一、增加maven 依赖
-
<dependency>
-
<groupId>org.apache.cxf
</groupId>
-
<artifactId>cxf-rt-ws-security
</artifactId>
-
<version>3.1.8
</version>
-
</dependency>
二、spring-context配置拦截器
-
<jaxws:endpoint >
-
<jaxws:inInterceptors>
-
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
-
<constructor-arg>
-
<map>
-
<entry key="action" value="UsernameToken" />
-
<entry key="passwordType" value="PasswordDigest" />
-
<entry key="passwordCallbackRef">
-
<bean class="com.interceptor.PasswordCallback">
</bean>
-
</entry>
-
</map>
-
</constructor-arg>
-
</bean>
-
</jaxws:inInterceptors>
-
</jaxws:endpoint>
三、编写PasswordCallback
-
import javax.security.auth.callback.Callback;
-
import javax.security.auth.callback.CallbackHandler;
-
import javax.security.auth.callback.UnsupportedCallbackException;
-
-
import org.apache.wss4j.common.ext.WSPasswordCallback;
-
-
import java.io.IOException;
-
-
-
public
class PasswordCallback implements CallbackHandler {
-
public void handle(Callback[] callbacks) throws IOException,
-
UnsupportedCallbackException {
-
WSPasswordCallback pc = (WSPasswordCallback) callbacks[
0];
-
String idf = pc.getIdentifier();
//ws传过来的用户名
-
String pwd =
null;
//需查数据库获得密码
-
String cfgUser =
"aaa";
-
if(cfgUser!=
null && cfgUser.equals(idf)) {
-
pwd =
"123456";
-
}
else {
-
pwd =
"error";
-
}
-
pc.setPassword(pwd);
-
}
-
-
}
四、soapUI 调用时设置用户名密码
右键,show Interface view
