我们最近还需要支持 JSESSIONID 和 SOAP 服务,这是我们在阅读 StackOverflow 并参考 IBM 站点上的 SSO 客户端示例后得出的结论。
我们扩展了 SOAPHandler:
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.List;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import com.sun.istack.internal.Nullable;
public class SoapMessageHandler implements SOAPHandler<SOAPMessageContext> {
private String sessionCookie = "";
@Override
public void close(MessageContext arg0) { }
@SuppressWarnings({ "rawtypes", "unchecked" })
@Override
public Set getHeaders() {
return null;
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return false;
}
@Override
public boolean handleMessage(SOAPMessageContext soapMessageContext) {
if ((Boolean) soapMessageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY)) {
// Add header to outbound request (set cookie in HTTP client header)
// Set the Cookie
Map<String, List<String>> headers = (Map<String, List<String>>)soapMessageContext.get(MessageContext.HTTP_REQUEST_HEADERS);
if (headers == null) {
headers = new HashMap<String, List<String>>();
soapMessageContext.put(MessageContext.HTTP_REQUEST_HEADERS, headers);
}
List<String> cookie = headers.get("Cookie");
if (cookie == null) {
cookie = new ArrayList<String>();
headers.put("Cookie", cookie);
}
cookie.add(sessionCookie);
} else {
// Read header from request (read cookie from server's HTTP headers)
Map<String, List<String>> map = (Map<String, List<String>>) soapMessageContext.get(MessageContext.HTTP_RESPONSE_HEADERS);
List<String> contentType = getHTTPHeader(map, "Set-Cookie");
// Note, only grabs last cookie value!
// If you need to present more than one cookie you could make
// sessionCookie a List<String> and modify this class accordingly.
if (contentType != null) {
StringBuffer strBuf = new StringBuffer();
for (String type : contentType) {
strBuf.append(type);
}
sessionCookie = strBuf.toString();
}
}
return true;
}
private @Nullable List<String> getHTTPHeader(Map<String, List<String>> headers, String header) {
for (Map.Entry<String, List<String>> entry : headers.entrySet()) {
String name = entry.getKey();
if (header != null && name !=null) {
if (name.equalsIgnoreCase(header))
return entry.getValue();
}
}
return null;
}
}
这也需要HandlerResolver:
import java.util.ArrayList;
import java.util.List;
import javax.xml.ws.handler.Handler;
import javax.xml.ws.handler.HandlerResolver;
import javax.xml.ws.handler.PortInfo;
public class SoapHandlerResolver implements HandlerResolver {
@SuppressWarnings("unchecked")
public List<Handler> getHandlerChain(PortInfo portInfo) {
List<Handler> handlerChain = new ArrayList<Handler>();
handlerChain.add( new SoapMessageHandler() );
return handlerChain;
}
}
然后在调用 SOAP 服务时调用扩展的HandlerResolver ,如下所示:
ExampleService exampleService = new ExampleService();
exampleService.setHandlerResolver( new SoapHandlerResolver() );
Example example = exampleService.getExampleServicePort();
example.myMethod();
这对我们使用 Java 6 有效,但仅限于支持一个 Cookie 标头(尽管可以进行简单的修改以支持多个 Cookie 标头)。
注意:如果像我们一样,您必须在多个服务之间传递相同的会话 cookie(好像 SOAP 服务上的 cookie 还不够糟糕),而不是这样:
private String sessionCookie = "";
你可以这样做:
static private String sessionCookie = "";
这是超级hacky,可能会或可能不会对您有用,具体取决于服务(和您的代码)如何工作以及您可以在远程服务上进行多少会话,所以我建议比在生产中使用静态更复杂的东西.