67566894
- 浏览: 189607 次
- 性别:
- 来自: 许昌
-
最新评论
-
kingrlf:
可以啊,小伙子
dom4j 和jdom的使用用法及jar包下载 -
a574258039:
...
dom4j 和jdom的使用用法及jar包下载 -
lantianroom:
好东西
dom4j 和jdom的使用用法及jar包下载 -
文昌平蓝杰:
好东西,正需要
dom4j 和jdom的使用用法及jar包下载 -
yao7397:
好东西,谢了
dom4j 和jdom的使用用法及jar包下载
http://www.blogjava.net/security/archive/2006/08/08/xfire_wss4j.html
Java代码
1. 鉴于很多系统需要实施WS-Security的标准,我们在SpringSide中提供了XFire+WSS4J的Demo,本文介绍SpringSide中Spring+XFire+WSS4J的基本配置
2.
3. [WebService Server端配置]
4. 第一,创建一个基本的BookService
5. public interface BookService {
6. /** *//**
7. * 按书名模糊查询图书
8. */
9. List findBooksByName(String name);
10.
11. /** *//**
12. * 查找目录下的所有图书
13. *
14. * @param categoryId 如果category为null或“all”, 列出所有图书。
15. */
16. List findBooksByCategory(String categoryId);
17.
18. /** *//**
19. * 列出所有分类.
20. *
21. * @return List<Category>,或是null。
22. */
23. List getAllCategorys();
24. }
25. 第二,接口扩展,即Extend基本的BookService,在XFire中,不同的WSS4J策略需要针对不同的ServiceClass,否则<inHandlers>里面的定义会Overlap。 public interface BookServiceWSS4JEnc extends BookService {
26.
27. }
28. public interface BookServiceWSS4JSign extends BookService {
29.
30. }
31. 第三,配置Spring的ApplicationContext文件
32. <!--BookService 基类-->
33. <bean id="baseWebService" class="org.codehaus.xfire.spring.remoting.XFireExporter" abstract="true">
34. <property name="serviceFactory" ref="xfire.serviceFactory"/>
35. <property name="xfire" ref="xfire"/>
36. </bean>
37.
38. <bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
39. <property name="mappings">
40. <value>
41. /BookService=bookService
42. /BookServiceWSS4J=bookServiceWSS4J
43. /BookServiceWSS4JEnc=bookServiceWSS4JEnc
44. /BookServiceWSS4JSign=bookServiceWSS4JSign
45. </value>
46. </property>
47. </bean>
48.
49. <!--(1)BookWebService 不需要认证-->
50. <bean id="bookService" class="org.codehaus.xfire.spring.remoting.XFireExporter">
51. <property name="serviceFactory" ref="xfire.serviceFactory"/>
52. <property name="xfire" ref="xfire"/>
53. <property name="serviceBean" ref="bookManager"/>
54. <property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookService"/>
55. </bean>
56.
57. <!-- (3)BookWebService 使用 WSS4J验证-->
58. <bean id="bookServiceWSS4J" class="org.codehaus.xfire.spring.remoting.XFireExporter">
59. <property name="serviceBean" ref="bookManager"/>
60. <property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookServiceWSS4J"/>
61. <property name="inHandlers">
62. <list>
63. <ref bean="domInHandler"/>
64. <ref bean="wss4jInHandler"/>
65. <ref bean="validateUserTokenHandler"/>
66. </list>
67. </property>
68. </bean>
69.
70. <bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler"/>
71.
72. <bean id="wss4jInHandler" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
73. <property name="properties">
74. <props>
75. <prop key="action">UsernameToken</prop>
76. <prop key="passwordCallbackClass">org.springside.bookstore.plugins.xfire.wss4j.PasswordHandler</prop>
77. </props>
78. </property>
79. </bean>
80.
81. <bean id="validateUserTokenHandler" class="org.springside.bookstore.plugins.xfire.wss4j.WSS4JTokenHandler"/>
82.
83. <!-- (4)BookWebService 使用 WSS4J验证 Encrypt模式-->
84. <bean id="bookServiceWSS4JEnc" class="org.codehaus.xfire.spring.remoting.XFireExporter">
85. <property name="serviceBean" ref="bookManager"/>
86. <property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookServiceWSS4JEnc"/>
87. <property name="inHandlers">
88. <list>
89. <ref bean="domInHandler"/>
90. <ref bean="wss4jInHandlerEnc"/>
91. <ref bean="validateUserTokenHandler"/>
92. </list>
93. </property>
94. </bean>
95.
96. <bean id="wss4jInHandlerEnc" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
97. <property name="properties">
98. <props>
99. <prop key="action">Encrypt</prop>
100. <prop key="decryptionPropFile">org/springside/bookstore/plugins/xfire/wss4j/insecurity_enc.properties</prop>
101. <prop key="passwordCallbackClass">org.springside.bookstore.plugins.xfire.wss4j.PasswordHandler</prop>
102. </props>
103. </property>
104. </bean>
105.
106. <!-- (5)BookWebService 使用 WSS4J验证 Signature模式-->
107. <bean id="bookServiceWSS4JSign" class="org.codehaus.xfire.spring.remoting.XFireExporter">
108. <property name="serviceBean" ref="bookManager"/>
109. <property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookServiceWSS4JSign"/>
110. <property name="inHandlers">
111. <list>
112. <ref bean="domInHandler"/>
113. <ref bean="wss4jInHandlerSign"/>
114. <ref bean="validateUserTokenHandler"/>
115. </list>
116. </property>
117. </bean>
118.
119. <bean id="wss4jInHandlerSign" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
120. <property name="properties">
121. <props>
122. <prop key="action">Signature</prop>
123. <prop key="signaturePropFile">org/springside/bookstore/plugins/xfire/wss4j/insecurity_sign.properties</prop>
124. <prop key="passwordCallbackClass">org.springside.bookstore.plugins.xfire.wss4j.PasswordHandler</prop>
125. </props>
126. </property>
127. </bean>
128.
129. </beans>
130.
131. 第四,配置insecurity_enc.properties和insecurity_sign.properties两个密钥库配置文件
132. insecurity_enc.properties:
133. org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
134. org.apache.ws.security.crypto.merlin.keystore.type=jks
135. org.apache.ws.security.crypto.merlin.keystore.password=SpringSide
136. org.apache.ws.security.crypto.merlin.alias.password=SpringSide
137. org.apache.ws.security.crypto.merlin.keystore.alias=david
138. org.apache.ws.security.crypto.merlin.file=org/springside/bookstore/plugins/xfire/wss4j/springside_private.jks
139. outsecurity_sign.properties:
140. org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
141. org.apache.ws.security.crypto.merlin.keystore.type=jks
142. org.apache.ws.security.crypto.merlin.keystore.password=SpringSide
143. org.apache.ws.security.crypto.merlin.keystore.alias=david
144. org.apache.ws.security.crypto.merlin.file=org/springside/bookstore/plugins/xfire/wss4j/springside_public.jks
145. 第五,使用SecureX生成了两个keystore文件
146. springside_private.jks
147. 别名名称: david
148. 创建日期: 2006-8-6
149. 输入类型:KeyEntry
150. 认证链长度: 1
151. 认证 [1]:
152. Owner: CN=david, OU=SpringSide, O=org, L=gz, ST=gd, C=cn
153. 发照者: CN=david, OU=SpringSide, O=org, L=gz, ST=gd, C=cn
154. 序号: 44d4cdcd
155. 有效期间: Sun Aug 06 00:56:45 CST 2006 至: Mon Aug 06 00:56:45 CST 2007
156. 认证指纹:
157. MD5: CF:97:13:0C:70:D0:4D:B6:B4:27:0F:1A:0B:CF:D9:F2
158. SHA1: 8E:8E:E8:BC:64:39:C8:43:E4:F7:1B:3B:CE:48:1D:6B:A0:2B:58:B5
159. springside_public.jks
160. 别名名称: david
161. 创建日期: 2006-8-6
162. 输入类型: trustedCertEntry
163.
164. Owner: CN=david, OU=SpringSide, O=org, L=gz, ST=gd, C=cn
165. 发照者: CN=david, OU=SpringSide, O=org, L=gz, ST=gd, C=cn
166. 序号: 44d4cdcd
167. 有效期间: Sun Aug 06 00:56:45 CST 2006 至: Mon Aug 06 00:56:45 CST 2007
168. 认证指纹:
169. MD5: CF:97:13:0C:70:D0:4D:B6:B4:27:0F:1A:0B:CF:D9:F2
170. SHA1: 8E:8E:E8:BC:64:39:C8:43:E4:F7:1B:3B:CE:48:1D:6B:A0:2B:58:B5
171. 第五,新版本SpringSide需要
172. http://www.bouncycastle.org/download/bcprov-jdk15-133.jar
173. 并且要配置java.security
174. 另外,还要使用jdk加密增强策略
175. http://www.blogjava.net/openssl/archive/2006/03/08/34381.html
176.
177. 用户要使用WSS4J,需要配置Bouncycastle这个SecurityProvider,否则
178. 运行Enc模式的XFire认证的时候,会抛出异常:
179. org.apache.ws.security.WSSecurityException: An unsupported signature or encryption algorithm was used unsupported key
180. 配合java.security也是非常简单:
181. 在最后加入BouncycastleProvider。
182. security.provider.1=sun.security.provider.Sun
183. security.provider.2=com.sun.net.ssl.internal.ssl.Provider
184. security.provider.3=com.sun.rsajca.Provider
185. security.provider.4=com.sun.crypto.provider.SunJCE
186. security.provider.5=sun.security.jgss.SunProvider
187. security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider
188.
189. [WebService Client端配置]
190. 1,Encrypt模式的Client是在客户端用david的公钥加密Soap里面的usernameToken,然后发送到Web服务,Web服务用david的私钥来验证。这种模式需要客户端预先知道服务器端的公钥。
191.
192. 在Encrypt模式中,需要这样配置ClientHandler:
193. Service serviceModel = new ObjectServiceFactory().create(BookServiceWSS4JEnc.class);
194. XFireProxyFactory factory = new XFireProxyFactory(getXFire());
195.
196. BookService service = (BookService) factory.create(serviceModel, "xfire.local://BookServiceWSS4JEnc");
197.
198. Client client = ((XFireProxy) Proxy.getInvocationHandler(service)).getClient();
199. //挂上WSS4JOutHandler,提供认证
200. client.addOutHandler(new DOMOutHandler());
201. Properties properties = new Properties();
202. configureOutProperties(properties);
203. client.addOutHandler(new WSS4JOutHandler(properties));
204.
205. List list = service.getAllCategorys(); configureOutProperties函数负责指定Client使用何种安全策略,没错,使用 outsecurity_enc.properties,这个properties是跟Server端的 insecurity_enc.properties一起使用的。
206. protected void configureOutProperties(Properties config) {
207. config.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
208. config.setProperty(WSHandlerConstants.USER, "david");
209. //config.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName());
210. //Configuration of public key used to encrypt message goes to properties file.
211. config.setProperty(WSHandlerConstants.ENC_PROP_FILE,
212. "org/springside/bookstore/plugins/xfire/outsecurity_enc.properties");
213. }
214.
215. outsecurity_enc.properties:
216. org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
217. org.apache.ws.security.crypto.merlin.keystore.type=jks
218. org.apache.ws.security.crypto.merlin.keystore.password=SpringSide
219. org.apache.ws.security.crypto.merlin.keystore.alias=david
220. org.apache.ws.security.crypto.merlin.file=org/springside/bookstore/plugins/xfire/wss4j/springside_public.jks
221.
222. 2, Sign模式的Client同样也是很简单,这种模式是Client端用自己的私钥为usernameToken签名,服务器端用Client的公钥来验证签名,因此,服务器端需要预先知道客户端的公钥。
223. 对应于Encrypt模式,这里的configureOutProperties需要这样来配置:
224. protected void configureOutProperties(Properties properties) {
225. properties.setProperty(WSHandlerConstants.ACTION,WSHandlerConstants.SIGNATURE);
226. // User in keystore
227. properties.setProperty(WSHandlerConstants.USER, "david");
228. // This callback is used to specify password for given user for keystore
229. properties.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName());
230. // Configuration for accessing private key in keystore
231. properties.setProperty(WSHandlerConstants.SIG_PROP_FILE,"org/springside/bookstore/plugins/xfire/outsecurity_sign.properties");
232. properties.setProperty(WSHandlerConstants.SIG_KEY_ID,"IssuerSerial");
233. }
234.
235.
236. outsecurity_sign.properties:
237. org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
238. org.apache.ws.security.crypto.merlin.keystore.type=jks
239. org.apache.ws.security.crypto.merlin.keystore.password=SpringSide
240. org.apache.ws.security.crypto.merlin.alias.password=SpringSide
241. org.apache.ws.security.crypto.merlin.keystore.alias=david
242. org.apache.ws.security.crypto.merlin.file=org/springside/bookstore/plugins/xfire/wss4j/springside_private.jks
Java代码
1. 鉴于很多系统需要实施WS-Security的标准,我们在SpringSide中提供了XFire+WSS4J的Demo,本文介绍SpringSide中Spring+XFire+WSS4J的基本配置
2.
3. [WebService Server端配置]
4. 第一,创建一个基本的BookService
5. public interface BookService {
6. /** *//**
7. * 按书名模糊查询图书
8. */
9. List findBooksByName(String name);
10.
11. /** *//**
12. * 查找目录下的所有图书
13. *
14. * @param categoryId 如果category为null或“all”, 列出所有图书。
15. */
16. List findBooksByCategory(String categoryId);
17.
18. /** *//**
19. * 列出所有分类.
20. *
21. * @return List<Category>,或是null。
22. */
23. List getAllCategorys();
24. }
25. 第二,接口扩展,即Extend基本的BookService,在XFire中,不同的WSS4J策略需要针对不同的ServiceClass,否则<inHandlers>里面的定义会Overlap。 public interface BookServiceWSS4JEnc extends BookService {
26.
27. }
28. public interface BookServiceWSS4JSign extends BookService {
29.
30. }
31. 第三,配置Spring的ApplicationContext文件
32. <!--BookService 基类-->
33. <bean id="baseWebService" class="org.codehaus.xfire.spring.remoting.XFireExporter" abstract="true">
34. <property name="serviceFactory" ref="xfire.serviceFactory"/>
35. <property name="xfire" ref="xfire"/>
36. </bean>
37.
38. <bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
39. <property name="mappings">
40. <value>
41. /BookService=bookService
42. /BookServiceWSS4J=bookServiceWSS4J
43. /BookServiceWSS4JEnc=bookServiceWSS4JEnc
44. /BookServiceWSS4JSign=bookServiceWSS4JSign
45. </value>
46. </property>
47. </bean>
48.
49. <!--(1)BookWebService 不需要认证-->
50. <bean id="bookService" class="org.codehaus.xfire.spring.remoting.XFireExporter">
51. <property name="serviceFactory" ref="xfire.serviceFactory"/>
52. <property name="xfire" ref="xfire"/>
53. <property name="serviceBean" ref="bookManager"/>
54. <property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookService"/>
55. </bean>
56.
57. <!-- (3)BookWebService 使用 WSS4J验证-->
58. <bean id="bookServiceWSS4J" class="org.codehaus.xfire.spring.remoting.XFireExporter">
59. <property name="serviceBean" ref="bookManager"/>
60. <property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookServiceWSS4J"/>
61. <property name="inHandlers">
62. <list>
63. <ref bean="domInHandler"/>
64. <ref bean="wss4jInHandler"/>
65. <ref bean="validateUserTokenHandler"/>
66. </list>
67. </property>
68. </bean>
69.
70. <bean id="domInHandler" class="org.codehaus.xfire.util.dom.DOMInHandler"/>
71.
72. <bean id="wss4jInHandler" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
73. <property name="properties">
74. <props>
75. <prop key="action">UsernameToken</prop>
76. <prop key="passwordCallbackClass">org.springside.bookstore.plugins.xfire.wss4j.PasswordHandler</prop>
77. </props>
78. </property>
79. </bean>
80.
81. <bean id="validateUserTokenHandler" class="org.springside.bookstore.plugins.xfire.wss4j.WSS4JTokenHandler"/>
82.
83. <!-- (4)BookWebService 使用 WSS4J验证 Encrypt模式-->
84. <bean id="bookServiceWSS4JEnc" class="org.codehaus.xfire.spring.remoting.XFireExporter">
85. <property name="serviceBean" ref="bookManager"/>
86. <property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookServiceWSS4JEnc"/>
87. <property name="inHandlers">
88. <list>
89. <ref bean="domInHandler"/>
90. <ref bean="wss4jInHandlerEnc"/>
91. <ref bean="validateUserTokenHandler"/>
92. </list>
93. </property>
94. </bean>
95.
96. <bean id="wss4jInHandlerEnc" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
97. <property name="properties">
98. <props>
99. <prop key="action">Encrypt</prop>
100. <prop key="decryptionPropFile">org/springside/bookstore/plugins/xfire/wss4j/insecurity_enc.properties</prop>
101. <prop key="passwordCallbackClass">org.springside.bookstore.plugins.xfire.wss4j.PasswordHandler</prop>
102. </props>
103. </property>
104. </bean>
105.
106. <!-- (5)BookWebService 使用 WSS4J验证 Signature模式-->
107. <bean id="bookServiceWSS4JSign" class="org.codehaus.xfire.spring.remoting.XFireExporter">
108. <property name="serviceBean" ref="bookManager"/>
109. <property name="serviceClass" value="org.springside.bookstore.plugins.xfire.service.BookServiceWSS4JSign"/>
110. <property name="inHandlers">
111. <list>
112. <ref bean="domInHandler"/>
113. <ref bean="wss4jInHandlerSign"/>
114. <ref bean="validateUserTokenHandler"/>
115. </list>
116. </property>
117. </bean>
118.
119. <bean id="wss4jInHandlerSign" class="org.codehaus.xfire.security.wss4j.WSS4JInHandler">
120. <property name="properties">
121. <props>
122. <prop key="action">Signature</prop>
123. <prop key="signaturePropFile">org/springside/bookstore/plugins/xfire/wss4j/insecurity_sign.properties</prop>
124. <prop key="passwordCallbackClass">org.springside.bookstore.plugins.xfire.wss4j.PasswordHandler</prop>
125. </props>
126. </property>
127. </bean>
128.
129. </beans>
130.
131. 第四,配置insecurity_enc.properties和insecurity_sign.properties两个密钥库配置文件
132. insecurity_enc.properties:
133. org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
134. org.apache.ws.security.crypto.merlin.keystore.type=jks
135. org.apache.ws.security.crypto.merlin.keystore.password=SpringSide
136. org.apache.ws.security.crypto.merlin.alias.password=SpringSide
137. org.apache.ws.security.crypto.merlin.keystore.alias=david
138. org.apache.ws.security.crypto.merlin.file=org/springside/bookstore/plugins/xfire/wss4j/springside_private.jks
139. outsecurity_sign.properties:
140. org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
141. org.apache.ws.security.crypto.merlin.keystore.type=jks
142. org.apache.ws.security.crypto.merlin.keystore.password=SpringSide
143. org.apache.ws.security.crypto.merlin.keystore.alias=david
144. org.apache.ws.security.crypto.merlin.file=org/springside/bookstore/plugins/xfire/wss4j/springside_public.jks
145. 第五,使用SecureX生成了两个keystore文件
146. springside_private.jks
147. 别名名称: david
148. 创建日期: 2006-8-6
149. 输入类型:KeyEntry
150. 认证链长度: 1
151. 认证 [1]:
152. Owner: CN=david, OU=SpringSide, O=org, L=gz, ST=gd, C=cn
153. 发照者: CN=david, OU=SpringSide, O=org, L=gz, ST=gd, C=cn
154. 序号: 44d4cdcd
155. 有效期间: Sun Aug 06 00:56:45 CST 2006 至: Mon Aug 06 00:56:45 CST 2007
156. 认证指纹:
157. MD5: CF:97:13:0C:70:D0:4D:B6:B4:27:0F:1A:0B:CF:D9:F2
158. SHA1: 8E:8E:E8:BC:64:39:C8:43:E4:F7:1B:3B:CE:48:1D:6B:A0:2B:58:B5
159. springside_public.jks
160. 别名名称: david
161. 创建日期: 2006-8-6
162. 输入类型: trustedCertEntry
163.
164. Owner: CN=david, OU=SpringSide, O=org, L=gz, ST=gd, C=cn
165. 发照者: CN=david, OU=SpringSide, O=org, L=gz, ST=gd, C=cn
166. 序号: 44d4cdcd
167. 有效期间: Sun Aug 06 00:56:45 CST 2006 至: Mon Aug 06 00:56:45 CST 2007
168. 认证指纹:
169. MD5: CF:97:13:0C:70:D0:4D:B6:B4:27:0F:1A:0B:CF:D9:F2
170. SHA1: 8E:8E:E8:BC:64:39:C8:43:E4:F7:1B:3B:CE:48:1D:6B:A0:2B:58:B5
171. 第五,新版本SpringSide需要
172. http://www.bouncycastle.org/download/bcprov-jdk15-133.jar
173. 并且要配置java.security
174. 另外,还要使用jdk加密增强策略
175. http://www.blogjava.net/openssl/archive/2006/03/08/34381.html
176.
177. 用户要使用WSS4J,需要配置Bouncycastle这个SecurityProvider,否则
178. 运行Enc模式的XFire认证的时候,会抛出异常:
179. org.apache.ws.security.WSSecurityException: An unsupported signature or encryption algorithm was used unsupported key
180. 配合java.security也是非常简单:
181. 在最后加入BouncycastleProvider。
182. security.provider.1=sun.security.provider.Sun
183. security.provider.2=com.sun.net.ssl.internal.ssl.Provider
184. security.provider.3=com.sun.rsajca.Provider
185. security.provider.4=com.sun.crypto.provider.SunJCE
186. security.provider.5=sun.security.jgss.SunProvider
187. security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider
188.
189. [WebService Client端配置]
190. 1,Encrypt模式的Client是在客户端用david的公钥加密Soap里面的usernameToken,然后发送到Web服务,Web服务用david的私钥来验证。这种模式需要客户端预先知道服务器端的公钥。
191.
192. 在Encrypt模式中,需要这样配置ClientHandler:
193. Service serviceModel = new ObjectServiceFactory().create(BookServiceWSS4JEnc.class);
194. XFireProxyFactory factory = new XFireProxyFactory(getXFire());
195.
196. BookService service = (BookService) factory.create(serviceModel, "xfire.local://BookServiceWSS4JEnc");
197.
198. Client client = ((XFireProxy) Proxy.getInvocationHandler(service)).getClient();
199. //挂上WSS4JOutHandler,提供认证
200. client.addOutHandler(new DOMOutHandler());
201. Properties properties = new Properties();
202. configureOutProperties(properties);
203. client.addOutHandler(new WSS4JOutHandler(properties));
204.
205. List list = service.getAllCategorys(); configureOutProperties函数负责指定Client使用何种安全策略,没错,使用 outsecurity_enc.properties,这个properties是跟Server端的 insecurity_enc.properties一起使用的。
206. protected void configureOutProperties(Properties config) {
207. config.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
208. config.setProperty(WSHandlerConstants.USER, "david");
209. //config.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName());
210. //Configuration of public key used to encrypt message goes to properties file.
211. config.setProperty(WSHandlerConstants.ENC_PROP_FILE,
212. "org/springside/bookstore/plugins/xfire/outsecurity_enc.properties");
213. }
214.
215. outsecurity_enc.properties:
216. org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
217. org.apache.ws.security.crypto.merlin.keystore.type=jks
218. org.apache.ws.security.crypto.merlin.keystore.password=SpringSide
219. org.apache.ws.security.crypto.merlin.keystore.alias=david
220. org.apache.ws.security.crypto.merlin.file=org/springside/bookstore/plugins/xfire/wss4j/springside_public.jks
221.
222. 2, Sign模式的Client同样也是很简单,这种模式是Client端用自己的私钥为usernameToken签名,服务器端用Client的公钥来验证签名,因此,服务器端需要预先知道客户端的公钥。
223. 对应于Encrypt模式,这里的configureOutProperties需要这样来配置:
224. protected void configureOutProperties(Properties properties) {
225. properties.setProperty(WSHandlerConstants.ACTION,WSHandlerConstants.SIGNATURE);
226. // User in keystore
227. properties.setProperty(WSHandlerConstants.USER, "david");
228. // This callback is used to specify password for given user for keystore
229. properties.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, PasswordHandler.class.getName());
230. // Configuration for accessing private key in keystore
231. properties.setProperty(WSHandlerConstants.SIG_PROP_FILE,"org/springside/bookstore/plugins/xfire/outsecurity_sign.properties");
232. properties.setProperty(WSHandlerConstants.SIG_KEY_ID,"IssuerSerial");
233. }
234.
235.
236. outsecurity_sign.properties:
237. org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
238. org.apache.ws.security.crypto.merlin.keystore.type=jks
239. org.apache.ws.security.crypto.merlin.keystore.password=SpringSide
240. org.apache.ws.security.crypto.merlin.alias.password=SpringSide
241. org.apache.ws.security.crypto.merlin.keystore.alias=david
242. org.apache.ws.security.crypto.merlin.file=org/springside/bookstore/plugins/xfire/wss4j/springside_private.jks
分享到:
发表评论
-
MyEclipse 8.5 开发环境配置,汉化,Aptana2.0插件,SVN 插件,Flex Builder 3/4 插件安装
2010-07-17 11:42 1393MyEclipse 8.5 开发环境配 ... -
Spring在SERVICE层(业务层)配置事务
2010-06-04 14:21 2824版本:spring2+hibernate3+struts2 ... -
jbpm4.3的hellworld与spring集成
2010-06-02 14:56 2551我遇到的问题,注意看 ... -
java实现语音功能 调用speech.dll
2010-06-02 14:55 2096请下载源码,可直接运行: main方法在com\zms\tes ... -
jxl-处理excel的实际例子
2010-06-02 14:48 1206import java.io.*; import jxl.*; ... -
全面挖掘Java Excel API 使用方法
2010-06-02 14:46 1567Workbook类提供的方法 ... -
存储过程的创建和使用
2010-06-02 14:44 2944一。存储过程的创建和使用 1.创建程序包,并在程序中创建存储 ... -
Java相对路径/绝对路径总结
2010-06-02 14:42 1489Java相对路径/绝对路径总结 归纳一些网上取JAVA路径 ... -
FCK编辑器使用手册
2010-06-02 14:41 4125FCK编辑器使用手册2009-03 ... -
Spring中使用CXF java的webservice
2010-06-02 14:39 1924Spring中使用CXF 关键字: cxf spring we ... -
java条形码 maskbarcode 去广告版
2010-06-02 14:36 1796maskbarcodeByUpdate.jar是maskbar ... -
dom4j 和jdom的使用用法及jar包下载
2010-06-02 13:10 44400提供dom4j.jar、jdom.jar、jaxen-1.1. ... -
事务杂记-hibernate的spring注释事务等(转载)
2010-05-18 22:16 1822Isolation Level(事务隔离等级) 1、Seria ... -
JPA使用指南 javax.persistence的注解配置
2010-05-05 19:39 45561JPA注解持久化类很方便 ... -
JPA使用指南 javax.persistence的注解配置
2010-05-05 17:31 0http://japankn.iteye.com/blog/5 ... -
网站加入Google搜索功能 嵌入Google搜索
2010-05-02 22:35 4013给自己的网站加一个搜索功能很简单,代码如下: 欢迎访问我的博客 ... -
Google地图API 在网站上嵌入谷歌地图API
2010-05-02 18:45 3883Google的地图API很完善,用起来也不复杂。我通过Ja ...
相关推荐
Spring+xFire+wss4j配置Helloworld完整Demo.rar
XFire中实现WS-Security完整编 Spring+xFire+wss4j配置Helloworld实例 完整说明文档 Myeclipse项目 服务端工程 客户端工程
spring+xfire( 编写webservice完整配置+案例)
spring+xfire集成解决方案spring+xfire集成解决方案
xfire+spring+安全认证,包含服务端和客户端,xfire jar包可以从我的资源下面下或网上很多。
spring +xfire整合 1. xfire + spring 发布webservice 2. 利用 javascript 调用发布的webservice
Spring+xFire实现webService
Spring+xfire实现WebService
李君老师JavaEE笔记-Spring+XFire
Spring+Hibernate+Xfire+发布WebService教程文档
webservice+spring+xfire完整项目(包含jar包),只要导入myeclipse就可以直接使用,已经导入所需的所有jar包了
网上资料大多是只有spring+xfire 含有Hibernate的少 3.配置时候还遇到spring实现 客户端调用服务器端时候 注入失败 4.在服务器端向客户端做映射的时候失败 5.在服务器端获取非基本类转化问题
许多的相关示例根本不能运行,这个示例不单能直接运行,而且还有教程,见 http://blog.csdn.net/guosydragon/archive/2010/05/01/5549076.aspx及相关章节
实现 xFire与 Spring 的集成
xfire+spring+webservice+client xfire+spring+webservice+client xfire+spring+webservice+client
xfire+spring+webservice xfire+spring+webservice xfire+spring+webservice xfire+spring+webservice
spring3.1+xfire1.26 全注解
一个webservice实例,有自定义对象,数组的传输
NULL 博文链接:https://zhaoshijie.iteye.com/blog/1711466
Spring2.5+Hibernate3.0+Xfire1.2.6 实例代码演示文档