我正在使用Jive 4.5.5.0中的SOAP webservices。我编写了一个没有身份验证的代码。
我的示例程序:
SuppressWarnings("serial")
@WebService(name="Helloworld",portName="HelloworldPort", serviceName = "Helloworld", targetNamespace="http://Helloworld.com/webservices")
@SOAPBinding(style = SOAPBinding.Style.RPC, use= SOAPBinding.Use.LITERAL, parameterStyle= SOAPBinding.ParameterStyle.WRAPPED)
public class Helloworld extends JiveActionSupport {
public String sayHello(@WebParam(name="name")String name) {
return "hello "+name;
}
}
我的spring.xml就像这样
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:dwr="http://www.directwebremoting.org/schema/spring-dwr"
xmlns:cxf="http://cxf.apache.org/core"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd
http://www.directwebremoting.org/schema/spring-dwr http://www.directwebremoting.org/schema/spring-dwr-2.0.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd"
default-autowire="no">
<!-- Alter the default mapping chains, switching formAuthenticationFilter with the federatedIdentityAuthFilter defined below.
This definition uses the federated identity filter for normal app requests and Web Service requests, but leaves
the form mechanism in place for admin and upgrade purposes. The desired behavior will vary depending on
the application. -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/upgrade/**=httpSessionContextIntegrationFilter, upgradeAuthenticationFilter, upgradeExceptionTranslationFilter, jiveAuthenticationTranslationFilter
/post-upgrade/**=httpSessionContextIntegrationFilter, postUpgradeAuthenticationFilter, postUpgradeExceptionTranslationFilter,jiveAuthenticationTranslationFilter
/admin/**=httpSessionContextIntegrationFilter, adminAuthenticationFilter, adminExceptionTranslationFilter,jiveAuthenticationTranslationFilter
/rpc/xmlrpc=wsRequireSSLFilter, httpSessionContextIntegrationFilter, basicAuthenticationFilter, wsExceptionTranslator, jiveAuthenticationTranslationFilter, wsAccessTypeCheckFilter
/rpc/rest/**=wsRequireSSLFilter, httpSessionContextIntegrationFilter, basicAuthenticationFilter, wsExceptionTranslator, jiveAuthenticationTranslationFilter, wsAccessTypeCheckFilter
/rpc/soap/**=wsRequireSSLFilter, httpSessionContextIntegrationFilter, basicAuthenticationFilter, jiveAuthenticationTranslationFilter
/**=httpSessionContextIntegrationFilter, jiveAuthenticationTranslationFilter
</value>
</property>
</bean>
<bean id="hellworldbean" class="com.test.Helloworld">
</bean>
<jaxws:endpoint id="helloworld" address="/soap/sayHelloworld">
<jaxws:implementor>
<ref bean="hellworldbean" />
</jaxws:implementor>
</jaxws:endpoint>
</beans>
我想为它添加身份验证。尽管basicAuthenticationFilter存在于/ rpc / soap / **模式中,但它不要求身份验证。在管理控制台设置中,我已检查了对Web服务中特定用户的访问权限。
此Web服务正常运行,输出正确。但它缺乏授权。
任何人都可以共享一些示例代码,以便在客户端和服务上进行身份验证和授权。