<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

    xmlns:context="http://www.springframework.org/schema/context"

    xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="http://www.springframework.org/schema/beans

    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

    http://www.springframework.org/schema/context

    http://www.springframework.org/schema/context/spring-context-3.0.xsd

    http://cxf.apache.org/jaxws

    http://cxf.apache.org/schemas/jaxws.xsd">

    <import resource="classpath:META-INF/cxf/cxf.xml" />

    <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />

    <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />

    <!-- 客户端Portal配置webservice -->

    <!-- cxf服务端安全认证 Webservice -->

    <bean id="scurityServiceBean" class="cn.edu.hbcf.privilege.ws.impl.SeurityServiceImpl">

    </bean>

    <jaxws:endpoint id="seurityService" address="/SecurityService"

        implementor="#scurityServiceBean">

        <jaxws:inInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />

            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

            <!--  <bean class="cn.edu.hbcf.privilege.ws.interceptor.ClientInterceptor"/> -->

        </jaxws:inInterceptors>

        <jaxws:outInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />

        </jaxws:outInterceptors>

    </jaxws:endpoint>

    <jaxws:endpoint id="userService" address="/UserService"

        implementor="#userWebServiceImpl">

        <jaxws:inInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />

            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

            <bean class="cn.edu.hbcf.privilege.ws.interceptor.ClientInterceptor"/>

        </jaxws:inInterceptors>

    </jaxws:endpoint>

    <jaxws:endpoint id="cxfSecuityService"  address="/getCxfSecuityService"

        implementor="#cxfSecuityServiceImpl">

        <jaxws:inInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />

            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

        </jaxws:inInterceptors>

    </jaxws:endpoint>

</beans>
SecurityService 
package cn.edu.hbcf.privilege.ws;

import java.util.List;

import javax.jws.WebParam;

import javax.jws.WebService;

import javax.xml.soap.SOAPException;

import cn.edu.hbcf.common.vo.Criteria;

import cn.edu.hbcf.privilege.pojo.BaseModules;

import cn.edu.hbcf.privilege.pojo.BaseUsers;

@WebService

public interface SecurityService {

     /**

     * 登录事件,返回登录状态

     * @param criteria

     * @return

     */

    String selectByBaseUser(@WebParam(name = "criteria")

    Criteria criteria);

    BaseUsers selectByExample(@WebParam(name = "criteria")

            Criteria criteria);

    /**

     * 用户登录

     * @param account 账号 必需

     * @param password 密码 必需

     * @return  登录成功则返回01 否则返回失败信息

     */

    String checkLogin(@WebParam(name="account") String account,@WebParam(name="password") String password,@WebParam(name="token") String token) throws SOAPException;

    /**

     * 根据用户账号返回用户信息

     * @param account

     * @return

     */

    BaseUsers getUserByAccount(@WebParam(name="account") String account,@WebParam(name="token") String token) throws SOAPException;

    /**

     * 返回用户权限

     * @param baseUsers

     * @return

     */

    List<BaseModules> getMobileModules(@WebParam(name="account")  String account,@WebParam(name="token") String token) throws SOAPException;

}
package cn.edu.hbcf.privilege.ws.impl;

import java.util.List;

import javax.jws.WebService;

import javax.xml.soap.SOAPException;

import org.apache.commons.codec.digest.DigestUtils;

import org.apache.commons.lang.StringUtils;

import org.springframework.beans.factory.annotation.Autowired;

import cn.edu.hbcf.common.vo.Criteria;

import cn.edu.hbcf.common.vo.TreeMenu;

import cn.edu.hbcf.framework.service.AbstractRegisterService;

import cn.edu.hbcf.privilege.dao.BaseUsersMapper;

import cn.edu.hbcf.privilege.pojo.BaseModules;

import cn.edu.hbcf.privilege.pojo.BaseUsers;

import cn.edu.hbcf.privilege.service.BaseRoleModuleService;

import cn.edu.hbcf.privilege.service.BaseUsersService;

import cn.edu.hbcf.privilege.ws.SecurityService;

@WebService(serviceName = "securityService", portName = "securityServicePort", endpointInterface = "cn.edu.hbcf.privilege.ws.SecurityService")

public class SeurityServiceImpl extends AbstractRegisterService implements

        SecurityService {

    private final String TOKEN = "8b1749f054d35ea24ea4101eccbabb7e";

    @Autowired

    private BaseUsersService userService;

    @Autowired

    private BaseUsersMapper userMapper;

    @Autowired

    private BaseRoleModuleService baseRoleModuleService;

    @Override

    public String checkLogin(String account, String password, String token)

            throws SOAPException {

        if (TOKEN.equals(token)) {

            if (StringUtils.isBlank(account)) {

                throw new SOAPException("用户账号account不能为空!");

            }

            if (StringUtils.isBlank(password)) {

                throw new SOAPException("用户密码password不能为空!");

            }

            Criteria criteria = new Criteria();

            password = DigestUtils.md5Hex(password);

            criteria.put("account", account);

            criteria.put("passwordIn", password);

            return userService.selectByBaseUser(criteria);

        } else {

            throw new SOAPException("用户权限不足!");

        }

    }

    @Override

    public List<BaseModules> getMobileModules(String account,String token)

            throws SOAPException {

        if (TOKEN.equals(token)) {

        if (StringUtils.isBlank(account)) {

            throw new SOAPException("用户账号account不能为空!");

        }

        BaseUsers baseUser = new BaseUsers();

        List<String> roleIdList = baseRoleModuleService

                .getUserRoleList(baseUser);

        baseUser.setRoleIdList(roleIdList);

        Criteria c = new Criteria();

        c.put("user", baseUser);

        c.put("appId", 12);

        TreeMenu menu = baseRoleModuleService.selectModulesByUser(c);

        return menu.getList();

        } else {

            throw new SOAPException("用户权限不足!");

        }

    }

    @Override

    public BaseUsers getUserByAccount(String account,String token) throws SOAPException {

        if (TOKEN.equals(token)) {

        if (StringUtils.isBlank(account)) {

            throw new SOAPException("用户账号account不能为空!");

        }

        BaseUsers user = null;

        Criteria c = new Criteria();

        c.put("account", account);

        List<BaseUsers> userList = userMapper.queryUserList(c);

        if (userList.size() > 0) {

            user = userList.get(0);

        }

        return user;

        } else {

            throw new SOAPException("用户权限不足!");

        }

    }

    @Override

    public String selectByBaseUser(Criteria criteria) {

        // TODO Auto-generated method stub

        return userService.selectByBaseUser(criteria);

    }

    @Override

    public BaseUsers selectByExample(Criteria criteria) {

          BaseUsers user = null;

            List<BaseUsers> userList = userService.selectByExample(criteria);

            if(userList.size()>0){

                user = userList.get(0);

                user.setRoleIdList(baseRoleModuleService.getUserRoleList(user));

            }

            return user;

    }

}

CxfSecuityService

package cn.edu.hbcf.privilege.ws;

import javax.jws.WebParam;

import javax.jws.WebService;

@WebService

public interface CxfSecuityService {

    String registerUser(@WebParam(name="userName")String userName,@WebParam(name="password") String password);  

}

CxfSecuityServiceImpl

package cn.edu.hbcf.privilege.ws.impl;

import java.util.List;

import javax.annotation.Resource;

import javax.jws.WebService;

import javax.servlet.http.HttpSession;

import javax.xml.ws.WebServiceContext;

import javax.xml.ws.handler.MessageContext;

import org.apache.commons.codec.digest.DigestUtils;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.stereotype.Service;

import cn.edu.hbcf.common.vo.Criteria;

import cn.edu.hbcf.framework.dao.FrameworkMapper;

import cn.edu.hbcf.framework.pojo.APIKeyWebservice;

import cn.edu.hbcf.privilege.dao.BaseAPIKeysMapper;

import cn.edu.hbcf.privilege.pojo.BaseAPIKeys;

import cn.edu.hbcf.privilege.ws.CxfSecuityService;

@Service

@WebService(serviceName = "cxfSecuityService", portName = "cxfSecuityServicePort", endpointInterface = "cn.edu.hbcf.privilege.ws.CxfSecuityService")

public class CxfSecuityServiceImpl implements CxfSecuityService{

      @Resource

      private WebServiceContext wsContext;

      private MessageContext mc;

      private HttpSession session;     

      @Autowired

        private BaseAPIKeysMapper keyMapper;

        @Autowired

        private FrameworkMapper frameWorkMapper;

    @Override

    public String registerUser(String userName, String password) {

        Criteria criteria = new Criteria();

        criteria.put("keyName", userName);

        List<BaseAPIKeys> keysList = keyMapper.selectByExample(criteria);

        if (!keysList.isEmpty()) {

            BaseAPIKeys userKey = keysList.get(0);

            password = DigestUtils.md5Hex(password);

            if (password.equals(userKey.getKeyPassword())) {

                 mc = wsContext.getMessageContext();     

                session = ((javax.servlet.http.HttpServletRequest) mc

                        .get(MessageContext.SERVLET_REQUEST)).getSession();

                ((javax.servlet.ServletContext) mc

                        .get(MessageContext.SERVLET_CONTEXT)) .setAttribute(

                        "session", session);

                session.setAttribute("msg", "ok");

                criteria.clear();

                criteria.put("key_id", userKey.getKeyId());

                List<APIKeyWebservice> list = frameWorkMapper.queryListByAPIKeyId(criteria);

                session.setAttribute("perm", list);

                return "认证成功!";

            }

        }

        return "认证失败!";

    }

}

spring-webservice.xml的更多相关文章

  1. Spring WebService 和 搜索

    参考文章: http://blog.csdn.net/kkdelta/article/details/7290769 云计算中主流的Web服务有两种: 1.WebService.内容比较沉重,技术人员 ...

  2. spring web.xml 难点配置总结

    web.xml web.xml是所有web项目的根源,没有它,任何web项目都启动不了,所以有必要了解相关的配置. ContextLoderListener,ContextLoaderServlet, ...

  3. [Java] 解决spring的xml标签内不能自由增加说明的难题,方便调试、部署时进行批量屏蔽

    作者:zyl910 以往我们想在spring的xml配置文件中增加说明文本时,只能使用xml注释(<!-- 注释 -->).这对于"调试.部署时想批量屏蔽部分bean" ...

  4. Spring 通过XML配置文件以及通过注解形式来AOP 来实现前置,环绕,异常通知,返回后通知,后通知

    本节主要内容: 一.Spring 通过XML配置文件形式来AOP 来实现前置,环绕,异常通知     1. Spring AOP  前置通知 XML配置使用案例     2. Spring AOP   ...

  5. Spring AOP:面向切面编程,AspectJ,是基于spring 的xml文件的方法

    导包等不在赘述: 建立一个接口:ArithmeticCalculator,没有实例化的方法: package com.atguigu.spring.aop.impl.panpan; public in ...

  6. SPRING IN ACTION 第4版笔记-第七章Advanced Spring MVC-002- 在xml中引用Java配置文件,声明DispatcherServlet、ContextLoaderListener

    一.所有声明都用xml 1. <?xml version="1.0" encoding="UTF-8"?> <web-app version= ...

  7. Web.xml配置详解之context-param (加载spring的xml,然后初始化bean看的)

    http://www.cnblogs.com/goody9807/p/4227296.html(很不错啊) 容器先加载spring的xml,然后初始化bean时,会为bean赋值,包括里面的占位符

  8. Spring读取xml配置文件的原理与实现

    本篇博文的目录: 一:前言 二:spring的配置文件 三:依赖的第三方库.使用技术.代码布局 四:Document实现 五:获取Element的实现 六:解析Element元素 七:Bean创造器 ...

  9. spring整合mybatis错误:class path resource [config/spring/springmvc.xml] cannot be opened because it does not exist

    spring 整合Mybatis 运行环境:jdk1.7.0_17+tomcat 7 + spring:3.2.0 +mybatis:3.2.7+ eclipse 错误:class path reso ...

  10. ideal中spring的xml文件没有提示的问题

    ideal中spring的xml文件没有提示的问题 今天第一次用ideal来练习spring,发现和视频中老师不一样,我的没有提示.老师的视频里,他写了个<mvc:a   就会有一系列的提示,然 ...

随机推荐

  1. 提升JavaScript递归效率:Memoization技术详解[转载]

    递归是拖慢脚本运行速度的大敌之一,太多的递归会让浏览器变得越来越慢直到死掉或者莫名其妙的突然自动退出.这里我们可以通过memoization技术来替代函数中太多的递归调用,提升JavaScript效率 ...

  2. 【算法导论C++代码】最大子数组

    #define Inf 65535 #include <iostream> using namespace std; void FindMaxCrossingSubarray(int *A ...

  3. http_load压力测试使用

    介绍:http_load以并行复用的方式运行,用以测试web服务器的吞吐量与负载.但是它不同于大多数压力测试工具,它可以以一个单一的进程运行,一般不会把客户机搞死.还可以测试HTTPS类的网站请求. ...

  4. java中的初始化块

    public class Person { int a=6;//声明实例变量制定默认值,也可以认为是对象的初始化代码,执行顺序与源代码中的排列顺序相同 { System.out.println(&qu ...

  5. iOS NSFileManager对沙盒文件及目录添加删除操作

    iOS 使用 NSFileManager对沙盒里面的文件和目录,增加,修改,删除操作: - (void)viewDidLoad { [super viewDidLoad]; self.title = ...

  6. 制作mac U盘启动

    之前在windows电脑上装系统,U盘,光盘都可以! 当然在mac电脑上也是可以的! 公司电脑mac mini 没有光驱,只有用U盘装了!折腾了一天,就是做不上10.9的U盘启动,最后发现是,10.9 ...

  7. ACE中静态实例管理方式

    ACE中的很多类使用了单例模式,为了便于管理单例对象,ACE使用了一个组件——ACE_Framework_Component来专门管理. 我们以ACE_Reactor这个单例类的创建和释放为例. 1. ...

  8. 在Docker里使用(支持镜像继承的)supervisor管理进程(转)

    这篇文章是受 dockboard 之托帮忙翻译的与 docker 有关的技术文章.译自 Using Supervisor with Docker to manage processes (suppor ...

  9. lsb_release: command not found 解决

    问题:lsb_release 是查看系统版本信息的工具 [root@localhost ~]# lsb_release -a-bash: lsb_release: command not found ...

  10. 企业信息系统集成框架(设计思路)C++模式

    设计要求: 1.企业信息系统框架.第三方产品通过接口层进行分层. 2.企业信息系统框架如何自由的继承第三方产品:通过一个抽象类.(软件设计要求:模块要求松,接口要求紧). 设计步骤: 1.报文的接受与 ...