最近我们还需要使用SOAP服务来支持JSESSIONID,这就是我们在阅读StackOverflow并引用IBM站点上的SSO客户端示例后想出的。
我们扩展了SOAPHandler:
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.List;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import com.sun.istack.internal.Nullable;
public class SoapMessageHandler implements SOAPHandler<SOAPMessageContext> {
private String sessionCookie = "";
@Override
public void close(MessageContext arg0) { }
@SuppressWarnings({ "rawtypes", "unchecked" })
@Override
public Set getHeaders() {
return null;
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return false;
}
@Override
public boolean handleMessage(SOAPMessageContext soapMessageContext) {
if ((Boolean) soapMessageContext.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY)) {
// Add header to outbound request (set cookie in HTTP client header)
// Set the Cookie
Map<String, List<String>> headers = (Map<String, List<String>>)soapMessageContext.get(MessageContext.HTTP_REQUEST_HEADERS);
if (headers == null) {
headers = new HashMap<String, List<String>>();
soapMessageContext.put(MessageContext.HTTP_REQUEST_HEADERS, headers);
}
List<String> cookie = headers.get("Cookie");
if (cookie == null) {
cookie = new ArrayList<String>();
headers.put("Cookie", cookie);
}
cookie.add(sessionCookie);
} else {
// Read header from request (read cookie from server's HTTP headers)
Map<String, List<String>> map = (Map<String, List<String>>) soapMessageContext.get(MessageContext.HTTP_RESPONSE_HEADERS);
List<String> contentType = getHTTPHeader(map, "Set-Cookie");
// Note, only grabs last cookie value!
// If you need to present more than one cookie you could make
// sessionCookie a List<String> and modify this class accordingly.
if (contentType != null) {
StringBuffer strBuf = new StringBuffer();
for (String type : contentType) {
strBuf.append(type);
}
sessionCookie = strBuf.toString();
}
}
return true;
}
private @Nullable List<String> getHTTPHeader(Map<String, List<String>> headers, String header) {
for (Map.Entry<String, List<String>> entry : headers.entrySet()) {
String name = entry.getKey();
if (header != null && name !=null) {
if (name.equalsIgnoreCase(header))
return entry.getValue();
}
}
return null;
}
}
这也需要HandlerResolver:
import java.util.ArrayList;
import java.util.List;
import javax.xml.ws.handler.Handler;
import javax.xml.ws.handler.HandlerResolver;
import javax.xml.ws.handler.PortInfo;
public class SoapHandlerResolver implements HandlerResolver {
@SuppressWarnings("unchecked")
public List<Handler> getHandlerChain(PortInfo portInfo) {
List<Handler> handlerChain = new ArrayList<Handler>();
handlerChain.add(new SoapMessageHandler());
return handlerChain;
}
}
扩展HandlerResolver调用,像这样的SOAP服务时,则调用:
ExampleService exampleService = new ExampleService();
exampleService.setHandlerResolver(new SoapHandlerResolver());
Example example = exampleService.getExampleServicePort();
example.myMethod();
对于我们来说,这对于Java 6来说是有效的,但仅限于支持一个Cookie标头(尽管可以进行简单修改以支持多个Cookie标头)。
注意:如果像我们一样,你必须通过多个服务之间的相同的会话cookie(好象在SOAP服务饼干还不够糟糕)而不是此:
private String sessionCookie = "";
你可以只做到这一点:
static private String sessionCookie = "";
这是超级哈克,并可能会或可能不是你根据服务(和你的代码)是如何工作的,以及如何可以会话,你可以对远程服务的工作,所以我建议比在生产中使用静态更复杂的东西。
也许你的cookie被存储在数据库中的web服务的终端和服务器只给你一个会话ID的服务。顺便说一下,你是否尝试过一个自定义HTTP头,比如“X-MyCustomHeader:my value”,而不是Cookie头? –