【webservice】基于axis2设计带soaphead安全机制的webservice服务端
还是用axis2写的。是先有客户端,再有这个服务端,严格根据客户端的请求报文来写的哦。是否解决了“ 先有鸡还是先有蛋”的问题。。报文的话,请参照我的上一篇博文《【webservice】调试方法篇(二)》,那么,我的编程步骤是这样的。
1、新建java工程,导入axis2的包、dom4j工具包。
2、根据客户端的请求报文上面soap的命名空间,为工程设计包名,因此,本工程的供外部调用类(Server类)的所在包是cn.com.ultrapower.webservice.service。
3、编辑配置文件services.xml如下:
<!-- webservice配置文件 --> <service name="Prc_Service" > <description> Please Type your service description here </description> <messageReceivers> <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-only" class="org.apache.axis2.rpc.receivers.RPCInOnlyMessageReceiver" /> <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-out" class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/> </messageReceivers> <parameter name="ServiceClass">cn.com.ultrapower.webservice.service.Server</parameter> </service>
4、根据客户端的请求报文上面soap的请求方法,定义Server类里面的对外方法是SendXML(String requestXml,String busiKey)。根据报文可知道:<soapenv:Header>的参数是username与password,<soapenv:body>的参数是busiKey(请求的业务)与requestXml(请求的业务的查询参数,xml格式,需要dom4j分析)。
5、其他工具类设计:用于加载关于业务码busiKey的map的InitBusiKey.java,
6、其他工具类设计:用于加载user的账号密码、接口权限、接口流量等配置信息的InitUser.java,
下面提供Server类的全部代码:
package cn.com.ultrapower.webservice.service; import java.io.UnsupportedEncodingException; import java.util.Calendar; import java.util.HashMap; import java.util.Iterator; import java.util.Map; import org.apache.axiom.om.OMElement; import org.apache.axiom.soap.SOAPHeader; import org.apache.axis2.context.MessageContext; import org.dom4j.DocumentException; import cn.com.ultrapower.webservice.service.conf.InitBusiKey; import cn.com.ultrapower.webservice.service.conf.InitUser; import cn.com.ultrapower.webservice.service.service.CRBT_Service; import cn.com.ultrapower.webservice.service.service.ISAG_Service; import cn.com.ultrapower.webservice.service.service.MMSC_Service; import cn.com.ultrapower.webservice.service.service.WAPGW_Service; public class Server{ //userFlowMap是累加用户在单位时间里对某接口的访问次数 private static Map<String, Long[]> userFlowMap = new HashMap<String, Long[]>();//String为用户名username,Long[0]为时间,Long[1]为次数 String responseCode = ""; //查询服务返回的状态码 String responseXML = ""; //查询服务返回的业务数据 /* * @para busiKey : 业务平台标识 * @para requestXml : 查询条件的XML字符串 * 定义返回码responseCode: 001 输入参数的busiKey无效 004 请求方权限验证失败 003 查询接口达到最大并发能力 002 输入参数的requestXML无效 005 请求的查询时间超时 999 其它错误 000 服务接口处理成功 * */ public String SendXML (String requestXml,String busiKey){ try{ String serviceName = InitBusiKey.getInitBusiKey().getServiceName(busiKey); if(serviceName!=null && !serviceName.equals("") && serviceName.length()>0){ String Username = checkAuth(serviceName); if(Username!=null && !Username.equals("")){ if(checkFlow(Username)){ responseCode = "000"; //000:服务接口处理成功 responseXML = readRequestXml(serviceName,requestXml); String returnData = returnData(); return returnData; }else{ responseCode = "003"; //003:查询接口达到最大并发能力 responseXML = ""; String returnData = returnData(); return returnData; } }else{ responseCode = "004"; //004:请求方权限验证失败 responseXML = ""; String returnData = returnData(); return returnData; } }else{ responseCode = "001"; //001:输入参数的busiKey无效 responseXML = ""; String returnData = returnData(); return returnData; } }catch(NumberFormatException e){//002:参数string转int出错(参数requestXML无效) e.printStackTrace(); responseCode = "002"; responseXML = ""; String returnData = returnData(); return returnData; }catch(NullPointerException e){//002:参数为空时出错((参数requestXML无效)) e.printStackTrace(); responseCode = "002"; responseXML = ""; String returnData = returnData(); return returnData; }catch(Exception e){ e.printStackTrace(); responseCode = "999"; //999:其它错误 responseXML = ""; String returnData = returnData(); return returnData; } } private String returnData(){ StringBuffer returnData = new StringBuffer("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"); returnData.append("<root>"); returnData.append("<responseCode>"); returnData.append(responseCode); returnData.append("</responseCode>"); returnData.append("<responseXML>"); returnData.append(responseXML); returnData.append("</responseXML>"); returnData.append("</root>"); return returnData.toString(); } //检测用户账号及接口权限(soaphead安全机制) private String checkAuth(String serviceName){ boolean pwIsOK = false; boolean authIsOK = false; String Username="",Password="",Address="",Province=""; MessageContext msgContext = MessageContext.getCurrentMessageContext(); SOAPHeader header = msgContext.getEnvelope().getHeader(); Iterator list = header.getChildren(); while (list.hasNext()){ OMElement element = (OMElement) list.next(); if (element.getLocalName().equals("Username")){ Username = element.getText(); } if (element.getLocalName().equals("Password")){ Password = element.getText(); } } if(Password.equals(InitUser.getInitUser().getUser(Username).getPassword())) pwIsOK=true; if(InitUser.getInitUser().getUser(Username).getServiceAuth().contains((","+serviceName+","))) authIsOK=true; System.out.println("step1.checkAuth >>>>>>>>> pwIsOK:"+pwIsOK+" authIsOK:"+authIsOK); if(pwIsOK && authIsOK) return Username; else return ""; } //控制用户查询频率(接口流量) private boolean checkFlow(String Username){ boolean flowIsOK = true; long nowTime = Calendar.getInstance().getTime().getTime(); if(userFlowMap.get(Username)==null){ Long[] userflow = {nowTime,1L}; //userflow[0]为初始时间,userflow[1]为期间访问次数 userFlowMap.put(Username, userflow); flowIsOK = true; }else if(nowTime>(userFlowMap.get(Username)[0]+60000)){ Long[] userflow = {nowTime,1L}; //userflow[0]为初始时间,userflow[1]为期间访问次数 userFlowMap.put(Username, userflow); flowIsOK = true; }else if(userFlowMap.get(Username)[0]<=nowTime && nowTime<=(userFlowMap.get(Username)[0]+60000)){ if(userFlowMap.get(Username)[1]<InitUser.getInitUser().getUser(Username).getFlowIn1Min()){ Long[] userflow = {userFlowMap.get(Username)[0],userFlowMap.get(Username)[1]+1};//访问次数+1 userFlowMap.put(Username, userflow); flowIsOK = true; }else{ flowIsOK = false; } } System.out.println("step2.checkFlow >>>>>>>>> flowIsOK:"+flowIsOK); return flowIsOK; } //执行查询服务 private String readRequestXml(String serviceName,String requestXml) throws DocumentException,NumberFormatException, NullPointerException, UnsupportedEncodingException{ System.out.println("step3.readRequestXml >>>>>>>>> serviceName: "+serviceName); //选择对应的service if(serviceName.equals("WAPGW")) return new WAPGW_Service().readXML(requestXml); if(serviceName.equals("MMSC")) return new MMSC_Service().readXML(requestXml); if(serviceName.equals("ISAG")) return new ISAG_Service().readXML(requestXml); if(serviceName.equals("CRBT")) return new CRBT_Service().readXML(requestXml); else return ""; } }
用axis2用得时间长了,自己也希望有些突破。前阵子重写了这段业务,完全放弃了axis2,直接弄了个servlet,也就是javaweb系统,小巧呢,直接扔到tomcat的webapps就能跑了,用上一篇博文《【webservice】调试方法篇(二)》上面的源码测试,是没问题的。但是,没能及时联系到客户端厂家联调了,因为,我已经申请离职了。今天是在公司的最后一天,就偷闲整理了webservice的系列博文,希望能给大家带来帮助吧。入行不深,且祝我前程似锦吧~
转载请说明出自whilejolly:http://blog.csdn.net/seedingly/article/details/39055107
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。