在Mule流中使用具有安全性的SOAP Web服务

时间:2016-10-25 09:35:00

标签: java spring soap mule cxf

我正在尝试使用需要使用Mule中的CXF进行安全性的SOAP Web服务。我有它的工作,但我需要将密码放在配置文件中。我找不到如何将密码从配置传递给flow / callback类。我的流程如下:

<cxf:jaxws-client 
    clientClass="za.co.iam.service.identitymanager.intf._1.IdentityManager_Service"
    port="IdentityManager"
    wsdlLocation="classpath:/wsdl/IdentityManager.wsdl"
    operation="CheckUserId" doc:name="CXF">
    <cxf:ws-security>
        <cxf:ws-config>
            <cxf:property key="action" value="UsernameToken Timestamp"/>
            <cxf:property key="user" value="${security.username}"/>
            <cxf:property key="passwordType" value="PasswordText"/> 
            <cxf:property key="passwordCallbackClass" value="za.co.iam.IamPasswordCallback"/>
        </cxf:ws-config>
    </cxf:ws-security>
</cxf:jaxws-client>
<outbound-endpoint address="${iam.webservice}" doc:name="Generic"/>

IamPasswordCallback类:

public class IamPasswordCallback implements CallbackHandler {
  public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
  {
     WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
     pc.setPassword("********");
  }
}

这很好用,但我也需要将密码放入配置文件中。我通常这样做的方法是从IamPasswordCallback创建一个bean并在流中设置值并使用bean作为CXF设置上的回调处理程序,但我不知道该配置应该是什么样的喜欢。另一种方法是在IamPasswordCallback类中加载属性文件,但我认为不建议这样做。

1 个答案:

答案 0 :(得分:1)

如果您使用的是新的wsconsumer组件,则可以直接从配置文件中提供用户和密码。

<ws:consumer-config name="Web_Service_Consumer" wsdlLocation="test.wsdl" service="testService" port="test" serviceAddress="${url.endpoint}" doc:name="Web Service Consumer" connectorConfig="HTTP_Request_Config">
    <ws:security>
        <ws:wss-username-token username="${user}" password="${password}" passwordType="TEXT"/>
    </ws:security>
</ws:consumer-config>

如果你必须坚持使用CXF,那么你可以使用如下的spring bean定义:

在您的全球元素中,

<spring:bean id="WSSCallback" name="WSSCallback" class="test.ClientCallback">
    <spring:property name="SoapPassword" value="${password}"/>
</spring:bean>

在回调类中使用以下或类似的代码:

public class ClientCallback implements CallbackHandler {
    private String SoapPassword;
    public String getSoapPassword() {
        return SoapPassword;
    }
    public void setSoapPassword(String soapPassword) {
        SoapPassword = soapPassword;
    }
    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
        WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];

        // set the password for our message.
        pc.setPassword(SoapPassword);
    }
}

现在你的cxf-client有以下配置:

   <cxf:jaxws-client enableMuleSoapHeaders="false" doc:name="SOAP" clientClass="client.class" operation="testop" port="testport" wsdlLocation="test.wsdl"> 
    <cxf:ws-security> 
        <cxf:ws-config> 
            <cxf:property key="action" value="UsernameToken"></cxf:property>  
            <cxf:property key="user" value="${user.name}"></cxf:property>  
            <cxf:property key="passwordType" value="PasswordText"></cxf:property>  
            <cxf:property key="passwordCallbackRef" value-ref="WSSCallback"></cxf:property>  
        </cxf:ws-config>  
    </cxf:ws-security>              
</cxf:jaxws-client>
相关问题
最新问题