通過使用PasswordText類型和axis2向soap中的soap頭添加用戶名和密碼

Question

我想通過使用PasswordText類型和axis2向java中的soap頭添加用戶名和密碼。

代碼片斷我用

public static void WSSPasswordAuthentication(org.apache.axis2.client.ServiceClient client, String endPointUrl, String username, String password) throws CSException{ 

    OMFactory omFactory = OMAbstractFactory.getOMFactory(); 
    OMElement omSecurityElement = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security", "wsse"), null); 


    OMElement omusertoken = omFactory.createOMElement(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken","wsse"), null); 

    OMElement omuserName = omFactory.createOMElement(new QName("", "Username", "wsse"), null); 
    omuserName.setText(username); 

    OMElement omPassword = omFactory.createOMElement(new QName("", "Password", "wsse"), null); 
    omPassword.addAttribute("Type","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText",null); 
    omPassword.setText(password); 

    omusertoken.addChild(omuserName); 
    omusertoken.addChild(omPassword); 
    omSecurityElement.addChild(omusertoken); 

    client.addHeader(omSecurityElement); 

} 

和由此產生的標題： <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsu:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><Username>erapor</Username><Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">erapor</Password></wsu:UsernameToken></wsse:Security>

但

我想標題：<soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Username>erapor</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">erapor</wsse:Password></wsse:UsernameToken></wsse:Security></soapenv:Header>

否則，我不能使用頭

我該如何修改？

Answer 1

如果您有解決此問題的選項，而不是在客戶端使用AXIS2，則可以使用純JAXWS。這是通用的，並且很容易添加這些安全標頭。

在你的JDK 6.0 HOME（這個例子從JDK 6.0只適用及以上）

jdk1.6.0_26 \ BIN \ wsimport的一個可用的工具

您可以使用該程序的wsimport的

存根

wsimport -keep -verbose http://localhost:8080/<WebserviceName>/services/<WebserviceName>?wsdl 

創建一個消息處理程序 MessageHandler.java

package com.secure.client; 

import java.util.Set; 

import javax.xml.namespace.QName; 
import javax.xml.soap.SOAPElement; 
import javax.xml.soap.SOAPEnvelope; 
import javax.xml.soap.SOAPHeader; 
import javax.xml.ws.WebServiceException; 
import javax.xml.ws.handler.MessageContext; 
import javax.xml.ws.handler.soap.SOAPHandler; 
import javax.xml.ws.handler.soap.SOAPMessageContext; 

public class MessageHandler implements SOAPHandler<SOAPMessageContext>{ 

    @Override 
    public void close(MessageContext arg0) { 
     // TODO Auto-generated method stub 

    } 


    @Override 
    public Set getHeaders() { 
     // TODO Auto-generated method stub 
     return null; 
    } 

    @Override 
    public boolean handleFault(SOAPMessageContext context) { 
     // TODO Auto-generated method stub 
     return false; 
    } 

    @Override 
    public boolean handleMessage(SOAPMessageContext soapMessageContext) { 
     try { 

       boolean outMessageIndicator = (Boolean) soapMessageContext 
              .get(MessageContext.MESSAGE_OUTBOUND_PROPERTY); 
       if (outMessageIndicator) { 

        SOAPEnvelope envelope = soapMessageContext.getMessage().getSOAPPart().getEnvelope(); 

        SOAPHeader header = envelope.addHeader(); 

        SOAPElement security = header.addChildElement("Security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); 

        SOAPElement usernameToken = security.addChildElement("UsernameToken", "wsse"); 
        usernameToken.addAttribute(new QName("xmlns:wsu"), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); 

        SOAPElement username = usernameToken.addChildElement("Username", "wsse"); 
        username.addTextNode("wsuser"); 

        SOAPElement password = usernameToken.addChildElement("Password", "wsse"); 
        password.setAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"); 
        password.addTextNode("wspwd"); 

      } 

     } catch (Exception ex) { 
     throw new WebServiceException(ex); 
     } 
     return true; 
    } 



} 

創建HeaderHandlerResolver.java

package com.secure.client; 

import java.util.ArrayList; 
import java.util.List; 
import javax.xml.ws.handler.Handler; 
import javax.xml.ws.handler.HandlerResolver; 
import javax.xml.ws.handler.PortInfo; 

public class HeaderHandlerResolver implements HandlerResolver { 

@SuppressWarnings("unchecked") 
public List<Handler> getHandlerChain(PortInfo portInfo) { 
     List<Handler> handlerChain = new ArrayList<Handler>(); 
     MessageHandler hh = new MessageHandler(); 
     handlerChain.add(hh); 
     return handlerChain; 
    } 
} 

可以使用存根

Client.java

import javax.xml.ws.BindingProvider; 

import com.secure.HelloService; 
import com.secure.HelloServiceException; 
import com.secure.HelloServicePortType; 

public class Client { 

    public static void main(String[] args) { 

     HelloService service = new HelloService(); 

     service.setHandlerResolver(new HeaderHandlerResolver()); 

     HelloServicePortType port = service.getHelloServiceHttpSoap11Endpoint(); 

     // Use the BindingProvider's context to set the endpoint 
     BindingProvider bp = (BindingProvider)port; 
     bp.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://localhost:8080/<WebserviceName>/services/<WebserviceName>"); 



     System.out.println(port.getVersion()); 

     try { 

      System.out.println(port.getHello("Zack")); 

     } catch (HelloServiceException e) { 
      e.printStackTrace(); 
     } 

    } 

} 

創建客戶端代碼