Axis2服务端用户名和密码校验authentication代码

服务端代码如下
1、用户名和密码校验类
package webservice.pojo;
import java.util.Iterator;
import org.apache.axiom.om.OMElement;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;

public class LoginCheck {
?public static void checkUserPwd() throws AxisFault{
? MessageContext msgContext = MessageContext.getCurrentMessageContext();
? Iterator list = (Iterator)msgContext.getEnvelope().getHeader().getFirstElement().getChildren();
? String Username = "";
? String Password = "";
? while (list.hasNext()) {
?? OMElement element = (OMElement) list.next();
?? if (element.getLocalName().equals("Username")) {
??? Username = element.getText();
?? }
?? if (element.getLocalName().equals("Password")) {
??? Password = element.getText();
?? }
? }
? if (!Username.equals("toone") || !Password.equals("222221")){
?? throw new AxisFault(" Authentication Fail! Check username/password ");
? }
?}
}
2、webservice axis2服务类

package webservice.pojo;

import java.util.HashMap;

import org.apache.axis2.AxisFault;

import webservice.pojo.LoginCheck;

public class StockQuoteService {
??? private HashMap map = new HashMap();

?public double getPrice(String symbol)? throws AxisFault{
??????? LoginCheck.checkUserPwd(); //当客户端调用getPrice方法是，在此处先进行用户名和密码校验，如果校验通过则继续后续逻辑处理，如果不通过则抛出异常。
??????? Double price = (Double) map.get(symbol);
??????? if(price != null){
??????????? return price.doublue();
??????? }
??????? return 42.00;
??? }

??? public void update(String symbol,double price) {

??????? LoginCheck.checkUserPwd(); //当客户端调用getPrice方法是，在此处先进行用户名和密码校验，如果校验通过则继续后续逻辑处理，如果不通过则抛出异常。
??????? map.put(symbol,new Double(price));
??? }
}
3、服务类axis2配置文件

<service name="PojoStockQuoteService" scope="application" targetNamespace="http://quickstart.samples/">
??? <description>
??????? Stock Quote Service
??? </description>
??? <messageReceivers>
??????? <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-only"
???????????????????????? class="org.apache.axis2.rpc.receivers.RPCInOnlyMessageReceiver"/>
??????? <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-out"
???????????????????????? class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
??? </messageReceivers>
??? <schema schemaNamespace="http://quickstart.samples.pojo/xsd"/>
??? <parameter name="ServiceClass">webservice.pojo.StockQuoteService</parameter>
</service>

服务端代码完毕。

客户端代码如下：
1、创建带用户名和密码的OMElement对象

package webservice.pojo;

import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;

public class HeaderOMElement {
?public static OMElement createHeaderOMElement(){
? OMFactory factory = OMAbstractFactory.getOMFactory();
???? OMNamespace SecurityElementNamespace = factory.createOMNamespace("http://handler.com","wsse");
??????? OMElement authenticationOM = factory.createOMElement("Authentication",
??????????????? SecurityElementNamespace);
??????? OMElement usernameOM = factory.createOMElement("Username",
??????????????? SecurityElementNamespace);
??????? OMElement passwordOM = factory.createOMElement("Password",
??????????????? SecurityElementNamespace);
??????? usernameOM.setText("toone");
??????? passwordOM.setText("222221");
??????? authenticationOM.addChild(usernameOM);
??????? authenticationOM.addChild(passwordOM);
??????? return authenticationOM;
?}
}

2、客户端代码

package webservice.pojo;
import javax.xml.namespace.QName;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.client.Options;
import org.apache.axis2.rpc.client.RPCServiceClient;
import webservice.pojo.HeaderOMElement;

public class PojoClient {
?public static void main(String[] args1) throws AxisFault {
? String serviceName = "http://localhost:8801/services/PojoStockQuoteService";
? String namespace = "http://quickstart.samples.pojo/xsd";
? String methodName = "getPrice";
? Object[] methodArgs = new Object[] { };
? Class[] returnTypes = new Class[] { Double.class };

??????? RPCServiceClient serviceClient = new RPCServiceClient();

??????? //将创建的OMElement对象放置到Header中
??????? serviceClient.addHeader(HeaderOMElement.createHeaderOMElement());
??????? Options options = serviceClient.getOptions();
??????? EndpointReference targetEPR = new EndpointReference(serviceName);
??????? options.setTo(targetEPR);
??????? QName op= new QName(namespace,methodName);
??????? Object[] response = serviceClient.invokeBlocking(op,methodArgs,returnTypes);
??????? Double result = (Double) response[0];?
??????? if (result == null) {
??????????? System.out.println("didn't initialize!");
??????????? return;
??????? }
??????? else {
??????????? System.out.println("Price ====== " +
????????????? result.doublue());
??????? }
?}
}

客户端代码结束。当在internet网络上发布webservice服务时，有时不希望别人任意访问，尤其是对修改性服务，因此需要在访问服务时先进行用户名和密码校验，对存在这一类需求的人而言，上面的方法应该会有帮助，祝好运。另外，最近研究了一下，通过Axis2的module方式也是可进行校验的，这种方式更加松耦合，发布module后修改服务端配置文件即可，在服务端的服务方法里没有任何校验代码。