WSS4JInInterceptor 迁移到 wildfly12
WSS4JInInterceptor migrate to wildfly12
我打算将 jboss 5 迁移到 wildfly 12。有一个 Web 服务正在使用 org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor 来验证对该服务的访问。为此,它使用 jboss-cxf.xml 中的配置,如下所示。
<jaxws:inInterceptors>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<property name="properties">
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordText"/>
<entry key="passwordCallbackClass" value="com.xxx.xxx.ws.wsse.ServerPasswordCallback"/>
</map>
</property>
</bean>
</jaxws:inInterceptors>
在 wildfly12 中,它不读这个 xml。有一个名为 'jboss-webservices.xml' 的新配置文件。但我找不到将其迁移到新版本的方法。
请帮忙解决这个问题
我使用拦截器注释解决了这个问题。我添加了 org.apache.cxf.interceptor.InInterceptors 注释并提供了自定义的 class 以将值设置为 WSS4JInInterceptor 的必填字段并将 WSS4JInInterceptor 添加到拦截器链。
@InInterceptors(interceptors = {"com.xxx.xx.ws.wsse.WSSecurityInterceptor"})
@WebService
@Stateless
public class OrganizationImportServiceImpl{...enter code here
这里是com.xxx.xx.ws.wsse.WSSecurityInterceptorclass
package com.xxx.xx.ws.wsse;
import java.util.HashMap;
import java.util.Map;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.Interceptor;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
public class WSSecurityInterceptor extends AbstractPhaseInterceptor<Message>{
public WSSecurityInterceptor() {
super(Phase.PRE_PROTOCOL);
}
public WSSecurityInterceptor(String phase) {
super(Phase.PRE_PROTOCOL);
}
@Override
public void handleMessage(Message message) throws Fault {
Map<String, Object> props = new HashMap<String, Object>();
props.put("action", "UsernameToken");
props.put("passwordCallbackClass", "com.xxx.xx.ws.wsse.ServerPasswordCallback");
props.put("passwordType", "PasswordText");
WSS4JInInterceptor wss4jInHandler = new WSS4JInInterceptor(props);
message.getInterceptorChain().add((Interceptor<? extends Message>) wss4jInHandler);
}
}
然后在回调处理程序中设置有效密码 class。这是回调处理程序 class.
package com.xxx.xx.ws.wsse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.ext.WSPasswordCallback;
public class ServerPasswordCallback implements CallbackHandler {
private Map<String, String> passwords = new HashMap<String, String>();
public ServerPasswordCallback() {
super();
passwords.put("testuser", "testpwd");
}
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
if (pc.getIdentifier() == null) {
throw new IOException("authentication failure. required username password to proceed ..");
}
if (passwords.containsKey(pc.getIdentifier())) {
// set the password on the callback. This will be compared to the
// password which was sent from the client.
pc.setPassword(passwords.get(pc.getIdentifier()));
} else {
throw new IOException("authentication failure. invalid user name or password ");
}
}
}
然后在cxf-rt-ws-security模块中进行密码验证。
我打算将 jboss 5 迁移到 wildfly 12。有一个 Web 服务正在使用 org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor 来验证对该服务的访问。为此,它使用 jboss-cxf.xml 中的配置,如下所示。
<jaxws:inInterceptors>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<property name="properties">
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordText"/>
<entry key="passwordCallbackClass" value="com.xxx.xxx.ws.wsse.ServerPasswordCallback"/>
</map>
</property>
</bean>
</jaxws:inInterceptors>
在 wildfly12 中,它不读这个 xml。有一个名为 'jboss-webservices.xml' 的新配置文件。但我找不到将其迁移到新版本的方法。
请帮忙解决这个问题
我使用拦截器注释解决了这个问题。我添加了 org.apache.cxf.interceptor.InInterceptors 注释并提供了自定义的 class 以将值设置为 WSS4JInInterceptor 的必填字段并将 WSS4JInInterceptor 添加到拦截器链。
@InInterceptors(interceptors = {"com.xxx.xx.ws.wsse.WSSecurityInterceptor"})
@WebService
@Stateless
public class OrganizationImportServiceImpl{...enter code here
这里是com.xxx.xx.ws.wsse.WSSecurityInterceptorclass
package com.xxx.xx.ws.wsse;
import java.util.HashMap;
import java.util.Map;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.Interceptor;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
public class WSSecurityInterceptor extends AbstractPhaseInterceptor<Message>{
public WSSecurityInterceptor() {
super(Phase.PRE_PROTOCOL);
}
public WSSecurityInterceptor(String phase) {
super(Phase.PRE_PROTOCOL);
}
@Override
public void handleMessage(Message message) throws Fault {
Map<String, Object> props = new HashMap<String, Object>();
props.put("action", "UsernameToken");
props.put("passwordCallbackClass", "com.xxx.xx.ws.wsse.ServerPasswordCallback");
props.put("passwordType", "PasswordText");
WSS4JInInterceptor wss4jInHandler = new WSS4JInInterceptor(props);
message.getInterceptorChain().add((Interceptor<? extends Message>) wss4jInHandler);
}
}
然后在回调处理程序中设置有效密码 class。这是回调处理程序 class.
package com.xxx.xx.ws.wsse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.ext.WSPasswordCallback;
public class ServerPasswordCallback implements CallbackHandler {
private Map<String, String> passwords = new HashMap<String, String>();
public ServerPasswordCallback() {
super();
passwords.put("testuser", "testpwd");
}
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
if (pc.getIdentifier() == null) {
throw new IOException("authentication failure. required username password to proceed ..");
}
if (passwords.containsKey(pc.getIdentifier())) {
// set the password on the callback. This will be compared to the
// password which was sent from the client.
pc.setPassword(passwords.get(pc.getIdentifier()));
} else {
throw new IOException("authentication failure. invalid user name or password ");
}
}
}
然后在cxf-rt-ws-security模块中进行密码验证。