5.webService拦截器
CXF为什么要设计拦截器?
为了在webservice请求过程中,能动态操作请求和响应数据, CXF设计了拦截器。
拦截器分类
1.按所处的位置分:服务器端拦截器,客户端拦截器
2.按消息的方向分:入拦截器,出拦截器
3.按定义者分:系统拦截器,自定义拦截器
3.1系统拦截器:
LoggingInInterceptor(系统日志入拦截器类)
LoggingOutInterceptor(系统日志出拦截器类)
***server*** //SEI @WebService public interface HelloWS { @WebMethod public String sayHello(String name); } //SEI implement @WebService public class HelloWSImpl implements HelloWS { @Override public String sayHello(String name) { return "hello: "+name; } } //publish public class RealeaseWS { public static void main(String[] args) { String address = "http://localhost:8989/WebService_Server"; Endpoint endpoint = Endpoint.publish(address, new HelloWSImpl()); EndpointImpl endpointImpl = (EndpointImpl)endpoint; //服务器的的入拦截器 List<Interceptor<? extends Message>> inInterceptors = endpointImpl.getInInterceptors(); //将系统日志入拦截器类添加到入拦截器集合中 inInterceptors.add(new LoggingInInterceptor()); //服务器的的出拦截器 List<Interceptor<? extends Message>> outInterceptors = endpointImpl.getOutInterceptors(); //将系统日志出拦截器类添加到出拦截器集合中 outInterceptors.add(new LoggingOutInterceptor()); System.out.println("webService发布成功!"); } }
***client*** //生成客户端代码步骤省略。。。 //客户端调用服务器方法测试程序 public class TestWebService { public static void main(String[] args) { HelloWSImplService factory = new HelloWSImplService(); HelloWSImpl helloWSImpl = factory.getHelloWSImplPort(); //在调用服务器方法前配置拦截器 //获取发送请求的客户端对象 Client client = ClientProxy.getClient(helloWSImpl); //客户端的系统日志出拦截器 List<Interceptor<? extends Message>> outInterceptors = client.getOutInterceptors(); outInterceptors.add(new LoggingOutInterceptor()); //客户端的系统日志入拦截器 List<Interceptor<? extends Message>> inInterceptors = client.getInInterceptors(); inInterceptors.add(new LoggingInInterceptor()); String result = helloWSImpl.sayHello("webService"); System.out.println(result); } }
执行程序后日志:
1.首先是从客户端发送请求给服务器,先是发出请求给服务器被拦截(客户端出拦截器),服务器返回响应数据后又被客户端拦截器拦截(客户端入拦截器),拦截信息如下: 一月 26, 2016 10:32:44 下午 org.apache.cxf.service.factory.ReflectionServiceFactoryBean buildServiceFromWSDL INFO: Creating Service {http://server.webService.com/}HelloWSImplService from WSDL: http://localhost:8989/WebService_Server?wsdl 一月 26, 2016 10:32:45 下午 org.apache.cxf.services.HelloWSImplService.HelloWSImplPort.HelloWS INFO: Outbound Message --------------------------- ID: 1 Address: http://localhost:8989/WebService_Server Encoding: UTF-8 Content-Type: text/xml Headers: {Accept=[*/*], SOAPAction=[""]} Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:sayHello xmlns:ns2="http://server.webService.com/"><arg0>webService</arg0></ns2:sayHello></soap:Body></soap:Envelope> -------------------------------------- 一月 26, 2016 10:32:45 下午 org.apache.cxf.services.HelloWSImplService.HelloWSImplPort.HelloWS INFO: Inbound Message ---------------------------- ID: 1 Response-Code: 200 Encoding: UTF-8 Content-Type: text/xml;charset=UTF-8 Headers: {Content-Length=[230], content-type=[text/xml;charset=UTF-8], Server=[Jetty(7.5.4.v20111024)]} Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:sayHelloResponse xmlns:ns2="http://server.webService.com/"><return>hello: webService</return></ns2:sayHelloResponse></soap:Body></soap:Envelope> -------------------------------------- hello: webService
2.服务器接收到客户端请求后,该请求先是被拦截(服务器入拦截器),接着服务器接收请求并执行后,将数据发回给客户端又被拦截(服务器出拦截器),该拦截信息为: 一月 26, 2016 10:20:35 下午 org.apache.cxf.service.factory.ReflectionServiceFactoryBean buildServiceFromClass INFO: Creating Service {http://server.webService.com/}HelloWSImplService from class com.webService.server.HelloWS 一月 26, 2016 10:20:38 下午 org.apache.cxf.endpoint.ServerImpl initDestination INFO: Setting the server's publish address to be http://localhost:8989/WebService_Server 一月 26, 2016 10:20:38 下午 org.eclipse.jetty.server.Server doStart INFO: jetty-7.5.4.v20111024 一月 26, 2016 10:20:38 下午 org.eclipse.jetty.server.AbstractConnector doStart INFO: Started SelectChannelConnector@localhost:8989 STARTING 一月 26, 2016 10:20:38 下午 org.eclipse.jetty.server.handler.ContextHandler startContext INFO: started o.e.j.s.h.ContextHandler{,null} webService发布成功! 一月 26, 2016 10:32:44 下午 org.apache.cxf.services.HelloWSImplService.HelloWSImplPort.HelloWS INFO: Inbound Message ---------------------------- ID: 1 Address: http://localhost:8989/WebService_Server?wsdl Encoding: UTF-8 Http-Method: GET Content-Type: text/xml Headers: {Accept=[*/*], Cache-Control=[no-cache], connection=[keep-alive], content-type=[text/xml], Host=[localhost:8989], Pragma=[no-cache], User-Agent=[Apache CXF 2.5.9]} -------------------------------------- 一月 26, 2016 10:32:45 下午 org.apache.cxf.services.HelloWSImplService.HelloWSImplPort.HelloWS INFO: Inbound Message ---------------------------- ID: 2 Address: http://localhost:8989/WebService_Server Encoding: UTF-8 Http-Method: POST Content-Type: text/xml; charset=UTF-8 Headers: {Accept=[*/*], Cache-Control=[no-cache], connection=[keep-alive], Content-Length=[203], content-type=[text/xml; charset=UTF-8], Host=[localhost:8989], Pragma=[no-cache], SOAPAction=[""], User-Agent=[Apache CXF 2.5.9]} Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:sayHello xmlns:ns2="http://server.webService.com/"><arg0>webService</arg0></ns2:sayHello></soap:Body></soap:Envelope> --------------------------------------
3.2自定义拦截器
案例:使用自定义拦截器,实现用户名和密码的权限,即访问权限控制!
需要的拦截器:客户端的出拦截器和服务器的入拦截器
说明:自定义拦截器都从AbstractPhaseIntercepter继承
问题:为什么客户端需要设置拦截器?
因为客户端拦截器能得到客户端的用户名和密码,并且将用户名和密码设置到请求头中,这样服务器接收请求时才能获取到用户名和密码,并且根据得到的用户名和密码来做出验证!
***客户端拦截器*** public class AccountInterceptor extends AbstractPhaseInterceptor<SoapMessage>{ private String name; private String password; public AccountInterceptor(String name,String password) { //Phase值决定了拦截器什么时候拦截到消息 //PRE_PROTOCOL准备请求时拦截 super(Phase.PRE_PROTOCOL); this.name = name; this.password = password; } //一旦被拦截,首先调用此方法 @SuppressWarnings("deprecation") @Override public void handleMessage(SoapMessage msg) throws Fault { List<Header> headers = msg.getHeaders(); //在客户端请求时,会将用户名密码带过去 //怎么带用户名和密码到服务器,将用户名和密码设置在请求头中 org.w3c.dom.Document document = DOMHelper.createDocument(); Element ele = document.createElement("account");//创建标签<account></account> Element eleName = document.createElement("name");//创建标签<name></name> eleName.setTextContent(name);//给<name>设值,值为客户端传进来的用户名 ele.appendChild(eleName); Element elePwd = document.createElement("password");//创建标签<password></password> elePwd.setTextContent(password);//给<password>设值,值为客户端传进来的密码 ele.appendChild(elePwd); //设置标签<account>的account headers.add(new Header(new QName("account"),ele)); //如果拦截了,打印以下信息! System.out.println("客户端拦截了"); } }
***添加自定义拦截器到客户端出拦截器中*** public class TestWebService { public static void main(String[] args) { HelloWSImplService factory = new HelloWSImplService(); HelloWSImpl helloWSImpl = factory.getHelloWSImplPort(); //设置用户名和密码 String name = "webService"; String password = "123456"; //在调用服务器方法前配置拦截器 //获取发送请求的客户端对象 Client client = ClientProxy.getClient(helloWSImpl); //添加自定义拦截器到客户端出拦截器中 List<Interceptor<? extends Message>> outInterceptors = client.getOutInterceptors(); outInterceptors.add(new AccountInterceptor(name,password)); String result = helloWSImpl.sayHello("webService"); System.out.println(result); } }
*****************以上是客户端********************
*****************以上是服务器********************
//服务器拦截器 public class CheckAccountInterceptor extends AbstractPhaseInterceptor<SoapMessage>{ public CheckAccountInterceptor() { super(Phase.PRE_PROTOCOL); } @Override public void handleMessage(SoapMessage message) throws Fault { //获取客户端请求头 //account为客户端设置的qname Header header = message.getHeader(new QName("account")); if(header != null){ Element account = (Element) header.getObject(); //通过标签名获取值<name></name> String name = account.getElementsByTagName("name").item(0).getTextContent(); String password = account.getElementsByTagName("password").item(0).getTextContent(); if("webService".equals(name) && "123456".equals(password)){ System.out.println("验证通过......"); } } System.out.println("没有通过拦截器!"); throw new Fault(new RuntimeException("用户名或者密码错误!")); } }
//将自定义拦截器添加到服务器的入拦截器 public class RealeaseWS { public static void main(String[] args) { String address = "http://localhost:8989/WebService_Server"; Endpoint endpoint = Endpoint.publish(address, new HelloWSImpl()); EndpointImpl endpointImpl = (EndpointImpl)endpoint; //将自定义拦截器添加到服务器的入拦截器 List<Interceptor<? extends Message>> inInterceptors = endpointImpl.getInInterceptors(); inInterceptors.add(new CheckAccountInterceptor()); System.out.println("webService发布成功!"); } }
运行程序:
如果没有通过,则出现以下信息:
客户端拦截了
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: 用户名或者密码错误!
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:156)
at com.sun.proxy.$Proxy27.sayHello(Unknown Source)
at com.test.TestWebService.main(TestWebService.java:34)
Caused by: org.apache.cxf.binding.soap.SoapFault: 用户名或者密码错误!