CXF Client Security

后端未结

关注

 4  2132

一整个雨季 2021-02-15 15:23

I am creating a client to a Java soap web service, but am having trouble figuring out how to properly pass the password. Here is my \"hardcoded\" password exam

4条回答

忘了有多久 (楼主)

2021-02-15 16:13

Your ClientPasswordCallback class may be like that, with his own pwd field and the associated setter:

class ClientPasswordCallback implements CallbackHandler {

    private String pwd;

    public void setPassword(String pwd) {
        passwd = pwd;
    }

    @Override
    public void handle(Callback[] callbacks) {
        WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
        pc.setPassword(pwd);
    }
}

Then you can instanciate it in your test, set its password and use PW_CALLBACK_REF key to add it to the outProps map:

@Test
public void exploratorySecurityTest() {
    String username = "user";
    String password = "pwd";

    // ...

    outProps.put(PASSWORD_TYPE, WSConstants.PW_TEXT);
    ClientPasswordCallback handler = new ClientPasswordCallback();
    handler.setPassword(passwd);
    outProps.put(PW_CALLBACK_REF, handler);
    WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);

    // ...
}

0 讨论(0)

查看其它4个回答