1.服务器实现
将serverStore.jks拷贝到<工程目录>/src/META-INF/xfire的目录下
1、insecurity.properties文件,放在META-INF/xfire/下
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin |
2、service.xml文件,放在META-INF/xfire/下
<?xml version="1.0" encoding="UTF-8"?> <!-- START SNIPPET: services --> <beans xmlns="http://xfire.codehaus.org/config/1.0"> <service> <name>SayHelloService</name> <namespace>http://com.test.wsses/SayHelloService </namespace> <serviceClass>com.test.wsses.SayHelloService </serviceClass> <implementationClass>com.test.wsses.SayHelloServiceImpl </implementationClass> <inHandlers> <handler handlerClass="org.codehaus.xfire.util.dom.DOMInHandler"/> <bean class="org.codehaus.xfire.security. wss4j.WSS4JInHandler" xmlns=""> <property name="properties"> <props> <prop key="action">Encrypt</prop> //Encrypt代表报文加密;Signature代表数字签名 //验证数字签名需要访问保存着client数字证书的密钥库, / /通过属性文件提供相应的配置信息。 <prop key="signaturePropFile"> META-INF/xfire/insecurity.properties </prop> //解密操作需要访问保存着server私钥的密钥库, //通过属性文件提供相应的配置信息 <prop key="decryptionPropFile"> META-INF/xfire/insecurity.properties </prop> //指定一个密码回调实现类 <prop key="passwordCallbackClass"> com.test.wsses.PasswordHandler </prop> </props> </property> </bean> </inHandlers> </service> </beans> <!-- END SNIPPET: services --> |
3、PasswordHandler类
package com.test.wsses; import java.io.IOException; import java.util.HashMap; import java.util.Map; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class PasswordHandler implements CallbackHandler { @SuppressWarnings("unchecked") private Map passwords = new HashMap();
@SuppressWarnings("unchecked") public PasswordHandler() { passwords.put("server", "serverpass"); passwords.put("client", "clientpass"); }
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { System.out.println("Handling Password!"); WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; String id = pc.getIdentifer(); System.out.println("id:"+id+" ,password:"+(String) passwords.get(id)); pc.setPassword((String) passwords.get(id)); } } |
2.客户端实现
1、PasswordHandler类
package com.test.wsses; import java.io.IOException; import java.util.HashMap; import java.util.Map; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; public class PasswordHandler implements CallbackHandler { @SuppressWarnings("unchecked") private Map passwords = new HashMap();
@SuppressWarnings("unchecked") public PasswordHandler() { passwords.put("server", "serverpass"); passwords.put("client", "clientpass"); } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { System.out.println("Handling Password!"); WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; String id = pc.getIdentifer(); System.out.println("id:"+id+" ,password:"+(String) passwords.get(id)); pc.setPassword((String) passwords.get(id)); } } |
2、outsecurity.properties文件,位于<工程目录>/src/下。
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin |
将clientStore.jks拷贝到<工程目录>/src目录下。
3、客户端访问类
package com.test.wsses.client; import java.net.MalformedURLException; import org.apache.ws.security.WSConstants; import org.apache.ws.security.handler.WSHandlerConstants; import org.codehaus.xfire.client.Client; import org.codehaus.xfire.client.XFireProxyFactory; import org.codehaus.xfire.security.wss4j.WSS4JOutHandler; import org.codehaus.xfire.service.Service; import org.codehaus.xfire.service.binding.ObjectServiceFactory; import org.codehaus.xfire.transport.http.CommonsHttpMessageSender; import org.codehaus.xfire.util.dom.DOMOutHandler; public class SayHelloClient { public static void main(String args[]){ String serviceURL = "http://localhost:8080/wsses/services/SayHelloService"; //创建service对象 Service serviceModel = new ObjectServiceFactory().create(SayHelloService.class); XFireProxyFactory serviceFactory = new XFireProxyFactory(); try{ //获取服务对象 SayHelloService service = (SayHelloService) serviceFactory.create(serviceModel, serviceURL);
//忽略http连接的超时时间,0为不设置超时时间,》=1为超时毫秒数 Client client = Client.getInstance(service); client.setProperty(CommonsHttpMessageSender.HTTP_TIMEOUT, "0");
WSS4JOutHandler wsOut = new WSS4JOutHandler(); String actions =WSHandlerConstants.ENCRYPT; //报文加密;WSHandlerConstants.SIGNATURE代表数字签名 wsOut.setProperty(WSHandlerConstants.ACTION, actions); wsOut.setProperty(WSHandlerConstants.ENC_PROP_FILE, "outsecurity.properties");//WSHandlerConstants.SIG_PROP_FILE代表数字签名
wsOut.setProperty(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PASSWORD_DIGEST);//密码为加密 wsOut.setProperty(WSHandlerConstants.USER, "client"); //用户名为密钥库中密钥对的别名,密码为私钥 的访问密钥(数字签名为client,报文加密为server)
wsOut.setProperty(WSHandlerConstants.ENCRYPTION_USER, "server");//报文加密为server
//wsOut.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName()); //wsOut.setProperty(WSHandlerConstants.SIG_KEY_ID, "IssuerSerial"); client.addOutHandler(new DOMOutHandler()); client.addOutHandler(wsOut);
//调用服务 String helloMsg = service.sayHello("dabing"); System.out.println(helloMsg); helloMsg = service.sayHello(null); System.out.println(helloMsg); } catch (MalformedURLException e){ e.printStackTrace(); } } } |
运行结果如下:
dabing,早上好,还没有去工作吗 ?
你叫什么名字呢?
<!--EndFragment-->
相关推荐
ws-security ws-security ws-security
ws-securitypolicy规范 2005 v1.1
1)参考: ...2)CXFWS工程是基于WS-Security规范,实现X.509身份验证的,同时实现签名和加密 keytool 工具的使用参考 http://hi.baidu.com/qianshuifanchuan/blog/item/6291b8510009ad3c42a75b8e.html ...
纯java调用ws-security+CXF实现的webservice安全接口
基于XFire实施WS-Security,学习web service的材料
XFire中实现WS-SecurityXFire中实现WS-SecurityXFire中实现WS-Security
xfire 实施ws-security代码,多线程发送邮件工具类代码
WS-Security实现
ISNetworksProvider.jar tsik.jar ws-security.jar 这三个jar包用在webservices安全加密中。在网上找了很久才收集到。
xfire1.2.6 ws-security示例,也就是让里面的例子跑起来,网上都没这个教程,所以我就花了点点时间做了一下
CXF使用WSS4J实现WS-Security规范,本例的配置是Timestamp Signature Encrypt,具体使用可以参考我的博客http://blog.csdn.net/wangchsh2008/article/details/6708270
内含: ISNetworksProvider.jar tsik.jar ws-security.jar 和wss4j的所有包
eclipse下spring+xfire实现ws-security的简单例子,包含服务器和客户端的代码,实现用户名/密码.数字签名和报文加密的安全认证,唯一不足的是没有实现数字签名和报文加密的混合模式(可能是密匙文件的问题,正在努力中),...
Spring Web Services WS-Security示例 设置各种协议的样本 SOAP Web服务。 支持WS-Security的两种实现,即和 。 对于每种认证方法,每种认证方法都有一个不同的终结点: 不安全。 普通密码。 摘要密码。 签名...
WS-Security
了解 Web 服务规范_第 4 部分:WS-Security源码
cxf结合ws-security实现webservice 用户名/密码身份认证安全调用,依赖包
用基于模板的方法改善Web服务安全性能 Improving WS-Security Performance with a Template-Based Approach
WS-Security for Node.js 从分支。 他们的版本缺少关键文件,该文件从NPM安装时导致错误。 此派生解决了该问题。 我们将竭尽全力维护并保持最新状态,但是此库目前不是我们的最高优先级。 在SOAP客户端上实现WS-...
了解 Web 服务规范_第 4 部分:WS-Security.