cxf用户令牌 WSPasswordCallback

客户端

java

public class ClientAuthCallback implements CallbackHandler{ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { // TODO Auto-generated method stub for(int i=0;i<callbacks.length;i++) { WSPasswordCallback pcb = (WSPasswordCallback)callbacks[i]; pcb.setPassword("123"); pcb.setIdentifier("1234"); } } } spring

<jaxws:client id="service" address="http://localhost:8080/webservice/services/userService" serviceClass="com.test.cxf.IUserService"> <jaxws:outInterceptors> <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" /> <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" /> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="user" value="cxfClient" /> <entry key="password" value="admin" /> <entry key="passwordCallbackRef"> <ref bean="clientAuthCallback" /> </entry> </map> </constructor-arg> </bean> </jaxws:outInterceptors> </jaxws:client> <bean id="clientAuthCallback" class="com.test.cxf.ws.ClientAuthCallback" /> 服务端

java

public class ServerCheckAuthCallback implements CallbackHandler{ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { WSPasswordCallback pcb = (WSPasswordCallback)callbacks[0]; String pwd = pcb.getPassword(); String idf = pcb.getIdentifier(); pcb.setPassword("123"); System.out.println("pwd:"+pwd+" idf:"+idf); } } spring

<jaxws:endpoint id="service" implementor="#userSer" address="/userService"> <jaxws:inInterceptors> <bean class="org.apache.cxf.interceptor.LoggingInInterceptor" /> <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" /> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken" /> <entry key="passwordType" value="PasswordText" /> <entry key="user" value="cxfClie2nt" /> <entry key="checkAuthCallbackRef"> <ref bean="serverCheckAuthCallback" /> </entry> </map> </constructor-arg> </bean> </jaxws:inInterceptors> </jaxws:endpoint> <bean id="serverCheckAuthCallback" class="com.test.cxf.ws.ServerCheckAuthCallback"></bean>

这里主要注意的是,在服务器校验的时候, 需要你根据传入的用户名从数据库中查出密码然后通过WSPasswordCallback 的setpassword() 方法set进入,这样由WSPasswordCallback  自己去匹配,而不是在客户端用getpassword获取密码,用if判断。

在服务端用getpassword() 是获取不到任何东西的。