服务端设置:
1、新增过滤器
import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPException;
import java.util.List;
import java.util.regex.Pattern;
/**
* 全局拦截器
*/
@Component
public class AuthInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
private Logger logger = LoggerFactory.getLogger(AuthInterceptor.class);
@Value(value = "${ENV_PWP_WSINTERFACE_SECURITY_ENABLED:true}")
private String securityEnabled;
public AuthInterceptor() {
//定义拦截器阶段
super(Phase.PRE_INVOKE);
}
/**
* 拦截器操作
*
* @param message 被拦截到的消息
* @throws Fault
*/
@Override
public void handleMessage(SoapMessage message) {
if (isEnableSecurity()) {
List<Header> headers = message.getHeaders();
if (CollectionUtils.isEmpty(headers)) {
throw new Fault(new SOAPException("安全认证未开启"));
} else {
Element auth = null;
//获取授权信息元素
for (Header header : headers) {
QName qname = header.getName();
String tagName = qname.getLocalPart();
if ("security".equals(tagName)) {
auth = (Element) header.getObject();
break;
}
}
//如果授权信息元素不存在,提示错误
if (auth == null) {
throw new Fault(new SOAPException("授权信息元素不存在"));
}
String username = "";
String password = "";
try {
NodeList nodes = auth.getChildNodes();
if (nodes == null || nodes.getLength() == 0) {
throw new Fault(new Exception("用户名或密码为空"));
}
int size = nodes.getLength();
for (int i = 0; i < size; i++) {
Node node = nodes.item(i);
String tagName = node.getLocalName();
if ("username".equalsIgnoreCase(tagName)) {
username = node.getTextContent();
}
if ("password".equalsIgnoreCase(tagName)) {
password = node.getTextContent();
}
}
} catch (Exception e) {
throw new Fault(new Exception( e.getMessage()));
}
if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
throw new Fault(new Exception("用户名或密码为空"));
}
if (!verification(username, password)) {
throw new Fault(new Exception("用户名或密码错误"));
}
}
}
}
/**
* handleMessage异常后执行
*
* @param message 被拦截到的消息
*/
@Override
public void handleFault(SoapMessage message) {
super.handleFault(message);
}
private Boolean isEnableSecurity() {
return "true".equalsIgnoreCase(this.securityEnabled);
}
public boolean verification(String username, String password) {
if (!username.equals("aaaa")
|| !password.equals("bbb")) {
throw new Fault(new Exception("用户名或密码错误"));
}
return true;
}
}
2、发布信息webservice新增认证
客户端配置
1、设置过滤器
import java.io.ByteArrayOutputStream;
import java.io.PrintStream;
import java.util.List;
import javax.xml.namespace.QName;
import org.apache.cxf.binding.soap.SoapHeader;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@Component
public class AuthSoapHeaderInterceptor extends AbstractPhaseInterceptor<SoapMessage> {
private static Logger LOG = LoggerFactory.getLogger(AuthSoapHeaderInterceptor.class);
private String sys;
public AuthSoapHeaderInterceptor(String p, String sys) {
super(p);
this.sys = sys;
}
public AuthSoapHeaderInterceptor() {
super(Phase.WRITE);
}
@Override
public void handleMessage(SoapMessage message) throws Fault {
String username = "aaaa";
String password = "bbb";
System.out.println("-----拦截器开始----");
try {
boolean isEnableSecurity = true;
if (isEnableSecurity) {
// SoapHeader部分待添加的节点
QName qName = new QName("security");
Document doc = DOMUtils.createDocument();
// 验证token
Element usernameEl = doc.createElement("username");
usernameEl.setTextContent(username);
Element passwordEl = doc.createElement("password");
passwordEl.setTextContent(password);
Element root = doc.createElement("security");
root.appendChild(usernameEl);
root.appendChild(passwordEl);
// 创建SoapHeader内容
SoapHeader header = new SoapHeader(qName, root);
// 添加SoapHeader内容
List<Header> headers = message.getHeaders();
headers.add(header);
}
} catch (Exception e) {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
e.printStackTrace(new PrintStream(baos));
String exception = baos.toString();
LOG.error("soa安全认证头部加入过程出现异常" + exception);
}
}
}
2、调用接口时设置过滤器部分代码
Service service= new Service();
ervicePort servicePort = service.getService();
Client client = ClientProxy.getClient(servicePort);
client.getOutInterceptors().add(new AuthSoapHeaderInterceptor(Phase.WRITE, ""));