webservice的header详解

该webservice是用java axis2做服务端，flex as3做客户端。

一、利用抓包工具抓的请求包如下：

POST /axis2/services/ScService.ScServiceSOAP/ HTTP/1.1

Referer: app:/MultimediaDispatch.swf

Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,text/css,image/png,image/jpeg,image/gif;q=0.8,application/x-shockwave-flash,video/mp4;q=0.9,flv-application/octet-stream;q=0.8,video/x-flv;q=0.7,audio/mp4,application/futuresplash,*/*;q=0.5

x-flash-version: 11,1,100,27

Content-Type: text/xml; charset=utf-8

SOAPAction: "http://www.showclear.cn/ScService/OrgGroupQuery"

Content-Length: 492

Accept-Encoding: gzip,deflate

User-Agent: Mozilla/5.0 (Windows; U; zh-CN) AppleWebKit/533.19.4 (KHTML,like Gecko) AdobeAIR/3.1

Host: 192.168.2.172:8080

Connection: Keep-Alive



<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <SOAP-ENV:Header>
    <AuthHeader>
      <password>1</password>
      <username>admin</username>
    </AuthHeader>
  </SOAP-ENV:Header>
  <SOAP-ENV:Body>
    <tns:CommonReq xmlns:tns="http://www.showclear.cn/ScService/">
      <sessionId>1</sessionId>
    </tns:CommonReq>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

二、java服务端的处理

ScServiceSkeleton子类重写实现方法：

	@Override
	public OrgGroupQueryResp orgGroupQuery(CommonReq commonReq) {
		OrgGroupQueryResp resp = new OrgGroupQueryResp();
		if (!AuthChecker.isAuth()) {
			resp.setReturnCode(ReturnCode.AUTH_FAIL.getValueS());
			resp.setTotal(0);
		} else {
			Managers.getDbManager().getOrgDao().queryOrgGroup(resp);
		}
		return resp;
	}

权限检测类：

public class AuthChecker {
	private static final Logger log = Logger.getLogger(AuthChecker.class);
	
	@SuppressWarnings("rawtypes")
	public static boolean isAuth() {
		boolean result = true;
		try {
			MessageContext msgContext = MessageContext.getCurrentMessageContext();
			OMElement element = msgContext.getEnvelope().getHeader().getFirstElement();
			
			Iterator list = (Iterator) msgContext.getEnvelope().getHeader().getFirstElement().getChildElements();
			String username = "";
			String password = "";
			while (list.hasNext()) {
				element = (OMElement) list.next();
				if (element.getLocalName().equalsIgnoreCase("username")) {
					username = element.getText();
				} else if (element.getLocalName().equalsIgnoreCase("password")) {
					password = element.getText();
				}
			}
			
			log.info("username=" + username + ",password=" + password);
			if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password))
				result = false;
			
		} catch(Exception e) {
			log.error("AuthChecker error",e);
			result = false;
		}
		
		return result;
	}
}

private var ws:WebService;

	ws = new WebService();
			ws.wsdl = "http://192.168.2.172:8080/axis2/services/ScService?wsdl";
			ws.loadWSDL();
			ws.addEventListener(FaultEvent.FAULT,faultHandler);
			ws.addHeader(new AuthHeader("admin","1"));

		public function queryOrgGroup():void {
			ws.addEventListener(ResultEvent.RESULT,resultOrgGroup);
//			ws.getOperation("OrgGroupQuery").send("1");
			ws.OrgGroupQuery("1");
		}
		
		private function resultOrgGroup(event:ResultEvent):void { 
			var returnCode:String = event.result.returnCode;
			var total:int = event.result.total;
			if (total != 0) {
				var groups:ArrayCollection = event.result.groups;
				var size:int = groups.length;
				var dept:OrgDepartment;
				for (var i:int=0; i<size; i++) {
					dept = OrgDepartment.build(groups.getItemAt(i));
					trace(dept.toString());
					Managers.getOrgManager().addDept(dept);
				}
			}
			ws.removeEventListener(ResultEvent.RESULT,resultOrgGroup);
			
			queryOrgMember();
		}

AuthHeader类

	import mx.rpc.soap.SOAPHeader;
	
	public class AuthHeader extends SOAPHeader
	{
		public function AuthHeader(username:String,password:String){
			var content:Object = new Object();
			content.username = username;
			content.password = password;
			var qn:QName = new QName("","AuthHeader");
			super(qn,content);
		}
	}