Security) 的问题。

我正在关注以下信息:https ://docs.jboss.org/author/display/JBWS/JBoss+Web+Services+Documentation ,它似乎适用于 WS-Security 身份验证。

Web 应用程序包含一个 jbossws-cxf.xml 文件,并且 JBoss 7 正确安装了 spring 模块。端点配置有以下 XML:

<beans xmlns='http://www.springframework.org/schema/beans' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xmlns:beans='http://www.springframework.org/schema/beans'
xmlns:jaxws='http://cxf.apache.org/jaxws'
xsi:schemaLocation='http://cxf.apache.org/core
http://cxf.apache.org/schemas/core.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd'>

<!-- WS-Security -->
<bean id="webServicePasswordCallBack" class="ie.one23.general.security.WebServicePasswordCallback">
    <property name="WS_USERNAME" value="${properties.ws-credentials.username}" />
    <property name="WS_PASSWORD" value="${properties.ws-credentials.password}" />
</bean>

<bean id="SMSServiceLoggingCXFIncomingInterceptor" class="ie.one23.general.logging.LoggingCXFIncomingInterceptor" />

<!-- Web Service endpoint -->
<!-- See https://docs.jboss.org/author/display/JBWS/Apache+CXF+integration -->
<jaxws:endpoint id="SMSService" implementor="ie.one23.commonservices.webservice.controller.SMSWebServiceImpl" address="/SMSService/SMSService">

    <jaxws:inInterceptors>
        <!-- WS-Security -->
        <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
        <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
            <constructor-arg>
                <map>
                    <entry key="action" value="UsernameToken" />
                    <entry key="passwordType" value="PasswordText" />
                    <entry key="passwordCallbackRef">
                        <ref bean="webServicePasswordCallBack" />
                    </entry>
                </map>
            </constructor-arg>
        </bean>
    </jaxws:inInterceptors>

    <jaxws:outInterceptors>
    </jaxws:outInterceptors>

</jaxws:endpoint>

</beans>

这里的问题是属性 WS_USERNAME 和 WS_PASSWORD 分别以实际文本 ${properties.ws-credentials.username} 和 ${properties.ws-credentials.password} 注入到 bean 中,而不是实际值来自属性文件并使用以下 XML 加载(在单独的 Spring 配置 XML 文件中):

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
   http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">

<!-- ================================================================== -->

<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
    <property name="locations">
        <list>
            <value>file:/${jboss.server.config.dir}/props/sms-service-credentials.properties</value>
        </list>
    </property>
</bean>

<!-- ================================================================== -->

</beans>

就好像只有在将属性注入 bean 之后才加载属性文件......

有没有人遇到过这个问题并知道如何解决?

非常感谢

4

1 回答 1

0

我按照这里的教程(http://codingbone.wordpress.com/2010/02/28/how-to-load-properties-files-into-spring-and-expose-to-the-java-classes/)和现在,我没有将属性注入 WSPAsswordCallback bean,而是在运行时使用 PropertiesUtil 类获取它们。

public class PropertiesUtil extends PropertyPlaceholderConfigurer {

private static Map<String, Object> propertiesMap;

@Override
protected void processProperties(ConfigurableListableBeanFactory beanFactory, Properties props) throws BeansException {
    super.processProperties(beanFactory, props);

    propertiesMap = new HashMap<String, Object>();
    for (Object key : props.keySet()) {
        String keyStr = key.toString();
        propertiesMap.put(keyStr, resolvePlaceholder(keyStr, props));
    }
}

public static Object getProperty(String name) {
    return propertiesMap.get(name);
}
}
于 2012-07-06T08:17:45.003 回答