广州网站设计专注乐云seo网站制作昆山

web/2025/10/6 11:38:56/文章来源:

广州网站设计专注乐云seo,网站制作昆山,wordpress 过滤html代码,wordpress一键ssl今年的开局很好#xff0c;其中另一个“截止日期不会改变” /“跳过所有繁文tape节” / “狂野西部”类型的项目中#xff0c;我必须弄清楚并使用相对而言实现一些功能。新的库和技术需要进行更改#xff0c;Spring 3并不是新增功能#xff0c;但是在Java 5#xff0c;web… 今年的开局很好其中另一个“截止日期不会改变” /“跳过所有繁文tape节” / “狂野西部”类型的项目中我必须弄清楚并使用相对而言实现一些功能。新的库和技术需要进行更改Spring 3并不是新增功能但是在Java 5weblogic 10.01和Spring 2.5.6缓慢的企业环境中它是相对的。由于一般的时间限制我在这篇文章中没有过多地介绍“ fluff”只是使用多个XSD和LDAP安全性来创建和保护Spring 3Spring WS 2 Web服务。编码服务端点ExampleServiceEndpoint 这是将在后面的配置中使用Web服务公开的类。 package javaitzen.spring.ws;import org.springframework.ws.server.endpoint.annotation.Endpoint; import org.springframework.ws.server.endpoint.annotation.PayloadRoot; import org.springframework.ws.server.endpoint.annotation.RequestPayload; import org.springframework.ws.server.endpoint.annotation.ResponsePayload;import javax.annotation.Resource;Endpoint public class ExampleServiceEndpoint {private static final String NAMESPACE_URI http://www.briandupreez.net;/*** Autowire a POJO to handle the business logicResource(name businessComponent)private ComponentInterface businessComponent;*/public ExampleServiceEndpoint() {System.out.println( javaitzen.spring.ws.ExampleServiceEndpoint loaded.);}PayloadRoot(localPart ProcessExample1Request, namespace NAMESPACE_URI /example1)ResponsePayloadpublic Example1Response processExample1Request(RequestPayload final Example1 request) {System.out.println( process example request1 ran.);return new Example1Response();}PayloadRoot(localPart ProcessExample2Request, namespace NAMESPACE_URI /example2)ResponsePayloadpublic Example2Response processExample2Request(RequestPayload final Example2 request) {System.out.println( process example request2 ran.);return new Example2Response();}} 代码CustomValidationCallbackHandler 这是我编写的用于扩展AbstactCallbackHandler的自定义代码它允许我们使用LDAP。根据下面的CallbackHandler中的注释根据安全性/性能考虑最好有一个缓存管理器如Hazelcast或Ehcache来缓存经过身份验证的用户。下面的Digest Validator可以直接从Sun库中使用我只是想了解它是如何工作的。 package javaitzen.spring.ws;import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException; import com.sun.xml.wss.impl.callback.PasswordValidationCallback; import com.sun.xml.wss.impl.misc.Base64; import org.springframework.beans.factory.InitializingBean; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.util.Assert; import org.springframework.ws.soap.security.callback.AbstractCallbackHandler;import javax.security.auth.callback.Callback; import javax.security.auth.callback.UnsupportedCallbackException; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.util.Properties;public class CustomValidationCallbackHandler extends AbstractCallbackHandler implements InitializingBean {private Properties users new Properties();private AuthenticationManager ldapAuthenticationManager;Overrideprotected void handleInternal(final Callback callback) throws IOException, UnsupportedCallbackException {if (callback instanceof PasswordValidationCallback) {final PasswordValidationCallback passwordCallback (PasswordValidationCallback) callback;if (passwordCallback.getRequest() instanceof PasswordValidationCallback.DigestPasswordRequest) {final PasswordValidationCallback.DigestPasswordRequest digestPasswordRequest (PasswordValidationCallback.DigestPasswordRequest) passwordCallback.getRequest();final String password users.getProperty(digestPasswordRequest.getUsername());digestPasswordRequest.setPassword(password);passwordCallback.setValidator(new CustomDigestPasswordValidator());}if (passwordCallback.getRequest() instanceof PasswordValidationCallback.PlainTextPasswordRequest) {passwordCallback.setValidator(new LDAPPlainTextPasswordValidator());}} else {throw new UnsupportedCallbackException(callback);}}/*** Digest Validator.* This code is directly from the sun class, I was just curious how it worked.*/private class CustomDigestPasswordValidator implements PasswordValidationCallback.PasswordValidator {public boolean validate(final PasswordValidationCallback.Request request) throws PasswordValidationCallback.PasswordValidationException {final PasswordValidationCallback.DigestPasswordRequest req (PasswordValidationCallback.DigestPasswordRequest) request;final String passwd req.getPassword();final String nonce req.getNonce();final String created req.getCreated();final String passwordDigest req.getDigest();final String username req.getUsername();if (null passwd)return false;byte[] decodedNonce null;if (null ! nonce) {try {decodedNonce Base64.decode(nonce);} catch (final Base64DecodingException bde) {throw new PasswordValidationCallback.PasswordValidationException(bde);}}String utf8String ;if (created ! null) {utf8String created;}utf8String passwd;final byte[] utf8Bytes;try {utf8Bytes utf8String.getBytes(utf-8);} catch (final UnsupportedEncodingException uee) {throw new PasswordValidationCallback.PasswordValidationException(uee);}final byte[] bytesToHash;if (decodedNonce ! null) {bytesToHash new byte[utf8Bytes.length decodedNonce.length];for (int i 0; i decodedNonce.length; i)bytesToHash[i] decodedNonce[i];for (int i decodedNonce.length;i utf8Bytes.length decodedNonce.length;i)bytesToHash[i] utf8Bytes[i - decodedNonce.length];} else {bytesToHash utf8Bytes;}final byte[] hash;try {final MessageDigest sha MessageDigest.getInstance(SHA-1);hash sha.digest(bytesToHash);} catch (final Exception e) {throw new PasswordValidationCallback.PasswordValidationException(Password Digest could not be created e);}return (passwordDigest.equals(Base64.encode(hash)));}}/*** LDAP Plain Text validator.*/private class LDAPPlainTextPasswordValidator implementsPasswordValidationCallback.PasswordValidator {/*** Validate the callback against the injected LDAP server.* Probably a good idea to have a cache manager - ehcache / hazelcast injected to cache authenticated users.** param request the callback request* return true if login successful* throws PasswordValidationCallback.PasswordValidationException**/public boolean validate(final PasswordValidationCallback.Request request) throws PasswordValidationCallback.PasswordValidationException {final PasswordValidationCallback.PlainTextPasswordRequest plainTextPasswordRequest (PasswordValidationCallback.PlainTextPasswordRequest) request;final String username plainTextPasswordRequest.getUsername();final Authentication authentication;final Authentication userPassAuth new UsernamePasswordAuthenticationToken(username, plainTextPasswordRequest.getPassword());authentication ldapAuthenticationManager.authenticate(userPassAuth);return authentication.isAuthenticated();}}/*** Assert users.** throws Exception error*/public void afterPropertiesSet() throws Exception {Assert.notNull(users, Users is required.);Assert.notNull(this.ldapAuthenticationManager, A LDAP Authentication manager is required.);}/*** Sets the users to validate against. Property names are usernames, property values are passwords.** param users the users*/public void setUsers(final Properties users) {this.users users;}/*** The the authentication manager.** param ldapAuthenticationManager the provider*/public void setLdapAuthenticationManager(final AuthenticationManager ldapAuthenticationManager) {this.ldapAuthenticationManager ldapAuthenticationManager;} } 服务配置端点CallbackHandler和LDAP身份验证管理器的配置。应用程序上下文–服务器端 ?xml version1.0 encodingUTF-8? beans xmlns:xsihttp://www.w3.org/2001/XMLSchema-instancexmlnshttp://www.springframework.org/schema/beansxmlns:contexthttp://www.springframework.org/schema/contextxmlns:swshttp://www.springframework.org/schema/web-servicesxmlns:shttp://www.springframework.org/schema/securityxsi:schemaLocationhttp://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/spring-beans.xsdhttp://www.springframework.org/schema/web-serviceshttp://www.springframework.org/schema/web-services/web-services-2.0.xsdhttp://www.springframework.org/schema/contexthttp://www.springframework.org/schema/context/spring-context.xsdhttp://www.springframework.org/schema/securityhttp://www.springframework.org/schema/security/spring-security-3.0.xsdsws:annotation-driven/context:component-scan base-packagejavaitzen.spring.ws/sws:dynamic-wsdl idexampleServiceportTypeNamejavaitzen.spring.ws.ExampleServiceEndpointlocationUri/exampleService/targetNamespacehttp://www.briandupreez.net/exampleServicesws:xsd locationclasspath:/xsd/Example1Request.xsd/sws:xsd locationclasspath:/xsd/Example1Response.xsd/sws:xsd locationclasspath:/xsd/Example2Request.xsd/sws:xsd locationclasspath:/xsd/Example2Response.xsd//sws:dynamic-wsdlsws:interceptorsbean idvalidatingInterceptorclassorg.springframework.ws.soap.server.endpoint.interceptor.PayloadValidatingInterceptorproperty nameschema valueclasspath:/xsd/Example1Request.xsd/property namevalidateRequest valuetrue/property namevalidateResponse valuetrue//beanbean idloggingInterceptorclassorg.springframework.ws.server.endpoint.interceptor.PayloadLoggingInterceptor/bean classorg.springframework.ws.soap.security.xwss.XwsSecurityInterceptorproperty namepolicyConfiguration value/WEB-INF/securityPolicy.xml/property namecallbackHandlerslistref beancallbackHandler//list/property/bean/sws:interceptorsbean idcallbackHandler classjavaitzen.spring.ws.CustomValidationCallbackHandlerproperty nameldapAuthenticationManager refauthManager //beans:authentication-manager aliasauthManagers:ldap-authentication-provideruser-search-filter(uid{0})user-search-baseouusersgroup-role-attributecnrole-prefixROLE_/s:ldap-authentication-provider/s:authentication-manager!-- Example... (inmemory apache ldap service) --s:ldap-server idcontextSource rootoexample ldifclasspath:example.ldif/!--If you want to connect to a real LDAP server it would look more like:s:ldap-server idcontextSource urlldap://localhost:7001/oexample manager-dnuidadmin,ousystem manager-passwordsecret/s:ldap-server--bean idmarshallingPayloadMethodProcessorclassorg.springframework.ws.server.endpoint.adapter.method.MarshallingPayloadMethodProcessorconstructor-arg refserviceMarshaller/constructor-arg refserviceMarshaller//beanbean iddefaultMethodEndpointAdapterclassorg.springframework.ws.server.endpoint.adapter.DefaultMethodEndpointAdapterproperty namemethodArgumentResolverslistref beanmarshallingPayloadMethodProcessor//list/propertyproperty namemethodReturnValueHandlerslistref beanmarshallingPayloadMethodProcessor//list/property/beanbean idserviceMarshaller classorg.springframework.oxm.jaxb.Jaxb2Marshallerproperty nameclassesToBeBoundlistvaluejavaitzen.spring.ws.Example1/valuevaluejavaitzen.spring.ws.Example1Response/valuevaluejavaitzen.spring.ws.Example2/valuevaluejavaitzen.spring.ws.Example2Response/value/list/propertyproperty namemarshallerPropertiesmapentry keyjaxb.formatted.outputvalue typejava.lang.Booleantrue/value/entry/map/property/bean/beans 安全上下文–服务器端 xwss:SecurityConfiguration xmlns:xwsshttp://java.sun.com/xml/ns/xwss/configxwss:RequireTimestamp maxClockSkew60 timestampFreshnessLimit300/!-- Expect plain text tokens from the client --xwss:RequireUsernameToken passwordDigestRequiredfalse nonceRequiredfalse/xwss:Timestamp/!-- server side reply token --xwss:UsernameToken nameserver passwordserver1 digestPasswordfalse useNoncefalse/ /xwss:SecurityConfiguration Web XML 这里没有什么特别的只是Spring WS MessageDispatcherServlet。 spring-wsorg.springframework.ws.transport.http.MessageDispatcherServlettransformWsdlLocationstrue1spring-ws/* 客户端配置要测试或使用该服务您需要应用程序上下文–客户端测试 ?xml version1.0 encodingUTF-8? beans xmlnshttp://www.springframework.org/schema/beansxmlns:xsihttp://www.w3.org/2001/XMLSchema-instancexsi:schemaLocationhttp://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsdbean idmessageFactory classorg.springframework.ws.soap.saaj.SaajSoapMessageFactory/bean idwebServiceTemplate classorg.springframework.ws.client.core.WebServiceTemplateconstructor-arg refmessageFactory/property namemarshaller refserviceMarshaller/property nameunmarshaller refserviceMarshaller/property namedefaultUri valuehttp://localhost:7001/example/spring-ws/exampleService/property nameinterceptorslistref localxwsSecurityInterceptor//list/property/beanbean idxwsSecurityInterceptorclassorg.springframework.ws.soap.security.xwss.XwsSecurityInterceptorproperty namepolicyConfiguration valuetestSecurityPolicy.xml/property namecallbackHandlerslistref beancallbackHandler//list/property/bean!-- As a client the username and password generated by the server must match with the client! --!-- a simple callback handler to configure users and passwords with an in-memory Properties object. --bean idcallbackHandlerclassorg.springframework.ws.soap.security.xwss.callback.SimplePasswordValidationCallbackHandlerproperty nameuserspropsprop keyserverserver1/prop/props/property/beanbean idserviceMarshaller classorg.springframework.oxm.jaxb.Jaxb2Marshallerproperty nameclassesToBeBoundlistvaluejavaitzen.spring.ws.Example1/valuevaluejavaitzen.spring.ws.Example1Response/valuevaluejavaitzen.spring.ws.Example2/valuevaluejavaitzen.spring.ws.Example2Response/value/list/propertyproperty namemarshallerPropertiesmapentry keyjaxb.formatted.outputvalue typejava.lang.Booleantrue/value/entry/map/property/bean 安全上下文–客户端 xwss:SecurityConfiguration xmlns:xwsshttp://java.sun.com/xml/ns/xwss/configxwss:RequireTimestamp maxClockSkew60 timestampFreshnessLimit300/!-- Expect a plain text reply from the server --xwss:RequireUsernameToken passwordDigestRequiredfalse nonceRequiredfalse/xwss:Timestamp/!-- Client sending to server --xwss:UsernameToken nameexample passwordpass digestPasswordfalse useNoncefalse/ /xwss:SecurityConfiguration 与Java通常一样在jar和版本方面可能会有一些细微差别因此下面是我使用的pom的一部分。依赖关系 3.0.6.RELEASE2.0.2.RELEASEorg.apache.directory.serverapacheds-all1.5.5jarcompileorg.springframework.wsspring-ws-core${spring-ws-version}org.springframeworkspring-webmvc${spring-version}org.springframeworkspring-web${spring-version}org.springframeworkspring-context${spring-version}org.springframeworkspring-core${spring-version}org.springframeworkspring-beans${spring-version}org.springframeworkspring-oxm${spring-version}org.springframework.wsspring-ws-security${spring-ws-version}org.springframework.securityspring-security-core${spring-version}org.springframework.securityspring-security-ldap${spring-version}org.springframework.ldapspring-ldap-core1.3.0.RELEASEorg.apache.ws.securitywss4j1.5.12com.sun.xml.wssxws-security3.0org.apache.ws.commons.schemaXmlSchema1.4.2/project 参考 Spring 3Spring Web Services 2和LDAP安全性。来自我们的JCG合作伙伴 Zen博客中的Zen领域的 Brian Du Preez。翻译自: https://www.javacodegeeks.com/2012/02/spring-3-spring-web-services-2-ldap.html

本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：http://www.mzph.cn/web/87888.shtml

如若内容造成侵权/违法违规/事实不符，请联系多彩编程网进行投诉反馈email:809451989@qq.com，一经查实，立即删除！