[英]CXF Client Security
I am creating a client to a Java soap web service, but am having trouble figuring out how to properly pass the password.我正在为 Java soap web 服务创建一个客户端,但我无法弄清楚如何正确传递密码。 Here is my "hardcoded" password example:
这是我的“硬编码”密码示例:
@Test
public void exploratorySecurityTest() {
String username = "user";
String password = "pwd";
UserStoryService service = new UserStoryService();
UserStoryServiceSoap port = service.getUserStoryServiceSoap();
//initialize security
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(port);
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.USER, username);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
int storyId = 33401;
UserStoryDTO userStoryDTO = port.getByID(storyId);
//success if no error
}
public class ClientPasswordCallback implements CallbackHandler {
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
pc.setPassword("pwd");
}}
What I really want to do is to pass the password into the callback handler.我真正想做的是将密码传递给回调处理程序。 The examples that I have seen in the CXF documentation implement the callback either "hardcoded" (as I did in this example) or as a function of the username:
我在 CXF 文档中看到的示例将回调实现为“硬编码”(如我在本例中所做的那样)或作为用户名的 function:
if (pc.getIdentifier().equals("user"))
pc.setPassword("pwd");
Neither of these meet my needs.这些都不符合我的需求。 Is there a way that I can do something like the following:
有没有办法让我做如下的事情:
@Test
public void exploratorySecurityTest() {
String username = "user";
String password = "pwd";
UserStoryService service = new UserStoryService();
UserStoryServiceSoap port = service.getUserStoryServiceSoap();
//initialize security
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(port);
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
outProps.put(WSHandlerConstants.USER, username);
//pass the password here?
outProps.put("password", password);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName());
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
// ...
}
Use PW_CALLBACK_REF instead PW_CALLBACK_CLASS, and pass an instantiated object, instead of the static class. You can inject the password in said object.使用 PW_CALLBACK_REF 而不是 PW_CALLBACK_CLASS,并传递实例化的 object,而不是 static class。您可以在所述 object 中注入密码。
Something like:就像是:
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
CXFClientPasswordHandler handler = new CXFClientPasswordHandler();
handler.setPassword(password);
outProps.put(WSHandlerConstants.PW_CALLBACK_REF, handler);
I was also able to do the following:我还能够执行以下操作:
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(obj);
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
System.out.println("initialize security for user " + this.username);
outProps.put(WSHandlerConstants.USER, this.username);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
Map<String, Object> ctx = ((BindingProvider) obj).getRequestContext();
ctx.put("password", this.password);
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
Your ClientPasswordCallback
class may be like that, with his own pwd field and the associated setter:你的
ClientPasswordCallback
class 可能是这样的,有他自己的密码字段和相关的设置器:
class ClientPasswordCallback implements CallbackHandler {
private String pwd;
public void setPassword(String pwd) {
passwd = pwd;
}
@Override
public void handle(Callback[] callbacks) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
pc.setPassword(pwd);
}
}
Then you can instanciate it in your test, set its password and use PW_CALLBACK_REF
key to add it to the outProps
map:然后你可以在你的测试中实例化它,设置它的密码并使用
PW_CALLBACK_REF
键将它添加到outProps
map:
@Test
public void exploratorySecurityTest() {
String username = "user";
String password = "pwd";
// ...
outProps.put(PASSWORD_TYPE, WSConstants.PW_TEXT);
ClientPasswordCallback handler = new ClientPasswordCallback();
handler.setPassword(passwd);
outProps.put(PW_CALLBACK_REF, handler);
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
// ...
}
I have always used following way of adding properties to request context for http level authentication and CallbackHandler for adding message level username token.我一直使用以下方式添加属性以请求 http 级别身份验证的上下文和 CallbackHandler 添加消息级别用户名令牌。
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(obj);
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
System.out.println("initialize security for user " + this.username);
outProps.put(WSHandlerConstants.USER, this.username);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
Map<String, Object> requestContext = ((BindingProvider) obj).getRequestContext();
//For message level authentication
requestContext.put("ws-security.username", "Ron");
requestContext.put("ws-security.callback-handler", "com.ws.cxf.client.callback.UTPasswordCallback");
//For endpoint level authentication, HTTP Basic/Digest
requestContext.put(BindingProvider.USERNAME_PROPERTY, username);
requestContext.put(BindingProvider.PASSWORD_PROPERTY, password);
class UTPasswordCallback implements CallbackHandler {
@Override
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for(Callback cb:callbacks){
WSPasswordCallback pcallback = (WSPasswordCallback)cb;
if(pcallback.getUsage()==WSPasswordCallback.USERNAME_TOKEN)
{
if(pcallback.getIdentifier().equals("Ron"))
pcallback.setPassword("noR");
}
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.