有几个原则:
1. 统一接口、统一方法、统一加密解密方式、统一WebService安全认证方式
新工程确认jar是否存在 sxnic-ws-xxx.jar(此包中包括接口、安全认证、WebService客户工具类) sxnic-comm-3.0.0.jar(此包包括Base64加密解密工具类及Json工具类)
2.加密解密要求:客户端对三个参数都加密,服务端返回的json中只加密业务数据,对status和message不加密
接口如下,仅供参考,无需自己创建
[code="java"]
@WebService
public interface SxnicWebService {
/**
*
* @param siteCode 子系统的编码
* @param func 调用方法名
* @param params
* @return
*/
public String execute(String siteCode,String func,String params);
}
[/code]
服务端配置
首先实现WebService接口,如下
[code="java"]
@WebService
@Service("UcenterNewWebServiceBean")
public class UcenterNewWebServiceImpl implements SxnicWebService {
private static Logger logger = LoggerFactory.getLogger(UcenterNewWebServiceImpl.class);
@Autowired
private WebsiteManager siteManager;
@Autowired
private UserExtManager ueManager;
@Autowired
private UserManager userManager;
private String msg;
private String result;
@Override
public String execute(String siteCode, String func, String params) {
logger.debug("===UcenterNewWebServiceImpl===execute start===");
msg = "200";
result = "";
innoExecute(siteCode, func, params);
if ("200".equals(msg)) {
// 无需回传数据
if (StringUtils.isBlank(result)) {
logger.debug("===UcenterNewWebServiceImpl===处理成功,无需返回数据直接返回Json===");
result = MsgUtils.crtSuccessMsg("json");
} else {
logger.debug("===UcenterNewWebServiceImpl===处理成功,需返回业务数据===");
result = MsgUtils.crtSuccessMsg(Base64Utils.encode(result), "json");
}
} else {
logger.warn("===UcenterNewWebServiceImpl===errorCode:{}===", msg);
result = MsgUtils.crtErrorMsg(msg, "json");
}
logger.debug("===UcenterNewWebServiceImpl===execute end===status:" + msg);
return result;
}
public void innoExecute(String siteCode, String func, String params) {
try {
if (StringUtils.isBlank(siteCode) || StringUtils.isBlank(func)) {
msg = "450";
return;
}
// 解密
siteCode = Base64Utils.dccode(siteCode);
func = Base64Utils.dccode(func);
if (StringUtils.isNotBlank(params)) {
params = Base64Utils.dccode(params);
if (JsonUtils.isBadJson(params)) {
msg = "451";
return;
}
}
logger.debug("===UcenterNewWebServiceImpl===参数={}={}={}", new String[] { siteCode, func, params });
// 验证siteCode合法性
if (!"dcenter".equals(siteCode) && !WsConstants.WEBSITE_MAP.containsKey(siteCode)) {
msg = "452";
return;
}
Gson gson = new Gson();
// 判断func
if ("getWebSite".equals(func)) {
// params参数解析,如果没有参数表示查询所有的,如果有参数那么设定参数格式"code":"c1,c2,c3"
// 具体方法调用
if (StringUtils.isBlank(params)) {
result = UcenterWsUtils.WebsiteListtoJson(siteManager.findBy("enabled", true));
} else {
String[] codes = StringUtils.split(StringUtils.substringBetween(params, ":\"", "\""), ",");
HibernateCriteria hc = new HibernateCriteria();
hc.add(Restrictions.in("code", codes));
result = UcenterWsUtils.WebsiteListtoJson(siteManager.getByCriteria(hc));
}
} else if ("getDept".equals(func)) {
// 组织机构
if (StringUtils.isBlank(params)) {
result = UcenterWsUtils.UserExttoJson(ueManager.findBy("userType", UserExt.USERTYPE_XZDW));
}
} else if ("login".equals(func)) {
Map<String, String> map = gson.fromJson(params, Map.class);
// 登陆授权
String usn = map.get("usn");
String pwd = map.get("pwd");
// 判断参数是否有效
if (StringUtils.isBlank(usn) || StringUtils.isBlank(pwd)) {
msg = "201";
return;
}
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(usn, pwd, false);
try {
subject.login(token);
} catch (UnknownAccountException ex) {
msg = "210";
return;
} catch (LockedAccountException lae) {
msg = "211";
return;
} catch (AuthenticationException e) {
msg = "212";
return;
} catch (Exception exp) {
msg = "212";
return;
}
String username = subject.getPrincipal().toString();
User user = userManager.findByUnique("username", username);
if (user != null) {
// 设置user的最后登录时间
user.setLastLoginDate(new Date());
user.setLastLoginClient("wsuc_" + siteCode);
userManager.save(user);
}
result = "{\"roles\":\"" + user.getStringRoles() + "\"}";
} else if ("creUser".equals(func)) {
// 创建用户
Map<String, String> map = gson.fromJson(params, Map.class);
// 登陆授权
String username = map.get("username");
String password = map.get("password");
String email = map.get("email");
if (StringUtils.isBlank(username) || StringUtils.isBlank(password) || StringUtils.isBlank(email)) {
msg = "201";
return;
}
User user = userManager.getUserByUsername((String) map.get("username"));
if (user != null) {
msg = "218";
return;
}
user = userManager.getUserByEmail((String) map.get("email"));
if (user != null) {
msg = "219";
return;
}
user = new User();
user.setUsername((String) map.get("username"));
user.setFullname((String) map.get("fullname"));
user.setPassword((String) map.get("password"));
user.setEmail((String) map.get("email"));
// user.setIdcard((String)map.get("idcard"));
user.setProblem((String) map.get("problem"));
user.setAnswer((String) map.get("answer"));
user.setWebsiteId(siteCode);
user.setPassword(DigestUtils.md5Hex(user.getPassword()));// 对用户+密码加密
user.setPriority(10);
user.setUserOrder(1000);
user.setEnabled(true);
user.setCreationDate(new Date());
try {
userManager.save(user);
} catch (Exception e) {
msg = "220";
return;
}
} else {
// func错误
msg = "453";
return;
}
} catch (DecodeException e) {
msg = "450";
return;
} catch (Exception e) {
msg = "500";
return;
}
}
}
[/code]
spring-cxf配置文件
[code="java"]
<jaxws:endpoint id="nucenterSerivce" implementor="#UcenterNewWebServiceBean"
address="/nwsuc">
<jaxws:inInterceptors>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<ref bean="sxnicWsAuthHandler" />
</jaxws:inInterceptors>
</jaxws:endpoint>
<bean id="sxnicWsAuthHandler" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType" value="PasswordText" />
<entry key="passwordCallbackRef">
<ref bean="wsServerAuthHandler" />
</entry>
</map>
</constructor-arg>
</bean>
[/code]
客户端
工具类WsClientUtils
包括两个常用的方式:getUcenterService获取用户中心Service 和 getDcenterService获取数据中心Service
注意上述两方法需要在属性表中有两个参数:ucenter.wsurl 和dcenter.wsurl
客户端Demo(带安全认证)
[code="java"]
/**
* 根据WebService的URL建立客户端
*
* @param url
* @return
* @throws WebServiceException
*/
public static SxnicWebService getServiceByUrl(String url) throws WebServiceException {
try {
JaxWsProxyFactoryBean svr = new JaxWsProxyFactoryBean();
svr.setServiceClass(SxnicWebService.class);
svr.setAddress(url);
Map<String, Object> props = new HashMap<String, Object>();
props.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
// 这个WSHandlerConstants.USER 变量暂时不知道什么作用,但是必须有
props.put(WSHandlerConstants.USER, "sxnic");
props.put(WSHandlerConstants.PASSWORD_TYPE, "PasswordText");
props.put(WSHandlerConstants.PW_CALLBACK_CLASS, WsClientAuthHandler.class.getName());
WSS4JOutInterceptor oi = new WSS4JOutInterceptor(props);
svr.getOutInterceptors().add(new SAAJOutInterceptor());
svr.getOutInterceptors().add(oi);
return (SxnicWebService) svr.create();
} catch (Exception e) {
throw new WebServiceException("===WebService客户端构建异常!===");
}
}
[/code]
工具类:
[code="java"]
public class UcenterWsUtils {
/**
* 把WebSite子站点List转换为Json
* @param list
* @return
*/
public static String WebsiteListtoJson(List<Website> list) {
if (list == null || list.size() == 0) {
return "{}";
}
StringBuffer sb = new StringBuffer();
sb.append("[");
for (Website ws : list) {
sb.append("{");
sb.append("\"code\":\"" + ws.getCode() + "\",");
sb.append("\"name\":\"" + ws.getName() + "\",");
sb.append("\"str1\":\"" + (StringUtils.isBlank(ws.getTokenCode()) ? "token" : ws.getTokenCode()) + "\",");
sb.append("\"str2\":\"" + (StringUtils.isBlank(ws.getUrl()) ? "url" : ws.getUrl()) + "\",");
sb.append("\"str3\":\"" + (StringUtils.isBlank(ws.getWsurl()) ? "wsurl" : ws.getWsurl()) + "\"},");
}
return StringUtils.removeEnd(sb.toString(), ",") + "]";
}
/**
* 把服务器返回来的Json中data部分,转化为map,适用于data部分加密的情况下
* @param json
* @return
*/
public static Map<String, WrapperBean> JsonDatatoWebsiteMap(String json) {
if (JsonUtils.isBadJson(json)) {
return null;
}
Gson gson = new Gson();
Map<String, WrapperBean> map = new HashMap<String, WrapperBean>();
List<WrapperBean> list = gson.fromJson(json, new TypeToken<List<WrapperBean>>() {
}.getType());
for (WrapperBean b : list) {
map.put(b.getCode(), b);
}
return map;
}
/**
* 把服务器返回来的Json,转化为map,json不加密的情况下
* @param json
* @return
*/
public static Map<String, WrapperBean> JsontoWebsiteMap(String json) {
Map<String, WrapperBean> map = new HashMap<String, WrapperBean>();
if (JsonUtils.isBadJson(json)) {
return null;
}
Gson gson = new Gson();
Map<String, Object> map1 = gson.fromJson(json, Map.class);
List<Map> listmap = (List<Map>) map1.get("data");
for (Map u : listmap) {
WrapperBean b = gson.fromJson(u.toString(), WrapperBean.class);
map.put(b.getCode(), b);
}
return map;
}
}
[/code]
WebService实现类的单元测试
[code="java"]
public class UcenterNewWsImplTest extends CommSpringJunitTest {
@Autowired
private SxnicWebService service;
@Autowired
private BaseCodeManager bcManager;
@Autowired
private PropertyManager ptManager;
@Autowired
private WebsiteManager siteManager;
String token = "";
String func = "";
String params = "";
@Test
public void testGetWebSite() {
bcManager.initNoYear();
CommConstant.PROPERTY_MAP = ptManager.init();
//清空数据
siteManager.clear();
//准备数据
Website w = new Website();
w.setCode("ucenter");
w.setName("用户中心");
w.setWsurl("wsurl");
w.setUrl("url");
w.setTokenCode("tokenCode-ucenter");
siteManager.save(w);
w = new Website();
w.setCode("shenbao");
w.setName("申报系统");
w.setWsurl("wsurl");
w.setUrl("url");
w.setTokenCode("tokenCode-shenbao");
siteManager.save(w);
token = Base64Utils.encode("dcenter");
func = Base64Utils.encode("getWebSite");
params = "";
//方法调用
String result = service.execute(token, func, params);
//结果解析
Gson gson = new Gson();
Map<String, Object> map = gson.fromJson(result, Map.class);
//结果验证
Assert.assertEquals("200", map.get("status"));
String data = Base64Utils.dccode(String.valueOf(map.get("data")));
List<WrapperBean> list = gson.fromJson(data, new TypeToken<List<WrapperBean>>() {
}.getType());
Assert.assertEquals(2, list.size());
Assert.assertEquals("ucenter", list.get(0).getCode());
Map<String, WrapperBean> map1 = UcenterWsUtils.JsonDatatoWebsiteMap(data);
Assert.assertEquals(2, map1.size());
Assert.assertTrue(map1.containsKey("shenbao"));
Assert.assertEquals("用户中心", map1.get("ucenter").getName());
}
}
[/code]