从SOAP标头中检索凭据

时间:2015-01-26 13:26:31

标签: web-services soap jax-ws soapheader soaphandler

这是一个示例SOAP请求,我发送到部署在WAS 8.5中的WS

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="http://xmlns.scania.com/logistics/schema/transport/v1">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-37" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
password
</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<v1:TransportInformationRequest>
         <!--1 or more repetitions:-->
         <v1:ChassisNumber>2105909</v1:ChassisNumber>
      </v1:TransportInformationRequest>
   </soapenv:Body>
</soapenv:Envelope>

我想要的是检索上述请求中发送的用户名和密码。我翻阅了Java EE api,但无法找到正确的方法来做同样的事情。我在 SOAPHandler 中编写了一个痛苦的代码,如下所示:

@Override
    public boolean handleMessage(SOAPMessageContext context) {
        // TODO Auto-generated method stub

        Boolean isOutbound = (Boolean) context
                .get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);

        log.info("In TransportHandler.handleMessage(...) " + isOutbound);

        if (!isOutbound) {

            SOAPMessage soapMsg = context.getMessage();
            SOAPEnvelope soapEnv;
            try {
                soapEnv = soapMsg.getSOAPPart().getEnvelope();
                SOAPHeader soapHeader = soapEnv.getHeader();

                Iterator<SOAPElement> securityHeaderElements = soapHeader
                        .getChildElements(new QName(
                                "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
                                "Security", "wsse"));

                if (securityHeaderElements.hasNext()) {
                    SOAPElement securityHeaderElement = securityHeaderElements
                            .next();
                    log.info("*****securityHeaderElement : "
                            + securityHeaderElement + " type is "
                            + securityHeaderElement.getClass().getName());

                    Iterator<Node> securityHeaderChildren = securityHeaderElement
                            .getChildElements();

                    while (securityHeaderChildren.hasNext()) {

                        Node securityElement = securityHeaderChildren.next();

                        log.info("*****securityElement : "
                                + securityElement.getClass().getName());

                        if (securityElement instanceof com.ibm.ws.webservices.engine.xmlsoap.SOAPElement) {
                            com.ibm.ws.webservices.engine.xmlsoap.SOAPElement securitySOAPElement = (com.ibm.ws.webservices.engine.xmlsoap.SOAPElement) securityElement;

                            log.info("*****securitySOAPElement "
                                    + securitySOAPElement);

                            Iterator<Node> securitySOAPElementChildren = securitySOAPElement
                                    .getChildElements();

                            while (securitySOAPElementChildren.hasNext()) {
                                Node securitySOAPElementChild = securitySOAPElementChildren
                                        .next();

                                log.info("*****securitySOAPElementChild : "
                                        + securitySOAPElementChild);

                                if (securitySOAPElementChild instanceof com.ibm.ws.webservices.engine.xmlsoap.SOAPElement) {
                                    com.ibm.ws.webservices.engine.xmlsoap.SOAPElement securitySOAPChildElement = (com.ibm.ws.webservices.engine.xmlsoap.SOAPElement) securitySOAPElementChild;

                                    log.info("*****securitySOAPChildElement "
                                            + securitySOAPChildElement);
                                }
                            }

                        }
                    }
                }

            } catch (SOAPException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
        }

        log.info("Returning from TransportHandler.handleMessage(...)");

        return true;

    }

获取用户名和密码的有效方法是什么?

0 个答案:

没有答案