服务端添加拦截器
import org.apache.cxf.binding.soap.SoapMessage; import org.apache.cxf.headers.Header; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.phase.AbstractPhaseInterceptor; import org.apache.cxf.phase.Phase; import java.util.List; import org.apache.cxf.binding.soap.SoapHeader; import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; import org.w3c.dom.Element; import javax.xml.soap.SOAPException; @Component public class WsAuthInterceptor extends AbstractPhaseInterceptor<SoapMessage> { private static final String USERNAME = "root"; private static final String PASSWORD = "admin"; public WsAuthInterceptor() { // 定义在哪个阶段进行拦截 super(Phase.PRE_PROTOCOL); } @Override public void handleMessage(SoapMessage soapMessage) throws Fault { List<Header> headers = soapMessage.getHeaders(); String username = null; String password = null; if (headers == null || headers.isEmpty()) { throw new Fault(new IllegalArgumentException("找不到Header,无法验证用户信息")); } // 获取用户名,密码 for (Header header : headers) { SoapHeader soapHeader = (SoapHeader) header; Element e = (Element) soapHeader.getObject(); username = e.getAttribute("username"); password = e.getAttribute("password"); if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) { throw new Fault(new IllegalArgumentException("用户信息为空")); } } // 校验用户名密码 if (!(USERNAME.equals(username) && PASSWORD.equals(password))) { SOAPException soapExc = new SOAPException("认证失败"); System.err.println("用户认证信息错误"); throw new Fault(soapExc); } } }
@Bean public Endpoint endpoint() { EndpointImpl endpoint = new EndpointImpl(springBus(), demoService()); //绑定要发布的服务 endpoint.publish("/api"); // 暴露webService api,用在资源访问 endpoint.getInInterceptors().add(wsAuthInterceptor); return endpoint; }
--------
客户端调用
SOAP UI
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.his.thoth.com"> <soapenv:Header> <Author username="root" password="admin"></Author> </soapenv:Header> <soapenv:Body> <ser:sayHello> <!--Optional:--> <arg>Test</arg> </ser:sayHello> </soapenv:Body> </soapenv:Envelope>
动态调用
@Override public String soapDynamicTest(String ip) { //创建动态客户端 JaxWsDynamicClientFactory factory = JaxWsDynamicClientFactory.newInstance(); // Client client = factory.createClient("http://www.webxml.com.cn/WebServices/IpAddressSearchWebService.asmx?wsdl"); Client client = factory.createClient("http://192.168.1.216:9090/ws/api?wsdl"); // 需要密码的情况需要加上用户名和密码 //client.getOutInterceptors().add(new ClientLoginInterceptor("USER_NAME","PASS_WORD")); HTTPConduit conduit = (HTTPConduit) client.getConduit(); HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy(); httpClientPolicy.setConnectionTimeout(2000); //连接超时 httpClientPolicy.setAllowChunking(false); //取消块编码 httpClientPolicy.setReceiveTimeout(120000); //响应超时 conduit.setClient(httpClientPolicy); client.getOutInterceptors().add(new ClientCheckInterceptor()); try{ Object[] objects = new Object[0]; // invoke("方法名",参数1,参数2,参数3....); // objects = client.invoke("getCountryCityByIp", ip); objects = client.invoke("sayHello", ip); System.out.println("返回数据:" + objects[0]); // return ((ArrayOfString) objects[0]).getString().toString(); return objects[0].toString(); }catch (Exception e){ e.printStackTrace(); } return ""; }
ClientCheckInterceptor.java
import org.apache.cxf.binding.soap.SoapMessage; import org.apache.cxf.headers.Header; import org.apache.cxf.helpers.DOMUtils; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.phase.AbstractPhaseInterceptor; import org.apache.cxf.phase.Phase; import org.w3c.dom.Document; import org.w3c.dom.Element; import javax.xml.namespace.QName; import java.util.List; public class ClientCheckInterceptor extends AbstractPhaseInterceptor<SoapMessage> { private static final String USERNAME = "root"; private static final String PASSWORD = "admin"; public ClientCheckInterceptor() { super(Phase.PREPARE_SEND); } @Override public void handleMessage(SoapMessage message) throws Fault { List<Header> headers = message.getHeaders(); Document document = DOMUtils.createDocument(); Element authorEle = document.createElement("author"); authorEle.setAttribute("username", USERNAME); authorEle.setAttribute("password", PASSWORD); headers.add(new Header(new QName(""), authorEle)); } }