小男孩‘自慰网亚洲一区二区,亚洲一级在线播放毛片,亚洲中文字幕av每天更新,黄aⅴ永久免费无码,91成人午夜在线精品,色网站免费在线观看,亚洲欧洲wwwww在线观看

搜索
分享

XFire中實(shí)現(xiàn)WS-Security完整編

 liwp_Stephen 2008-09-19

XFire中實(shí)現(xiàn)WS-Security完整編

在1.1中已經(jīng)支持ws-security了。XFire通過wss4j提供ws-security支持。

一、 前提條件:

前提條件要安裝Unlimited Strength Jurisdiction Policy(可以在http://java./j2se/1.5.0/download.jsphttp://java./j2se/1.4.2/download.html下載)和Bouncy Castle(來自http://BouncyCastle.org)。否則會(huì)出現(xiàn)無效算法(algorithm)或Key大小(KeySize)

為了能支持WS-Security必須添加兩個(gè)Handler:inhandlers、outhandlers。

以下必須添加到inHandlers

1、 org.codehaus.xfire.security.wss4j.WSS4JInHandler:執(zhí)行WS-Security相關(guān)的函數(shù);
2、 org.codehaus.xfire.util.dom.DOMInHandler:為WS-Security從StAX轉(zhuǎn)換成DOM格式。

注:DOMInHandler必須引入Xalan 2.7.0,XFire默認(rèn)沒有引入(下載地址為:http://www./dyn/closer.cgi/xml/xalan-j)。

以下添加到outHandlers:

1、 org.codehaus.xfire.security.wss4j.WSS4JOutHandler:執(zhí)行WS-Security相關(guān)的函數(shù);
2、 org.codehaus.xfire.util.dom.DOMOutHandler:為WS-Security從StAX轉(zhuǎn)換成DOM格式。

二、 安裝Unlimited Strength Jurisdiction Policy和Bouncy Castle

1、 安裝Unlimited Strength Jurisdiction Policy:把local_policy.jar和US_export_policy.jar兩個(gè)文件拷貝到:C:\j2re1.4.2\lib\security\下;(如果JRE安裝在C:\j2re1.4.2)。

2、 安裝Bouncy Castle:

(1)、把下載的bcprov-jdk14-119.jar文件拷貝到兩個(gè)地方:

一個(gè)在你安裝的JDK目錄中,比如:C:\j2sdk1.4.0-rc\jre\lib\ext。另一個(gè)在你的JDK運(yùn)行環(huán)境中,比如:C:\Program Files\Java\j2re1.4.0-rc\lib\ext;

(2)、還要在對(duì)兩個(gè)java.security進(jìn)行修改:

我的在 C:\j2sdk1.4.0-rc\jre\lib\security\java.security;C:\Program Files\Java\j2re1.4.0-rc\lib\security\java.security;在java.security中加入security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider
三、 創(chuàng)建密鑰:
1、 通過別名和密碼創(chuàng)建私密鑰到keystore:
keytool -genkey -alias ws_security -keypass keypassword -keystore privatestore.jks -storepass keyStorePassword -dname "cn=ws_security" -keyalg RSA

 采用RSA算法進(jìn)行處理。

2、 證書:
keytool -selfcert -alias ws_security -keystore privatestore.jks -storepass keyStorePassword -keypass keypassword
3、 導(dǎo)出公鑰到key.rsa:
keytool -export -alias ws_security -file key.rsa -keystore privatestore.jks -storepass keyStorePassword
4、 導(dǎo)入公鑰到新的keystore中:
keytool -import -alias ws_security  -file key.rsa -keystore publicstore.jks -storepass keyStorePassword
5、 創(chuàng)建insecurity.properties:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword
org.apache.ws.security.crypto.merlin.alias.password=keypassword
org.apache.ws.security.crypto.merlin.keystore.alias=ws_security
org.apache.ws.security.crypto.merlin.file=META-INF/xfire/publicstore.jks
6、 創(chuàng)建outsecurity.properties:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=keyStorePassword
org.apache.ws.security.crypto.merlin.alias.password=keypassword
org.apache.ws.security.crypto.merlin.keystore.alias=ws_security
org.apache.ws.security.crypto.merlin.file=META-INF/xfire/privatestore.jks
7、 把文件insecurity,outsecurity.properties,privatestore.jks和publicstore.jks復(fù)制到META-INF/xfire/下。

有關(guān)keytool的使用說明,請(qǐng)查看以下資料:
http://www./c/11201e.html
http://java./j2se/1.4.2/docs/tooldocs/windows/keytool.html
http://support./en/objectsign/java.cfm
四、 實(shí)例:
1、 創(chuàng)建服務(wù)接口:
package example.services;
public interface BookService

Unknown macro: { public String echo(String msg);}

2、 創(chuàng)建服務(wù)實(shí)現(xiàn)類:

 package example.services; public class BookServiceImpl implements BookService

Unknown macro: {   public String echo(String msg){   return msg;  }

}

3、 配制webservices.xml文件:
 <beans xmlns="http://xfire./config/1.0">
 <service>
  <name>BookServiceSign</name>
<serviceClass>example.services.BookService</serviceClass>
  <implementationClass>
   example.services.BookServiceImpl
  </implementationClass>
  <style>wrapped</style>
  <use>literal</use>
  <scope>application</scope>
  <inHandlers>
   <handler handlerClass="org.codehaus.xfire.util.dom.DOMInHandler" />
   <bean class="org.codehaus.xfire.security.wss4j.WSS4JInHandler" xmlns="">
    <property name="properties">
     <props>
      <prop key="action">Signature</prop>
      <prop key="signaturePropFile">
       META-INF/xfire/insecurity.properties
      </prop>
      <prop key="decryptionPropFile">
       META-INF/xfire/insecurity.properties
      </prop>
      <prop key="passwordCallbackClass">example.ws_security.PasswordHandler
      </prop>
     </props>
    </property>
   </bean>
  </inHandlers>
 </service>
 
 <service>
  <name>BookServiceUsernameToken</name>
<serviceClass>example.services.BookService</serviceClass>
  <implementationClass>
   example.services.BookServiceImpl
  </implementationClass>
  <style>wrapped</style>
  <use>literal</use>
  <scope>application</scope>
  <inHandlers>
   <handler handlerClass="org.codehaus.xfire.util.dom.DOMInHandler" />
   <bean class="org.codehaus.xfire.security.wss4j.WSS4JInHandler" xmlns="">
    <property name="properties">
     <props>
      <prop key="action">UsernameToken</prop>
      <prop key="signaturePropFile">
       META-INF/xfire/insecurity.properties
      </prop>
      <prop key="decryptionPropFile">
       META-INF/xfire/insecurity.properties
      </prop>
      <prop key="passwordCallbackClass">example.ws_security.PasswordHandler
      </prop>
     </props>
    </property>
   </bean>
   </inHandlers>
 </service>
 
 <service>
  <name>BookServiceTimestamp</name>
<serviceClass>example.services.BookService</serviceClass>
  <implementationClass>
   example.services.BookServiceImpl
  </implementationClass>
  <style>wrapped</style>
  <use>literal</use>
  <scope>application</scope>
  <inHandlers>
   <handler  handlerClass="org.codehaus.xfire.util.dom.DOMInHandler" />
   <bean class="org.codehaus.xfire.security.wss4j.WSS4JInHandler" xmlns="">
    <property name="properties">
     <props>
      <prop key="action">Timestamp</prop>
      <prop key="signaturePropFile">
       META-INF/xfire/insecurity.properties
      </prop>
      <prop key="decryptionPropFile">
       META-INF/xfire/insecurity.properties
      </prop>
      <prop key="passwordCallbackClass">example.ws_security.PasswordHandler
      </prop>
     </props>
    </property>
   </bean>
    </inHandlers>
 </service>
 
 <service>
  <name>BookServiceEnc</name><serviceClass>example.services.BookService</serviceClass>
  <implementationClass>
   example.services.BookServiceImpl
  </implementationClass>
  <style>wrapped</style>
  <use>literal</use>
  <scope>application</scope>
  <inHandlers>
   <handler handlerClass="org.codehaus.xfire.util.dom.DOMInHandler" />
   <bean class="org.codehaus.xfire.security.wss4j.WSS4JInHandler" xmlns="">
    <property name="properties">
     <props>
      <prop key="action">Encrypt</prop>
      <prop key="encryptPropFile">
       META-INF/xfire/outsecurity.properties
      </prop>
      <prop key="decryptionPropFile">
       META-INF/xfire/outsecurity.properties
      </prop>
      <prop key="passwordCallbackClass">
       example.ws_security.PasswordHandler
      </prop>
     </props>
    </property>
   </bean>
   </inHandlers>
 </service>
</beans>

4、 創(chuàng)建:
package example.ws_security;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
public class PasswordHandler implements CallbackHandler
{
private Map passwords = new HashMap();
 public PasswordHandler()

Unknown macro: {  passwords.put("ws_security", "keypassword");}

 public void handle(Callback[] callbacks) throws IOException,UnsupportedCallbackException

Unknown macro: {  System.out.println("Handling Password!");   WSPasswordCallback pc = (WSPasswordCallback) callbacks [0];   String id = pc.getIdentifer();   System.out.println("id}

}
5、 客戶端實(shí)現(xiàn):
package example.test;

import java.lang.reflect.Proxy;
import java.net.MalformedURLException;

import org.apache.ws.security.WSConstants;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.codehaus.xfire.client.Client;
import org.codehaus.xfire.client.XFireProxy;
import org.codehaus.xfire.client.XFireProxyFactory;
import org.codehaus.xfire.security.wss4j.WSS4JOutHandler;
import org.codehaus.xfire.service.Service;
import org.codehaus.xfire.service.binding.ObjectServiceFactory;
import org.codehaus.xfire.util.dom.DOMOutHandler;

import example.services.BookService;
import example.ws_security.PasswordHandler;

public class TTTest
{
    private WSS4JOutHandler wsOut;
    private Service service;
    private BookService bookservice;
    private Client client;
    public TTTest(){}
    public void testClientEcr()
  

Unknown macro: {      String serviceName="BookServiceEnc";      String actions=WSHandlerConstants.ENCRYPT;      String SERVICE_URL ="http}

catch (MalformedURLException e) 

Unknown macro: { e.printStackTrace();   }

        wsOut = new WSS4JOutHandler();       
        wsOut.setProperty(WSHandlerConstants.SIG_PROP_FILE, "META-INF/xfire/insecurity.properties");
        wsOut.setProperty(WSHandlerConstants.ENC_PROP_FILE, "META-INF/xfire/insecurity.properties");
        wsOut.setProperty(WSHandlerConstants.USER, "ws_security");
        wsOut.setProperty("password", "keypassword");
        wsOut.setProperty(WSHandlerConstants.PASSWORD_TYPE,WSConstants.PW_TEXT);
        wsOut.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,PasswordHandler.class.getName());
        wsOut.setProperty(WSHandlerConstants.SIG_KEY_ID,"IssuerSerial"); 
        client.addOutHandler(new DOMOutHandler());
        client.addOutHandler(wsOut);
        //client.addInHandler(new DOMInHandler());
        //wsOut.setProperty(WSHandlerConstants.TTL_TIMESTAMP,"30");
        wsOut.setProperty(WSHandlerConstants.ACTION, actions);
        System.out.println(bookservice.echo("Client test msg"+actions));
        client.close();
    }
    public void testClient2(String serviceName,String actions)
    {
     String SERVICE_URL="http://localhost:8080/TT/services/"+serviceName;
     //建議采用此種方式進(jìn)行創(chuàng)建服務(wù)(帶有服務(wù)名,此例為"BookService")
     service=new ObjectServiceFactory().create(BookService.class,serviceName,null,null);
     try
     {
   bookservice=(BookService) new XFireProxyFactory().create(service, SERVICE_URL);
   client = ((XFireProxy) Proxy.getInvocationHandler(bookservice)).getClient();
  }}
 } catch (MalformedURLException e)

Unknown macro: {    e.printStackTrace();}

wsOut = new WSS4JOutHandler();       
        wsOut.setProperty(WSHandlerConstants.SIG_PROP_FILE, "META-INF/xfire/outsecurity.properties");
        wsOut.setProperty(WSHandlerConstants.ENC_PROP_FILE, "META-INF/xfire/outsecurity.properties");
        wsOut.setProperty(WSHandlerConstants.USER, "ws_security");
        wsOut.setProperty("password", "keypassword");
        wsOut.setProperty(WSHandlerConstants.PASSWORD_TYPE,WSConstants.PW_TEXT);
        wsOut.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,PasswordHandler.class.getName());
        wsOut.setProperty(WSHandlerConstants.SIG_KEY_ID,"IssuerSerial");
        client.addOutHandler(new DOMOutHandler());
        client.addOutHandler(wsOut);
        //client.addInHandler(new DOMInHandler());
        //wsOut.setProperty(WSHandlerConstants.TTL_TIMESTAMP,"30");
        wsOut.setProperty(WSHandlerConstants.ACTION, actions);
        System.out.println(bookservice.echo("Client test msg "+actions));
        client.close();
    }
    public static void main(String [] args)

Unknown macro: {     TTTest tt=new TTTest();      tt.testClientEcr();      tt.testClient2("BookServiceSign", WSHandlerConstants.SIGNATURE);      tt.testClient2("BookServiceUsernameToken", WSHandlerConstants.USERNAME_TOKEN);      tt.testClient2("BookServiceTimestamp", WSHandlerConstants.TIMESTAMP);}

}

    本站是提供個(gè)人知識(shí)管理的網(wǎng)絡(luò)存儲(chǔ)空間,所有內(nèi)容均由用戶發(fā)布,不代表本站觀點(diǎn)。請(qǐng)注意甄別內(nèi)容中的聯(lián)系方式、誘導(dǎo)購(gòu)買等信息,謹(jǐn)防詐騙。如發(fā)現(xiàn)有害或侵權(quán)內(nèi)容,請(qǐng)點(diǎn)擊一鍵舉報(bào)。
    轉(zhuǎn)藏 分享 獻(xiàn)花(0

    0條評(píng)論

    發(fā)表

    請(qǐng)遵守用戶 評(píng)論公約

    類似文章 更多