<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

    xmlns:context="http://www.springframework.org/schema/context"

    xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="http://www.springframework.org/schema/beans

    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

    http://www.springframework.org/schema/context

    http://www.springframework.org/schema/context/spring-context-3.0.xsd

    http://cxf.apache.org/jaxws

    http://cxf.apache.org/schemas/jaxws.xsd">

    <import resource="classpath:META-INF/cxf/cxf.xml" />

    <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />

    <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />

    <!-- 客户端Portal配置webservice -->

    <!-- cxf服务端安全认证 Webservice -->

    <bean id="scurityServiceBean" class="cn.edu.hbcf.privilege.ws.impl.SeurityServiceImpl">

    </bean>

    <jaxws:endpoint id="seurityService" address="/SecurityService"

        implementor="#scurityServiceBean">

        <jaxws:inInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />

            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

            <!--  <bean class="cn.edu.hbcf.privilege.ws.interceptor.ClientInterceptor"/> -->

        </jaxws:inInterceptors>

        <jaxws:outInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />

        </jaxws:outInterceptors>

    </jaxws:endpoint>

    <jaxws:endpoint id="userService" address="/UserService"

        implementor="#userWebServiceImpl">

        <jaxws:inInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />

            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

            <bean class="cn.edu.hbcf.privilege.ws.interceptor.ClientInterceptor"/>

        </jaxws:inInterceptors>

    </jaxws:endpoint>

    <jaxws:endpoint id="cxfSecuityService"  address="/getCxfSecuityService"

        implementor="#cxfSecuityServiceImpl">

        <jaxws:inInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />

            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

        </jaxws:inInterceptors>

    </jaxws:endpoint>

</beans>
SecurityService 
package cn.edu.hbcf.privilege.ws;

import java.util.List;

import javax.jws.WebParam;

import javax.jws.WebService;

import javax.xml.soap.SOAPException;

import cn.edu.hbcf.common.vo.Criteria;

import cn.edu.hbcf.privilege.pojo.BaseModules;

import cn.edu.hbcf.privilege.pojo.BaseUsers;

@WebService

public interface SecurityService {

     /**

     * 登录事件,返回登录状态

     * @param criteria

     * @return

     */

    String selectByBaseUser(@WebParam(name = "criteria")

    Criteria criteria);

    BaseUsers selectByExample(@WebParam(name = "criteria")

            Criteria criteria);

    /**

     * 用户登录

     * @param account 账号 必需

     * @param password 密码 必需

     * @return  登录成功则返回01 否则返回失败信息

     */

    String checkLogin(@WebParam(name="account") String account,@WebParam(name="password") String password,@WebParam(name="token") String token) throws SOAPException;

    /**

     * 根据用户账号返回用户信息

     * @param account

     * @return

     */

    BaseUsers getUserByAccount(@WebParam(name="account") String account,@WebParam(name="token") String token) throws SOAPException;

    /**

     * 返回用户权限

     * @param baseUsers

     * @return

     */

    List<BaseModules> getMobileModules(@WebParam(name="account")  String account,@WebParam(name="token") String token) throws SOAPException;

}
package cn.edu.hbcf.privilege.ws.impl;

import java.util.List;

import javax.jws.WebService;

import javax.xml.soap.SOAPException;

import org.apache.commons.codec.digest.DigestUtils;

import org.apache.commons.lang.StringUtils;

import org.springframework.beans.factory.annotation.Autowired;

import cn.edu.hbcf.common.vo.Criteria;

import cn.edu.hbcf.common.vo.TreeMenu;

import cn.edu.hbcf.framework.service.AbstractRegisterService;

import cn.edu.hbcf.privilege.dao.BaseUsersMapper;

import cn.edu.hbcf.privilege.pojo.BaseModules;

import cn.edu.hbcf.privilege.pojo.BaseUsers;

import cn.edu.hbcf.privilege.service.BaseRoleModuleService;

import cn.edu.hbcf.privilege.service.BaseUsersService;

import cn.edu.hbcf.privilege.ws.SecurityService;

@WebService(serviceName = "securityService", portName = "securityServicePort", endpointInterface = "cn.edu.hbcf.privilege.ws.SecurityService")

public class SeurityServiceImpl extends AbstractRegisterService implements

        SecurityService {

    private final String TOKEN = "8b1749f054d35ea24ea4101eccbabb7e";

    @Autowired

    private BaseUsersService userService;

    @Autowired

    private BaseUsersMapper userMapper;

    @Autowired

    private BaseRoleModuleService baseRoleModuleService;

    @Override

    public String checkLogin(String account, String password, String token)

            throws SOAPException {

        if (TOKEN.equals(token)) {

            if (StringUtils.isBlank(account)) {

                throw new SOAPException("用户账号account不能为空!");

            }

            if (StringUtils.isBlank(password)) {

                throw new SOAPException("用户密码password不能为空!");

            }

            Criteria criteria = new Criteria();

            password = DigestUtils.md5Hex(password);

            criteria.put("account", account);

            criteria.put("passwordIn", password);

            return userService.selectByBaseUser(criteria);

        } else {

            throw new SOAPException("用户权限不足!");

        }

    }

    @Override

    public List<BaseModules> getMobileModules(String account,String token)

            throws SOAPException {

        if (TOKEN.equals(token)) {

        if (StringUtils.isBlank(account)) {

            throw new SOAPException("用户账号account不能为空!");

        }

        BaseUsers baseUser = new BaseUsers();

        List<String> roleIdList = baseRoleModuleService

                .getUserRoleList(baseUser);

        baseUser.setRoleIdList(roleIdList);

        Criteria c = new Criteria();

        c.put("user", baseUser);

        c.put("appId", 12);

        TreeMenu menu = baseRoleModuleService.selectModulesByUser(c);

        return menu.getList();

        } else {

            throw new SOAPException("用户权限不足!");

        }

    }

    @Override

    public BaseUsers getUserByAccount(String account,String token) throws SOAPException {

        if (TOKEN.equals(token)) {

        if (StringUtils.isBlank(account)) {

            throw new SOAPException("用户账号account不能为空!");

        }

        BaseUsers user = null;

        Criteria c = new Criteria();

        c.put("account", account);

        List<BaseUsers> userList = userMapper.queryUserList(c);

        if (userList.size() > 0) {

            user = userList.get(0);

        }

        return user;

        } else {

            throw new SOAPException("用户权限不足!");

        }

    }

    @Override

    public String selectByBaseUser(Criteria criteria) {

        // TODO Auto-generated method stub

        return userService.selectByBaseUser(criteria);

    }

    @Override

    public BaseUsers selectByExample(Criteria criteria) {

          BaseUsers user = null;

            List<BaseUsers> userList = userService.selectByExample(criteria);

            if(userList.size()>0){

                user = userList.get(0);

                user.setRoleIdList(baseRoleModuleService.getUserRoleList(user));

            }

            return user;

    }

}

CxfSecuityService

package cn.edu.hbcf.privilege.ws;

import javax.jws.WebParam;

import javax.jws.WebService;

@WebService

public interface CxfSecuityService {

    String registerUser(@WebParam(name="userName")String userName,@WebParam(name="password") String password);  

}

CxfSecuityServiceImpl

package cn.edu.hbcf.privilege.ws.impl;

import java.util.List;

import javax.annotation.Resource;

import javax.jws.WebService;

import javax.servlet.http.HttpSession;

import javax.xml.ws.WebServiceContext;

import javax.xml.ws.handler.MessageContext;

import org.apache.commons.codec.digest.DigestUtils;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.stereotype.Service;

import cn.edu.hbcf.common.vo.Criteria;

import cn.edu.hbcf.framework.dao.FrameworkMapper;

import cn.edu.hbcf.framework.pojo.APIKeyWebservice;

import cn.edu.hbcf.privilege.dao.BaseAPIKeysMapper;

import cn.edu.hbcf.privilege.pojo.BaseAPIKeys;

import cn.edu.hbcf.privilege.ws.CxfSecuityService;

@Service

@WebService(serviceName = "cxfSecuityService", portName = "cxfSecuityServicePort", endpointInterface = "cn.edu.hbcf.privilege.ws.CxfSecuityService")

public class CxfSecuityServiceImpl implements CxfSecuityService{

      @Resource

      private WebServiceContext wsContext;

      private MessageContext mc;

      private HttpSession session;     

      @Autowired

        private BaseAPIKeysMapper keyMapper;

        @Autowired

        private FrameworkMapper frameWorkMapper;

    @Override

    public String registerUser(String userName, String password) {

        Criteria criteria = new Criteria();

        criteria.put("keyName", userName);

        List<BaseAPIKeys> keysList = keyMapper.selectByExample(criteria);

        if (!keysList.isEmpty()) {

            BaseAPIKeys userKey = keysList.get(0);

            password = DigestUtils.md5Hex(password);

            if (password.equals(userKey.getKeyPassword())) {

                 mc = wsContext.getMessageContext();     

                session = ((javax.servlet.http.HttpServletRequest) mc

                        .get(MessageContext.SERVLET_REQUEST)).getSession();

                ((javax.servlet.ServletContext) mc

                        .get(MessageContext.SERVLET_CONTEXT)) .setAttribute(

                        "session", session);

                session.setAttribute("msg", "ok");

                criteria.clear();

                criteria.put("key_id", userKey.getKeyId());

                List<APIKeyWebservice> list = frameWorkMapper.queryListByAPIKeyId(criteria);

                session.setAttribute("perm", list);

                return "认证成功!";

            }

        }

        return "认证失败!";

    }

}

spring-webservice.xml的更多相关文章

  1. Spring WebService 和 搜索

    参考文章: http://blog.csdn.net/kkdelta/article/details/7290769 云计算中主流的Web服务有两种: 1.WebService.内容比较沉重,技术人员 ...

  2. spring web.xml 难点配置总结

    web.xml web.xml是所有web项目的根源,没有它,任何web项目都启动不了,所以有必要了解相关的配置. ContextLoderListener,ContextLoaderServlet, ...

  3. [Java] 解决spring的xml标签内不能自由增加说明的难题,方便调试、部署时进行批量屏蔽

    作者:zyl910 以往我们想在spring的xml配置文件中增加说明文本时,只能使用xml注释(<!-- 注释 -->).这对于"调试.部署时想批量屏蔽部分bean" ...

  4. Spring 通过XML配置文件以及通过注解形式来AOP 来实现前置,环绕,异常通知,返回后通知,后通知

    本节主要内容: 一.Spring 通过XML配置文件形式来AOP 来实现前置,环绕,异常通知     1. Spring AOP  前置通知 XML配置使用案例     2. Spring AOP   ...

  5. Spring AOP:面向切面编程,AspectJ,是基于spring 的xml文件的方法

    导包等不在赘述: 建立一个接口:ArithmeticCalculator,没有实例化的方法: package com.atguigu.spring.aop.impl.panpan; public in ...

  6. SPRING IN ACTION 第4版笔记-第七章Advanced Spring MVC-002- 在xml中引用Java配置文件,声明DispatcherServlet、ContextLoaderListener

    一.所有声明都用xml 1. <?xml version="1.0" encoding="UTF-8"?> <web-app version= ...

  7. Web.xml配置详解之context-param (加载spring的xml,然后初始化bean看的)

    http://www.cnblogs.com/goody9807/p/4227296.html(很不错啊) 容器先加载spring的xml,然后初始化bean时,会为bean赋值,包括里面的占位符

  8. Spring读取xml配置文件的原理与实现

    本篇博文的目录: 一:前言 二:spring的配置文件 三:依赖的第三方库.使用技术.代码布局 四:Document实现 五:获取Element的实现 六:解析Element元素 七:Bean创造器 ...

  9. spring整合mybatis错误:class path resource [config/spring/springmvc.xml] cannot be opened because it does not exist

    spring 整合Mybatis 运行环境:jdk1.7.0_17+tomcat 7 + spring:3.2.0 +mybatis:3.2.7+ eclipse 错误:class path reso ...

  10. ideal中spring的xml文件没有提示的问题

    ideal中spring的xml文件没有提示的问题 今天第一次用ideal来练习spring,发现和视频中老师不一样,我的没有提示.老师的视频里,他写了个<mvc:a   就会有一系列的提示,然 ...

随机推荐

  1. delphi Align属性

    ---------------------------------------------- -

  2. ivy由于sha1码不正确导致找不到模块(jar)的错误

    sbt设置jboss-interceptor-api-1.1作为依赖,但是找不到 [info] Resolving org.jboss.interceptor#jboss-interceptor-ap ...

  3. 手写Json转换

    在做项目的时候总是要手动将集合转换成json每次都很麻烦,于是就尝试着写了一个公用的方法,用于转换List to json: using System; using System.Collection ...

  4. phpMailer中文说明[转]

    A开头: $AltBody--属性出自:PHPMailer::$AltBody文件:class.phpmailer.php说明:该属性的设置是在邮件正文不支持HTML的备用显示 AddAddress- ...

  5. PHP安全:如何正确的取得使用者 IP?

    PHP安全:如何正确的取得使用者 IP? 很多网站都会有侦测用户 IP 的功能,不管是判断使用者来自哪边,或者是记录用户的位置.但是你知道吗?网络上大多数的教学全部都是「错误」的.正确的程序写法可以确 ...

  6. CSS优先级的详细解说

    一.什么是CSS优先级? 所谓CSS优先级,即是指CSS样式在浏览器中被解析的先后顺序. 二.CSS优先级规则 既然样式有优先级,那么就会有一个规则来约定这个优先级,而这个“规则”就是本次所需要讲的重 ...

  7. Ubuntu 11.04 安装后要做的20件事情

    转自:http://www.cnbeta.com/articles/141137.htm #1 不喜欢Unity? 切换到Ubuntu gnome 经典桌面 注销unity桌面环境,然后选择登录环境为 ...

  8. Intellij IDEA 10.5 语言设置

    适应于:英文操作系统,但是语言和区域设置为中文的环境. Mac: /Applications/IntelliJ IDEA CE.app/Contents/bin/idea.vmoptions 增加 - ...

  9. git 的简单用法

    在服务器上建立空白库 ssh 70.0.0.236 mkdir /home/git/[proj_dir] cd /home/git/[proj_dir] git --bare init 将本地代码推送 ...

  10. Linux管道符

    watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvbGFpanVucGVuZw==/font/5a6L5L2T/fontsize/400/fill/I0JBQk ...