Axis 1.4 Ws 4 j UsernameTokenに基づくセキュリティ検証

9529 ワード

以下のwsdlファイルを利用してクライアントとサービス端末コードを生成する：

<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions targetNamespace="http://localhost:8080/axis/services/stock-wss-01" xmlns:apachesoap="http://xml.apache.org/xml-soap" xmlns:impl="http://localhost:8080/axis/services/stock-wss-01" xmlns:intf="http://localhost:8080/axis/services/stock-wss-01" xmlns:tns1="http://stock.samples" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<!--WSDL created by Apache Axis version: 1.4
Built on Apr 22, 2006 (06:55:48 PDT)-->
 <wsdl:types>
  <schema elementFormDefault="qualified" targetNamespace="http://stock.samples" xmlns="http://www.w3.org/2001/XMLSchema">
   <element name="symbol" type="xsd:string"/>
  </schema>
  <schema elementFormDefault="qualified" targetNamespace="http://localhost:8080/axis/services/stock-wss-01" xmlns="http://www.w3.org/2001/XMLSchema">
   <element name="getQuoteReturn" type="xsd:float"/>
  </schema>

 </wsdl:types>

   <wsdl:message name="getQuoteResponse">

      <wsdl:part element="impl:getQuoteReturn" name="getQuoteReturn"/>

   </wsdl:message>

   <wsdl:message name="getQuoteRequest">

      <wsdl:part element="tns1:symbol" name="symbol"/>

   </wsdl:message>

   <wsdl:portType name="StockQuoteService">

      <wsdl:operation name="getQuote" parameterOrder="symbol">

         <wsdl:input message="impl:getQuoteRequest" name="getQuoteRequest"/>

         <wsdl:output message="impl:getQuoteResponse" name="getQuoteResponse"/>

      </wsdl:operation>

   </wsdl:portType>

   <wsdl:binding name="stock-wss-01SoapBinding" type="impl:StockQuoteService">

      <wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>

      <wsdl:operation name="getQuote">

         <wsdlsoap:operation soapAction=""/>

         <wsdl:input name="getQuoteRequest">

            <wsdlsoap:body use="literal"/>

         </wsdl:input>

         <wsdl:output name="getQuoteResponse">

            <wsdlsoap:body use="literal"/>

         </wsdl:output>

      </wsdl:operation>

   </wsdl:binding>

   <wsdl:service name="StockQuoteServiceService">

      <wsdl:port binding="impl:stock-wss-01SoapBinding" name="stock-wss-01">

         <wsdlsoap:address location="http://localhost:8080/axis/services/stock-wss-01"/>

      </wsdl:port>

   </wsdl:service>

</wsdl:definitions>

サービスとクライアントのニーズは、このCallbackHandlerの実装クラスがあります。

package samples.stock.client.usernametoken;

import java.io.IOException;

import javax.security.auth.callback.Callback;

import javax.security.auth.callback.CallbackHandler;

import javax.security.auth.callback.UnsupportedCallbackException;

import org.apache.ws.security.WSPasswordCallback;

/**
 * 
 * PWCallback for the Client
 */

public class PWCallback implements CallbackHandler {

    /**
     * 
     * @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
     */

    public void handle(Callback[] callbacks) throws IOException,

    UnsupportedCallbackException {

        for (int i = 0; i < callbacks.length; i++) {

            if (callbacks[i] instanceof WSPasswordCallback) {

                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];

                // set the password given a username

                if ("wss4j".equals(pc.getIdentifier())) {

                    pc.setPassword("security");

                }

            } else {

                throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");

            }

        }

    }

}

/**
 * 
 */
package samples.stock.client.usernametoken;

import java.net.URL;
import java.rmi.RemoteException;

import javax.xml.rpc.ServiceException;

import org.apache.axis.EngineConfiguration;
import org.apache.axis.configuration.FileProvider;

import samples.stock.StockQuoteService;
import samples.stock.StockQuoteServiceService;
import samples.stock.StockQuoteServiceServiceLocator;

/**
 * @author linzq
 * 
 * 
 */
public class StockServiceClient {

    public static void main(String[] args) throws ServiceException, RemoteException {
        if (args.length == 0) {

            System.out.println("Usage:
java StockServiceClient [symbol]");
            return;

        }
        
        //    OK,      

        //   client_deploy.wsdd   UsernameToken   
        EngineConfiguration config = new FileProvider("src/samples/stock/client/usernametoken/client_deploy.wsdd");
        StockQuoteServiceService locator = new StockQuoteServiceServiceLocator(config);

        String url = "http://localhost:9999/axis/services/stock-wss-01";
        StockQuoteService service = null;
        try {
            service = locator.getStockWss01(new URL(url));
            float quote = service.getQuote(args[0]);
            System.out.println("stock quote service returned " + args[0] + ": " + quote);
        } catch (Exception e) {
            e.printStackTrace();
        }

    }
}

deploy.wsddファイル構成：

<service name="stock-wss-01" provider="java:RPC" style="document" use="literal">
	<requestFlow>
		<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
			<parameter name="passwordCallbackClass" value="samples.stock.PWCallback"/>
			<parameter name="action" value="UsernameToken"/>
		</handler>
	</requestFlow>
      <parameter name="wsdlTargetNamespace" value="http://localhost:8080/axis/services/stock-wss-01"/>
      <parameter name="wsdlServiceElement" value="StockQuoteServiceService"/>
      <parameter name="schemaQualified" value="http://localhost:8080/axis/services/stock-wss-01,http://stock.samples"/>
      <parameter name="wsdlServicePort" value="stock-wss-01"/>
      <parameter name="className" value="samples.stock.StockWss01SoapBindingImpl"/>
      <parameter name="wsdlPortType" value="StockQuoteService"/>
      <parameter name="typeMappingVersion" value="1.2"/>
      <operation name="getQuote" qname="getQuote" returnQName="retNS:getQuoteReturn" xmlns:retNS="http://localhost:8080/axis/services/stock-wss-01" returnType="rtns:float" xmlns:rtns="http://www.w3.org/2001/XMLSchema" soapAction="" >
        <parameter qname="pns:symbol" xmlns:pns="http://stock.samples" type="tns:string" xmlns:tns="http://www.w3.org/2001/XMLSchema"/>
      </operation>
      <parameter name="allowedMethods" value="getQuote"/>
  </service>

clientdeploy.wsdd

<deployment xmlns="http://xml.apache.org/axis/wsdd/"
            xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
	<transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/>
	<globalConfiguration >
		<requestFlow >
			<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
				<parameter name="action" value="UsernameToken"/>
				<parameter name="user" value="wss4j"/>
				<parameter name="passwordCallbackClass" value="samples.stock.client.usernametoken.PWCallback"/>
				<parameter name="passwordType" value="PasswordDigest"/>
			</handler>
		</requestFlow >
	</globalConfiguration >
</deployment>

画像圧縮処理のいくつかの方法

ネット上の無料の天気予報プラグインのiframeの中の背景色を改正します。