One of the common way to handle authentication in JAX-WS is client provides “username” and “password”, attached it in SOAP request header and send to server, server parse the SOAP document and retrieve the provided “username” and “password” from request header and do validation from database, or whatever method prefer.
In this article, we show you how to implement the above “application level authentication in JAX-WS“.
Ideas…
On the web service client site, just put your “username” and “password” into request header.
Map<String, Object> req_ctx = ((BindingProvider)port).getRequestContext();
req_ctx.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, WS_URL);
Map<String, List<String>> headers = new HashMap<String, List<String>>();
headers.put("Username", Collections.singletonList("mkyong"));
headers.put("Password", Collections.singletonList("password"));
req_ctx.put(MessageContext.HTTP_REQUEST_HEADERS, headers);
On the web service server site, get the request header parameters via WebServiceContext.
@Resource
WebServiceContext wsctx;
@Override
public String method() {
MessageContext mctx = wsctx.getMessageContext();
//get detail from request headers
Map http_headers = (Map) mctx.get(MessageContext.HTTP_REQUEST_HEADERS);
List userList = (List) http_headers.get("Username");
List passList = (List) http_headers.get("Password");
//...
That’s all, now, your deployed JAX-WS is supported application level authentication.
Authentication with JAX-WS Example
See a complete example.
1. WebService Server
Create a simple JAX-WS hello world example to handle the authentication in application level.
File : HelloWorld.java
package com.mkyong.ws;
import javax.jws.WebMethod;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
import javax.jws.soap.SOAPBinding.Style;
//Service Endpoint Interface
@WebService
@SOAPBinding(style = Style.RPC)
public interface HelloWorld{
@WebMethod String getHelloWorldAsString();
}
HelloWorldImpl.java
package com.mkyong.ws;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.jws.WebService;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.handler.MessageContext;
//Service Implementation Bean
@WebService(endpointInterface = "com.mkyong.ws.HelloWorld")
public class HelloWorldImpl implements HelloWorld{
@Resource
WebServiceContext wsctx;
@Override
public String getHelloWorldAsString() {
MessageContext mctx = wsctx.getMessageContext();
//get detail from request headers
Map http_headers = (Map) mctx.get(MessageContext.HTTP_REQUEST_HEADERS);
List userList = (List) http_headers.get("Username");
List passList = (List) http_headers.get("Password");
String username = "";
String password = "";
if(userList!=null){
//get username
username = userList.get(0).toString();
}
if(passList!=null){
//get password
password = passList.get(0).toString();
}
//Should validate username and password with database
if (username.equals("mkyong") && password.equals("password")){
return "Hello World JAX-WS - Valid User!";
}else{
return "Unknown User!";
}
}
}
2. EndPoint Publisher
Create an endpoint publisher to deploy above web service at this URL : “http://localhost:9999/ws/hello”
File : HelloWorldPublisher.java
package com.mkyong.endpoint;
import javax.xml.ws.Endpoint;
import com.mkyong.ws.HelloWorldImpl;
//Endpoint publisher
public class HelloWorldPublisher{
public static void main(String[] args) {
Endpoint.publish("http://localhost:9999/ws/hello", new HelloWorldImpl());
}
}
3. WebService Client
Create a web service client to send “username” and “password” for authentication.
File : HelloWorldClient.java
package com.mkyong.client;
import java.net.URL;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;
import javax.xml.ws.handler.MessageContext;
import com.mkyong.ws.HelloWorld;
public class HelloWorldClient{
private static final String WS_URL = "http://localhost:9999/ws/hello?wsdl";
public static void main(String[] args) throws Exception {
URL url = new URL(WS_URL);
QName qname = new QName("http://ws.mkyong.com/", "HelloWorldImplService");
Service service = Service.create(url, qname);
HelloWorld hello = service.getPort(HelloWorld.class);
/*******************UserName & Password ******************************/
Map<String, Object> req_ctx = ((BindingProvider)hello).getRequestContext();
req_ctx.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, WS_URL);
Map<String, List<String>> headers = new HashMap<String, List<String>>();
headers.put("Username", Collections.singletonList("mkyong"));
headers.put("Password", Collections.singletonList("password"));
req_ctx.put(MessageContext.HTTP_REQUEST_HEADERS, headers);
/**********************************************************************/
System.out.println(hello.getHelloWorldAsString());
}
}
Output
Hello World JAX-WS - Valid User!
4. Tracing SOAP Traffic
From top to bottom, showing how SOAP envelope flows between client and server.
1. Client send request, the username “mkyong” and password “password” are included in the SOAP envelope.
POST /ws/hello?wsdl HTTP/1.1
Password: password
Username: mkyong
SOAPAction: ""
Accept: text/xml, multipart/related, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Content-Type: text/xml; charset=utf-8
User-Agent: Java/1.6.0_13
Host: localhost:8888
Connection: keep-alive
Content-Length: 178
<?xml version="1.0" ?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<ns2:getHelloWorldAsString xmlns:ns2="http://ws.mkyong.com/"/>
</S:Body>
</S:Envelope>
2. Server send back a normal response.
HTTP/1.1 200 OK
Transfer-encoding: chunked
Content-type: text/xml; charset=utf-8
<?xml version="1.0" ?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<ns2:getHelloWorldAsStringResponse xmlns:ns2="http://ws.mkyong.com/">
<return>Hello World JAX-WS - Valid User!</return>
</ns2:getHelloWorldAsStringResponse>
</S:Body>
</S:Envelope>
Done.
More:
http://www.mkyong.com/tutorials/jax-ws-tutorials/
分享到:
相关推荐
6. **Web服务**:JBoss 5支持JAX-WS和JAX-RPC,可以方便地创建和消费Web服务。同时,通过JAX-WS 2.0,开发者可以利用注解轻松实现服务的发布和调用。 7. **安全管理**:JBoss 5包含了强大的安全模型,支持JAAS...
- **WS-I Basic Profile 1.2**:确保Web服务互操作性。 - **Security**:增加了JAAS 1.0和JACC 1.0支持,以及Apusic的安全扩展。 - **JSF支持**:Apusic提供了Ajax支持、布局控件和UI组件。 - **Portal支持**:...
- **Java API for XML Web Services (JAX-WS)**:构建和访问Web服务。 - **Java Architecture for XML Binding (JAXB)**:将XML数据绑定到Java对象。 - **SOAP with Attachments API for Java (SAAJ)**:处理SOAP...
理解WSDL(Web Services Description Language)和UDDI(Universal Description, Discovery, and Integration)的概念,以及如何使用JAX-WS和JAX-RS来创建和消费服务,对于实现跨系统的集成非常有用。 6. **安全...
1.2.1. Working with an application context 1.2.2. A bean’s life 1.3. Surveying the Spring landscape 1.3.1. Spring modules 1.3.2. The Spring portfolio 1.4. What’s new in Spring 1.4.1. What was new in...
JAX-WS(Java API for XML Web Services)和JAX-RS(Java API for RESTful Web Services)用于创建和消费Web服务。 **总结** J2EE是一个功能丰富的平台,涵盖了企业级应用开发的多个方面。理解并掌握J2EE的各项...
3. **Web服务**:讲解如何在JBoss AS 5上实现WS-*规范,如SOAP、WSDL和UDDI,以及如何使用JAX-WS和JAX-RPC进行Web服务开发。 4. **EJB 3.0**:深入剖析Enterprise JavaBeans 3.0,包括无状态会话bean、有状态会话...
5. **Web服务**:通过JAX-WS和JAX-RS,Java EE支持创建和消费SOAP和RESTful Web服务,促进了不同系统间的互操作性。 6. **消息传递**:JMS(Java Message Service)允许应用程序通过消息队列进行异步通信,提高了...
J2EE允许与其他系统集成,如通过JCA(Java Connector Architecture)与非Java系统连接,或通过WS-I(Web Services Interoperability)确保跨平台的Web服务互操作性。 ### 8. 微服务架构 随着微服务趋势的发展,...
9. **Web服务**:JavaEE支持创建和消费Web服务,通过JAX-WS(Java API for XML Web Services)和JAX-RS(Java API for RESTful Web Services)来实现SOAP和RESTful风格的服务。 10. **安全**:JavaEE提供了多种安全...
6. **Web服务**:学习创建和使用SOAP或RESTful Web服务,以及如何利用JAX-WS和JAX-RS实现。 7. **Java Message Service (JMS)**:理解消息队列的概念,以及如何通过JMS实现异步通信。 8. **JNDI(Java Naming and ...
JAX-WS(Java API for XML Web Services)和JAX-RS(Java API for RESTful Web Services)是J2EE中处理Web服务的主要规范。 **8. 集成与互操作性** J2EE支持多种集成技术,如JCA(Java Connector Architecture)...
Java API for XML Processing (JAX-WS) 和Java API for RESTful Web Services (JAX-RS) 是J2EE中的关键工具,用于创建和消费Web服务。 8. **性能和可扩展性** J2EE通过负载均衡、集群和缓存策略来确保高性能和可...
Web Services and JAX-WS 871 Chapter 11: Scripting, Compiling, and Annotation Processing 883 Scripting for the Java Platform 884 The Compiler API 895 Using Annotations 905 Annotation Syntax ...
4. **Web服务**:通过JAX-WS实现Web服务,支持WSDL(Web Services Description Language)和SOAP(Simple Object Access Protocol)。 5. **安全管理**:基于JAAS(Java Authentication and Authorization Service...
6. **Web服务API**:支持WSDL(Web Services Description Language)、SOAP(Simple Object Access Protocol)和JAX-WS(Java API for XML Web Services),使得WebLogic Server能够创建、消费和管理Web服务。...
- **JAX-WS**:Java API for XML Web Services,用于创建和消费SOAP Web服务。 8. **容器与部署** - **应用服务器**:如Tomcat、WebLogic、JBoss等,它们提供运行J2EE应用所需的环境。 - **WAR(Web Application...
- **Java API for XML Web Services (JAX-WS)**:用于开发和部署Web服务的标准API。 #### 四、多层架构 J2EE支持多种架构模式,其中最常见的多层架构包括: - **表示层(Presentation Layer)**:负责用户界面的显示...
Binding JAX-WS 2.x Endpoints to Jetty Contexts Java Management Extensions (JMX) 配置JMX教程 处理JVM NIO Bug Rewrite模块 Inversion of Control and Dependency Injection Frameworks Jetty XML IOC 如何使用...