WebService基础 | Handler

1. 作用

  (1) 对客户的认证和授权

  (2) 将用户的操作写入日志

  (3) 加密和解密

  (4)webService对象的缓存

2. 实现过程

  (1) 接口的方式：org.apache.axis.Handler

  (2) 继承的方式：org.apache.axis.handlers.BasicHandler

import org.apache.axis.AxisFault;
import org.apache.axis.MessageContext;
import org.apache.axis.handlers.BasicHandler;
import org.apache.axis.security.AuthenticatedUser;
import org.apache.axis.security.SecurityProvider;
import org.apache.axis.security.simple.SimpleSecurityProvider;

/**
 * 认证Handler
 * @author Xder
 *
 */
public class AuthenticationHandler extends BasicHandler{
    
    // 定义认证的参数信息
    private String securityProvider="securityProvider";
    private String unauthenticated="unauthenticated";
    private String authenticatedUser="authenticatedUser";
    private String canAuth="canAuth";
    
    public void invoke(MessageContext msgContext) throws AxisFault {
        System.out.println("AuthenticationHandler : invoke : start");
        
        SecurityProvider provider = (SecurityProvider) msgContext.getProperty(securityProvider);
        // 判断当前安全机制的状态 
        if( provider == null ) {
            // 创建安全级别
            provider = new SimpleSecurityProvider();
            // 将安全级别设置到当前的ws服务中
            msgContext.setProperty(securityProvider, provider);
            
        } 
        if ( provider != null){
            // 获取当前ws服务的认证信息
            String userid = msgContext.getUsername();
            String password = msgContext.getPassword();
            System.out.println("userid="+userid+", password="+password);
            // 对访问的用户进行认证
            AuthenticatedUser authUser = provider.authenticate(msgContext);
            if( authUser == null ) {
                throw new AxisFault(unauthenticated, "error", null, null);
            }
            msgContext.setProperty(authenticatedUser, authUser);
        }
        System.out.println("AuthenticationHandler : invoke : end");
    }
    

}

  (3) Handler配合Service出现