Java and .NET's WS-Security-based Web Services integration implementation (below) RottenApple
4. Open JBuilder9, create a new Java class, named TestNetService. Add the AXIS-WSSE-1.0 JAR Pack to JBuilder's JDK (Tools-> CONFISISIS JDKS-> Class Tab-> add) code as follows:
Package mywebservicejavaclient;
Import java.util.date;
Import java.text.dateFormat;
Import org.apache.axis.MessageContext;
Import org.apache.axis.message. *;
Import org.apache.axis.client. *;
Import org.apache.axis.utils. *;
Import javax.xml.namespace.qname;
Import java.lang.integer;
Import javax.xml.rpc.parametermode;
Import net.vitale.filippo.axis.handlers.wsseclienthandler;
/ **
*
Title:
*
description:
*
Copyright: Copyright (C) 2004
*
company:
* @Author NOT Attributable
* @version 1.0
* /
Public class testnetService {
STATIC STRING Usernames = NULL;
STATIC STRING Passwords = NULL;
Public TestNetService () {
}
Public static void main (String [] args) {
Try {
Integer i = new integer (2);
Integer J = New Integer (2);
String endpoint = "http://localhost/myservices/webservicetest/sumservice.asmx";
Service service = new service ();
Call call = (call) service.createcall ();
Call.SettargetendPointdaddress (New Java.net.URL (Endpoint));
Call.SetoperationName (New QName ("http://www.contoso.com/su", "intadd");
Call.addparameter ("a", org.apache.axis.encoding.xmltype.xsd_date, javax.xml.rpc.parametermode.in);
Call.addparameter ("B", org.apache.axis.encoding.xmltype.xsd_date, javax.xml.rpc.parameterMode.in);
Call.setReturntype (Org.Apache.axis.Encoding.xmltype.xsd_int);
Call.SetusesoApaction (TRUE); Call.SetsoApactionuri ("http://www.contoso.com/rpc");
// Add a user token
Usernames = "username";
Passwords = "love";
Call.setUsername (usernames);
Call.SetPassword (Passwords);
Call.SetProperty (wsseclienthandler.password_option, wsseclienthandler.password_digest_with_nonce);
Call.setClientHandlers (New WSSeclientHandler (), NULL);
Integer K = (Integer) Call.Invoke (New Object [] {i, j});
System.out.println ("Result IS" K.ToString () ".");
}
Catch (org.apache.axis.axisfault e)
{
IF (E.GETFAULTCODE (). TOSTRING () .Equals ("{http://schemas.xmlsoap.org/ws/2002/07/secext }failedAuthentication"))))))
System.err.Println ("The Usernametoken and Password Aren't Right!");
Else {
System.err.println (E.GETFAULTCODE (). TOSTRING ());
}
}
Catch (Exception E)
{
System.err.println (e.tostring ());
}
}
}
5. Compile and run this Java program, the execution results are as follows:
The UserName and Password Aren't Right!
It can be seen that in the PasswordProvider class in Web Services, the getPassword () method is used to return the corresponding password. In the example above, since UserName = "Usename", getPassword returns "password", while the password passed by Java is "love", so both do not match. The system will throw an exception, we capture in Java and display your prompt information.
6. Modify some Java code and run
Passwords = "love"; replace it to passwords = "password"; recompile operation, the result is as follows:
Result is 4.
In this way, you can see that the username and password sent by the Java client are authenticated in Web Services, and execute the INTADD method, returning the correct calculation results. At this point, a simple WS-Security-based Java client is basically realized with .NET Web Services.
4: Scalable place
1. The username of the Java side, the password is available from the UI interface.
2. The password transmission mode of the Java end can be freely selected.
3. The password of the Web Service end can be obtained from the database, AD, file, etc.
4. The exception information after the verification error of the web service end can be customized.
5. You can use X.509 as a certificate, add a third-party digital signature authentication (current ASIX-WSSE1.0 is not implemented) 6. Interested friends can take a look at the source code of Axis-WSSE-1.0, very simple, just a file, but I look very hard, because I call a lot of Axis, I am not familiar, so I don't understand ,Ha ha.
Five: Insufficient
1. The X.509 is included in WS-Security, but there is currently no Java-based open source implementation. IBM's WebSphere has a corresponding implementation.
2. I personally think this is also a big problem called inter-platform-based different platforms in Web Services is an abnormal process. At present, my personal feeling is a record to the log. If you want to capture exception information from different systems, it is indeed a difficult thing, I don't know who has a good way. I found that there are very few things in this area in the online books of Web Services. Maybe everyone is not familiar with it (outside of me).
reference:
ASIX-WSSE-1.0: http://sourceforge.net/projects/axis-wsse/
WSE1.0: http://msdn.microsoft.com/webservices/building/wse/default.aspx
I have limited ability, I hope not to misunderstood, there is a mistake to point out in time, or contact Email
DLUT_CHEN@hotmail.com (msn)
