客户端拦截器:
public class AccountInterceptor extends AbstractPhaseInterceptor<SoapMessage>{ private String name; private String password; public AccountInterceptor(String name,String password) { //Phase值决定了拦截器什么时候拦截到消息 //PRE_PROTOCOL准备请求时拦截 super(Phase.PRE_PROTOCOL); this.name = name; this.password = password; } //一旦被拦截,首先调用此方法 @SuppressWarnings("deprecation") @Override public void handleMessage(SoapMessage msg) throws Fault { List<Header> headers = msg.getHeaders(); //在客户端请求时,会将用户名密码带过去 //怎么带用户名和密码到服务器,将用户名和密码设置在请求头中 org.w3c.dom.Document document = DOMHelper.createDocument(); Element ele = document.createElement("account");//创建标签<account></account> Element eleName = document.createElement("name");//创建标签<name></name> eleName.setTextContent(name);//给<name>设值,值为客户端传进来的用户名 ele.appendChild(eleName); Element elePwd = document.createElement("password");//创建标签<password></password> elePwd.setTextContent(password);//给<password>设值,值为客户端传进来的密码 ele.appendChild(elePwd); //设置标签<account>的account headers.add(new Header(new QName("account"),ele)); //如果拦截了,打印以下信息! System.out.println("客户端拦截了"); } }
客户端client-beans.xml配置:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> <!-- serviceClass:SEI --> <!-- address:server端webService的发布地址 --> <jaxws:client id="weatherClient" serviceClass="com.cxf.dao.WeatherDao" address="http://localhost:8080/cxf_spring_webService_server/weatherws"> <!-- 客户端配置出拦截器 --> <jaxws:outInterceptors> <!-- 客户端拦截器全类名 --> <bean class="com.webservice.server.AccountInterceptor"> <!-- 拦截器构造器参数 --> <constructor-arg name="name" value="xxx"/> <constructor-arg name="password" value="xxx"/> </bean> </jaxws:outInterceptors> </jaxws:client> </beans>
服务器拦截器:
//服务器拦截器 public class CheckAccountInterceptor extends AbstractPhaseInterceptor<SoapMessage>{ public CheckAccountInterceptor() { super(Phase.PRE_PROTOCOL); } @Override public void handleMessage(SoapMessage message) throws Fault { //获取客户端请求头 //account为客户端设置的qname Header header = message.getHeader(new QName("account")); if(header != null){ Element account = (Element) header.getObject(); //通过标签名获取值<name></name> String name = account.getElementsByTagName("name").item(0).getTextContent(); String password = account.getElementsByTagName("password").item(0).getTextContent(); if("webService".equals(name) && "123456".equals(password)){ System.out.println("验证通过......"); } } System.out.println("没有通过拦截器!"); throw new Fault(new RuntimeException("用户名或者密码错误!")); } }
服务器beans.xml配置
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd"> <!-- cxf的一些核心配置(必须引入) --> <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> <!-- implementor:SEI实现类全类名 --> <!-- address:名字可以任意取; webService部署路径:主机名/工程名/address wsdl文档:通过主机名/工程名/address?wsdl 不再需要手动去发布webService! --> <jaxws:endpoint id="weatherWS" implementor="com.cxf.service.WeatherService" address="/weatherws"> <!-- 服务器配置入拦截器 --> <jaxws:inInterceptors> <!-- 服务器拦截器全类名 --> <bean class="com.webService.server.CheckAccountInterceptor"></bean> </jaxws:inInterceptors> </jaxws:endpoint> </beans>
总结:配置拦截器相当简单,所以不再提供详细例子,参考以上配置即可。