1
我在netbeans ide中创建了此webservice 我希望在客户端发出任何请求之前进行基本授权。该服务工作正常,但我如何使用httpconnection类从客户端传递用户名和密码。 这是我的web服务。如何使用HttpURLConnection在java web服务中执行身份验证
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.jws.WebService;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.handler.MessageContext;
@WebService(serviceName = "SampleWs")
public class SampleWs implements CreateCustomer {
@Resource
WebServiceContext wsctx;
@Override
public String createCustomer(Customers customer) {
String resp="Access Denied";
MessageContext mctx = wsctx.getMessageContext();
Map http_headers = (Map) mctx.get(MessageContext.HTTP_REQUEST_HEADERS);
String username = (String) http_headers.get("username");//should come from the client request
String password = (String) http_headers.get("password");//should come from the client request
if(username.equals("admin")&&password.equals("pass"))
{
resp="Authenticated";
}
return resp;
}
}
//interface
import javax.jws.WebMethod;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
import javax.jws.soap.SOAPBinding.Style;
@WebService
@SOAPBinding(style = Style.RPC)
public interface CreateCustomer {
@WebMethod String createCustomer(Customers customer);
}
//model class
public class Customers {
private int id;
private String fname;
private String sname;
private String gender;
private String email;
//getters and setters
}
这里是我的客户
public class SampleClient {
private static final String url_ = "http://localhost:7001/SampleWs/SampleWs";
public static String testAuthorisation() {
String varresp = "";
StringBuilder answer = new StringBuilder();
try {
String req = getSoapRequestXMl();
String name = "adm";
String password = "pass";
String authString = name + ":" + password;
byte[] authEncBytes = Base64.encodeBase64(authString.getBytes());//apache lib for Base64
String authStringEnc = new String(authEncBytes);
URL url = new URL(url_);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Content-Type", "text/xml");
//conn.setRequestProperty ("Authorization", "Basic " + authStringEnc);
conn.setDoOutput(true);
OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream());
writer.write(req);
writer.flush();
BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;
while ((line = reader.readLine()) != null) {
answer.append(line);
}
writer.close();
reader.close();
varresp = answer.toString();
} catch (Exception e) {
e.printStackTrace();
varresp = "!" + e;
} finally {
return varresp;
}
}
private static String getSoapRequestXMl() {
String request = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\n"
+ " <soap:Header/>\n"
+ " <soap:Body>\n"
+ " <ns1:hello xmlns:ns1=\"http://ws.ecs.co/\">\n"
+ " <name>\n"
+ " <email>[email protected]</email>\n"
+ " <fname>Firsname</fname>\n"
+ " <gender>Male</gender>\n"
+ " <id>23</id>\n"
+ " <sname>Nemuga</sname>\n"
+ " </name>\n"
+ " </ns1:hello>\n"
+ " </soap:Body>\n"
+ "</soap:Envelope>";
return request;
}
}
当我运行代码正在逐渐产生java.io.IOException:网址 –
我的代码从http提取用户名和密码,401:服务器返回的HTTP响应代码头,它不会执行授权本身。客户端是否发送头文件?服务器是否接收到它?使用authHeader,authToken,用户名和密码变量的值显示服务器日志 – pedrofb
服务器上根本没有日志 –