如何增强回调处理程序CXF拦截器方法
[英]How To enhance The Callback handler CXF Interceptor method
问题描述
I made a WSS4JInInterceptor in a spring bean configuration file as follows 
我在spring bean配置文件中制作了WSS4JInInterceptor ,如下所示
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws"
xmlns:jaxrs="http://cxf.apache.org/jaxrs"
xsi:schemaLocation="http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxrs
http://cxf.apache.org/schemas/jaxrs.xsd">
<jaxws:endpoint id="book"
implementor="net.ma.soap.ws.endpoints.IBookEndPointImpl" address="/bookAuth">
<jaxws:inInterceptors>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"></bean>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType" value="PasswordText" />
<entry key="passwordCallbackClass" value="net.ma.soap.ws.service.ServerPasswordCallback"></entry>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
</beans>
The ServerPasswordCallBack.java looks like the following ServerPasswordCallBack.java如下所示
package net.ma.soap.ws.service;
import java.io.IOException;
import java.util.ResourceBundle;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.ext.WSPasswordCallback;
public class ServerPasswordCallback implements CallbackHandler {
private static final String BUNDLE_LOCATION = "zuth";
private static final String PASSWORD_PROPERTY_NAME = "auth.manager.password";
private static String password;
static {
final ResourceBundle bundle = ResourceBundle.getBundle(BUNDLE_LOCATION);
password = bundle.getString(PASSWORD_PROPERTY_NAME);
}
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
pc.setPassword(password);
}
}
With the password verification, everything work just fine. 通过密码验证,一切正常。
I'd like to know if there's any other way to enhance the handle(Callback) method to make it more sophisticated so it would be able to check more than just one parameter, for example if i can make it check an access token, it would be much more better. 我想知道是否还有其他方法可以增强handle(Callback)方法,使其更复杂,以便它能够检查多个参数,例如,是否可以检查访问令牌,例如会更好。
the password property is defined in zuth_fr_FR.properties file as follows 密码属性在zuth_fr_FR.properties文件中定义,如下所示
auth.manager.password=najah auth.manager.password = najah
1 个解决方案
解决方案1
1 已采纳 2016-05-04 09:32:54
If you want to do some custom validation on your username and token (such as verify against a directoryservice using LDAP or something similar) you can write your own custom UsernameTokenValidator overriding verifyPlaintextPassword(UsernameToken usernameToken) of UsernameTokenValidator and hook it up to your WSS4JInInterceptor adding the following to your bean definition 如果要对用户名和令牌执行一些自定义验证(例如使用LDAP或类似方法针对目录服务进行验证),则可以编写自己的自定义UsernameTokenValidator来覆盖UsernameTokenValidator的verifyPlaintextPassword(UsernameToken usernameToken)并将其连接到WSS4JInInterceptor上,并添加遵循您的bean定义
<property name="wssConfig">
<ref bean="usernameTokenWssConfig"/>
</property>
And add the referenced class to your codebase: 并将引用的类添加到您的代码库中:
@Component("usernameTokenWssConfig")
public class usernameTokenWssConfigWSSConfig {
public usernameTokenWssConfig() {
setValidator(WSSecurityEngine.USERNAME_TOKEN, new CustomUsernameTokenValidator());
setRequiredPasswordType(WSConstants.PASSWORD_TEXT);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.