论坛首页 Java企业应用论坛

cxf配置方式实现日志和https请求

浏览 3325 次
精华帖 (0) :: 良好帖 (0) :: 新手帖 (0) :: 隐藏帖 (0)
作者 正文
   发表时间:2012-04-21  
这篇博客介绍一下怎么通过配置方式配置https和cxf的日志功能

这部分用编码方式也是可以实现的,但是就存在代码重复的问题,用配置方式会比较好

1、打开日志功能

用编码方式,打开日志功能是这样的:
<jaxws:client id="client" serviceClass="xxx.xxx.xxx" address="${webservice_address}" />

WebserviceInterface client = (WebserviceInterface)ApplicationContext.getBean("client");
		Client proxy = ClientProxy.getClient(client);
		proxy.getInInterceptors().add(new LoggingInInterceptor());
		proxy.getOutInterceptors().add(new LoggingOutInterceptor());

可以用配置文件的方式来做:
<jaxws:client id="client" serviceClass="xxx.xxx.xxx" address="${webservice_address}">
		<jaxws:outInterceptors>
			<bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
		</jaxws:outInterceptors>
		<jaxws:inInterceptors>
			<bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
		</jaxws:inInterceptors>
	</jaxws:client>


这样就可以把web service请求和响应的日志打出来了

形如:

信息: Outbound Message
---------------------------
ID: 1
Address: https://www.remedy-dummy.com:443/remedy/webservice/RemedySA
Encoding: UTF-8
Content-Type: text/xml
Headers: {SOAPAction=["http://cz.o2.com/systems/integrationinfrastructure/CIP-B2B/CIP-B2B_ServiceAssuranceWorkForceClientManagement/1.0/acknowledge"], Accept=[*/*]}
Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:AcknowledgeRequest xmlns="http://cz.o2.com/cip/svc/IntegrationMessage-2.0" xmlns:ns2="http://cz.o2.com/systems/integrationinfrastructure/CIP-B2B/CIP-B2B_ServiceAssuranceWorkForceClientManagement/1.0"><ns2:requestBody><ns2:messageType>wolegequ</ns2:messageType><ns2:correlationId>0</ns2:correlationId></ns2:requestBody></ns2:AcknowledgeRequest></soap:Body></soap:Envelope>
--------------------------------------

上面的Outbound Message,是发出去的消息,对于客户端来说,是发出去的请求;对于服务端来说,是发出去的响应

信息: Inbound Message
----------------------------
ID: 1
Encoding: UTF-8
Content-Type: text/xml;charset=UTF-8
Headers: {content-type=[text/xml;charset=UTF-8], Date=[Fri, 20 Apr 2012 15:25:11 GMT], Content-Length=[478], X-Powered-By=[Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0], Server=[Apache-Coyote/1.1]}
Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:AcknowledgeResponse xmlns="http://cz.o2.com/cip/svc/IntegrationMessage-2.0" xmlns:ns2="http://cz.o2.com/systems/integrationinfrastructure/CIP-B2B/CIP-B2B_ServiceAssuranceWorkForceClientManagement/1.0"><ns2:responseBody><ns2:status>true</ns2:status><ns2:errorDescription>call acknowledge() success</ns2:errorDescription></ns2:responseBody></ns2:AcknowledgeResponse></soap:Body></soap:Envelope>
--------------------------------------

上面的Inbound Message,是收到的消息,对于客户端来说,是收到的响应;对于服务端来说,是收到的请求

ID是成对出现的,一个请求必有一个响应
Address只有请求的Outbound才有,表示发送的地址,也就是web service的endpoint
Headers是http请求头或响应头
Payload是日志的关键,其中就是soap正文的内容

2、发送https请求

用编码方式也可以实现:
WebserviceInterface client = (WebserviceInterface) ApplicationContext
				.getBean("client");
		Client proxy = ClientProxy.getClient(client);

		HTTPConduit conduit = (HTTPConduit) proxy.getConduit();

		TLSClientParameters tlsParams = conduit.getTlsClientParameters();
		tlsParams.setKeyManagers();
		tlsParams.setTrustManagers();
		tlsParams.setDisableCNCheck(true);
		tlsParams.setSecureSocketProtocol("SSL");
		
		conduit.setTlsClientParameters(tlsParams);

同样可以通过配置文件的方式来做:
<http:conduit name="*.http-conduit">

		<http:tlsClientParameters disableCNCheck="true"
			secureSocketProtocol="SSL">

			<!-- 对方的证书 -->
			<sec:trustManagers>
				<sec:keyStore type="JKS" password="changeit"
					file="trust.keystore" />
			</sec:trustManagers>

			<!-- 己方的证书 -->
			<sec:keyManagers keyPassword="changeit">
				<sec:keyStore type="JKS" password="changeit"
					file="self.keystore" />
			</sec:keyManagers>

			<sec:cipherSuitesFilter>
				<sec:include>.*_EXPORT_.*</sec:include>
				<sec:include>.*_EXPORT1024_.*</sec:include>
				<sec:include>.*_WITH_DES_.*</sec:include>
				<sec:include>.*_WITH_NULL_.*</sec:include>
				<sec:exclude>.*_DH_anon_.*</sec:exclude>
			</sec:cipherSuitesFilter>

		</http:tlsClientParameters>

	</http:conduit>

用配置文件的方式,可以节省很多重复代码

关于https和证书的问题,在另外一篇博客里介绍
   发表时间:2012-04-24  
证书这个应该可以用wss4j做吧
0 请登录后投票
   发表时间:2012-04-24  
可以的,我之前做过类似的demo
0 请登录后投票
论坛首页 Java企业应用版

跳转论坛:
Global site tag (gtag.js) - Google Analytics