CXF Client Security

后端 未结 4 2134
一整个雨季
一整个雨季 2021-02-15 15:23

I am creating a client to a Java soap web service, but am having trouble figuring out how to properly pass the password. Here is my \"hardcoded\" password exam

4条回答
  •  北荒
    北荒 (楼主)
    2021-02-15 16:18

    I have always used following way of adding properties to request context for http level authentication and CallbackHandler for adding message level username token.

    org.apache.cxf.endpoint.Client client = ClientProxy.getClient(obj);
    org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
    
    
    System.out.println("initialize security for user " + this.username);
    outProps.put(WSHandlerConstants.USER, this.username);
    outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
    
    Map requestContext = ((BindingProvider) obj).getRequestContext();
    
    
    //For message level authentication
    requestContext.put("ws-security.username", "Ron");
    requestContext.put("ws-security.callback-handler", "com.ws.cxf.client.callback.UTPasswordCallback");
    
    //For endpoint level authentication, HTTP Basic/Digest
    requestContext.put(BindingProvider.USERNAME_PROPERTY, username);
    requestContext.put(BindingProvider.PASSWORD_PROPERTY, password);
    
    
    
    
    class UTPasswordCallback implements CallbackHandler {
    
    @Override
    public void handle(Callback[] callbacks) throws IOException,
            UnsupportedCallbackException {
    
    
        for(Callback cb:callbacks){
            WSPasswordCallback pcallback = (WSPasswordCallback)cb;
             if(pcallback.getUsage()==WSPasswordCallback.USERNAME_TOKEN)
            {
    
                if(pcallback.getIdentifier().equals("Ron"))
                    pcallback.setPassword("noR");
    
            }
    
            }
    
    
        }
    
    }
    

提交回复
热议问题