<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

    xmlns:context="http://www.springframework.org/schema/context"

    xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="http://www.springframework.org/schema/beans

    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

    http://www.springframework.org/schema/context

    http://www.springframework.org/schema/context/spring-context-3.0.xsd

    http://cxf.apache.org/jaxws

    http://cxf.apache.org/schemas/jaxws.xsd">

    <import resource="classpath:META-INF/cxf/cxf.xml" />

    <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />

    <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />

    <!-- 客户端Portal配置webservice -->

    <!-- cxf服务端安全认证 Webservice -->

    <bean id="scurityServiceBean" class="cn.edu.hbcf.privilege.ws.impl.SeurityServiceImpl">

    </bean>

    <jaxws:endpoint id="seurityService" address="/SecurityService"

        implementor="#scurityServiceBean">

        <jaxws:inInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />

            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

            <!--  <bean class="cn.edu.hbcf.privilege.ws.interceptor.ClientInterceptor"/> -->

        </jaxws:inInterceptors>

        <jaxws:outInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />

        </jaxws:outInterceptors>

    </jaxws:endpoint>

    <jaxws:endpoint id="userService" address="/UserService"

        implementor="#userWebServiceImpl">

        <jaxws:inInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />

            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

            <bean class="cn.edu.hbcf.privilege.ws.interceptor.ClientInterceptor"/>

        </jaxws:inInterceptors>

    </jaxws:endpoint>

    <jaxws:endpoint id="cxfSecuityService"  address="/getCxfSecuityService"

        implementor="#cxfSecuityServiceImpl">

        <jaxws:inInterceptors>

            <bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />

            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

        </jaxws:inInterceptors>

    </jaxws:endpoint>

</beans>
SecurityService 
package cn.edu.hbcf.privilege.ws;

import java.util.List;

import javax.jws.WebParam;

import javax.jws.WebService;

import javax.xml.soap.SOAPException;

import cn.edu.hbcf.common.vo.Criteria;

import cn.edu.hbcf.privilege.pojo.BaseModules;

import cn.edu.hbcf.privilege.pojo.BaseUsers;

@WebService

public interface SecurityService {

     /**

     * 登录事件,返回登录状态

     * @param criteria

     * @return

     */

    String selectByBaseUser(@WebParam(name = "criteria")

    Criteria criteria);

    BaseUsers selectByExample(@WebParam(name = "criteria")

            Criteria criteria);

    /**

     * 用户登录

     * @param account 账号 必需

     * @param password 密码 必需

     * @return  登录成功则返回01 否则返回失败信息

     */

    String checkLogin(@WebParam(name="account") String account,@WebParam(name="password") String password,@WebParam(name="token") String token) throws SOAPException;

    /**

     * 根据用户账号返回用户信息

     * @param account

     * @return

     */

    BaseUsers getUserByAccount(@WebParam(name="account") String account,@WebParam(name="token") String token) throws SOAPException;

    /**

     * 返回用户权限

     * @param baseUsers

     * @return

     */

    List<BaseModules> getMobileModules(@WebParam(name="account")  String account,@WebParam(name="token") String token) throws SOAPException;

}
package cn.edu.hbcf.privilege.ws.impl;

import java.util.List;

import javax.jws.WebService;

import javax.xml.soap.SOAPException;

import org.apache.commons.codec.digest.DigestUtils;

import org.apache.commons.lang.StringUtils;

import org.springframework.beans.factory.annotation.Autowired;

import cn.edu.hbcf.common.vo.Criteria;

import cn.edu.hbcf.common.vo.TreeMenu;

import cn.edu.hbcf.framework.service.AbstractRegisterService;

import cn.edu.hbcf.privilege.dao.BaseUsersMapper;

import cn.edu.hbcf.privilege.pojo.BaseModules;

import cn.edu.hbcf.privilege.pojo.BaseUsers;

import cn.edu.hbcf.privilege.service.BaseRoleModuleService;

import cn.edu.hbcf.privilege.service.BaseUsersService;

import cn.edu.hbcf.privilege.ws.SecurityService;

@WebService(serviceName = "securityService", portName = "securityServicePort", endpointInterface = "cn.edu.hbcf.privilege.ws.SecurityService")

public class SeurityServiceImpl extends AbstractRegisterService implements

        SecurityService {

    private final String TOKEN = "8b1749f054d35ea24ea4101eccbabb7e";

    @Autowired

    private BaseUsersService userService;

    @Autowired

    private BaseUsersMapper userMapper;

    @Autowired

    private BaseRoleModuleService baseRoleModuleService;

    @Override

    public String checkLogin(String account, String password, String token)

            throws SOAPException {

        if (TOKEN.equals(token)) {

            if (StringUtils.isBlank(account)) {

                throw new SOAPException("用户账号account不能为空!");

            }

            if (StringUtils.isBlank(password)) {

                throw new SOAPException("用户密码password不能为空!");

            }

            Criteria criteria = new Criteria();

            password = DigestUtils.md5Hex(password);

            criteria.put("account", account);

            criteria.put("passwordIn", password);

            return userService.selectByBaseUser(criteria);

        } else {

            throw new SOAPException("用户权限不足!");

        }

    }

    @Override

    public List<BaseModules> getMobileModules(String account,String token)

            throws SOAPException {

        if (TOKEN.equals(token)) {

        if (StringUtils.isBlank(account)) {

            throw new SOAPException("用户账号account不能为空!");

        }

        BaseUsers baseUser = new BaseUsers();

        List<String> roleIdList = baseRoleModuleService

                .getUserRoleList(baseUser);

        baseUser.setRoleIdList(roleIdList);

        Criteria c = new Criteria();

        c.put("user", baseUser);

        c.put("appId", 12);

        TreeMenu menu = baseRoleModuleService.selectModulesByUser(c);

        return menu.getList();

        } else {

            throw new SOAPException("用户权限不足!");

        }

    }

    @Override

    public BaseUsers getUserByAccount(String account,String token) throws SOAPException {

        if (TOKEN.equals(token)) {

        if (StringUtils.isBlank(account)) {

            throw new SOAPException("用户账号account不能为空!");

        }

        BaseUsers user = null;

        Criteria c = new Criteria();

        c.put("account", account);

        List<BaseUsers> userList = userMapper.queryUserList(c);

        if (userList.size() > 0) {

            user = userList.get(0);

        }

        return user;

        } else {

            throw new SOAPException("用户权限不足!");

        }

    }

    @Override

    public String selectByBaseUser(Criteria criteria) {

        // TODO Auto-generated method stub

        return userService.selectByBaseUser(criteria);

    }

    @Override

    public BaseUsers selectByExample(Criteria criteria) {

          BaseUsers user = null;

            List<BaseUsers> userList = userService.selectByExample(criteria);

            if(userList.size()>0){

                user = userList.get(0);

                user.setRoleIdList(baseRoleModuleService.getUserRoleList(user));

            }

            return user;

    }

}

CxfSecuityService

package cn.edu.hbcf.privilege.ws;

import javax.jws.WebParam;

import javax.jws.WebService;

@WebService

public interface CxfSecuityService {

    String registerUser(@WebParam(name="userName")String userName,@WebParam(name="password") String password);  

}

CxfSecuityServiceImpl

package cn.edu.hbcf.privilege.ws.impl;

import java.util.List;

import javax.annotation.Resource;

import javax.jws.WebService;

import javax.servlet.http.HttpSession;

import javax.xml.ws.WebServiceContext;

import javax.xml.ws.handler.MessageContext;

import org.apache.commons.codec.digest.DigestUtils;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.stereotype.Service;

import cn.edu.hbcf.common.vo.Criteria;

import cn.edu.hbcf.framework.dao.FrameworkMapper;

import cn.edu.hbcf.framework.pojo.APIKeyWebservice;

import cn.edu.hbcf.privilege.dao.BaseAPIKeysMapper;

import cn.edu.hbcf.privilege.pojo.BaseAPIKeys;

import cn.edu.hbcf.privilege.ws.CxfSecuityService;

@Service

@WebService(serviceName = "cxfSecuityService", portName = "cxfSecuityServicePort", endpointInterface = "cn.edu.hbcf.privilege.ws.CxfSecuityService")

public class CxfSecuityServiceImpl implements CxfSecuityService{

      @Resource

      private WebServiceContext wsContext;

      private MessageContext mc;

      private HttpSession session;     

      @Autowired

        private BaseAPIKeysMapper keyMapper;

        @Autowired

        private FrameworkMapper frameWorkMapper;

    @Override

    public String registerUser(String userName, String password) {

        Criteria criteria = new Criteria();

        criteria.put("keyName", userName);

        List<BaseAPIKeys> keysList = keyMapper.selectByExample(criteria);

        if (!keysList.isEmpty()) {

            BaseAPIKeys userKey = keysList.get(0);

            password = DigestUtils.md5Hex(password);

            if (password.equals(userKey.getKeyPassword())) {

                 mc = wsContext.getMessageContext();     

                session = ((javax.servlet.http.HttpServletRequest) mc

                        .get(MessageContext.SERVLET_REQUEST)).getSession();

                ((javax.servlet.ServletContext) mc

                        .get(MessageContext.SERVLET_CONTEXT)) .setAttribute(

                        "session", session);

                session.setAttribute("msg", "ok");

                criteria.clear();

                criteria.put("key_id", userKey.getKeyId());

                List<APIKeyWebservice> list = frameWorkMapper.queryListByAPIKeyId(criteria);

                session.setAttribute("perm", list);

                return "认证成功!";

            }

        }

        return "认证失败!";

    }

}

spring-webservice.xml的更多相关文章

  1. Spring WebService 和 搜索

    参考文章: http://blog.csdn.net/kkdelta/article/details/7290769 云计算中主流的Web服务有两种: 1.WebService.内容比较沉重,技术人员 ...

  2. spring web.xml 难点配置总结

    web.xml web.xml是所有web项目的根源,没有它,任何web项目都启动不了,所以有必要了解相关的配置. ContextLoderListener,ContextLoaderServlet, ...

  3. [Java] 解决spring的xml标签内不能自由增加说明的难题,方便调试、部署时进行批量屏蔽

    作者:zyl910 以往我们想在spring的xml配置文件中增加说明文本时,只能使用xml注释(<!-- 注释 -->).这对于"调试.部署时想批量屏蔽部分bean" ...

  4. Spring 通过XML配置文件以及通过注解形式来AOP 来实现前置,环绕,异常通知,返回后通知,后通知

    本节主要内容: 一.Spring 通过XML配置文件形式来AOP 来实现前置,环绕,异常通知     1. Spring AOP  前置通知 XML配置使用案例     2. Spring AOP   ...

  5. Spring AOP:面向切面编程,AspectJ,是基于spring 的xml文件的方法

    导包等不在赘述: 建立一个接口:ArithmeticCalculator,没有实例化的方法: package com.atguigu.spring.aop.impl.panpan; public in ...

  6. SPRING IN ACTION 第4版笔记-第七章Advanced Spring MVC-002- 在xml中引用Java配置文件,声明DispatcherServlet、ContextLoaderListener

    一.所有声明都用xml 1. <?xml version="1.0" encoding="UTF-8"?> <web-app version= ...

  7. Web.xml配置详解之context-param (加载spring的xml,然后初始化bean看的)

    http://www.cnblogs.com/goody9807/p/4227296.html(很不错啊) 容器先加载spring的xml,然后初始化bean时,会为bean赋值,包括里面的占位符

  8. Spring读取xml配置文件的原理与实现

    本篇博文的目录: 一:前言 二:spring的配置文件 三:依赖的第三方库.使用技术.代码布局 四:Document实现 五:获取Element的实现 六:解析Element元素 七:Bean创造器 ...

  9. spring整合mybatis错误:class path resource [config/spring/springmvc.xml] cannot be opened because it does not exist

    spring 整合Mybatis 运行环境:jdk1.7.0_17+tomcat 7 + spring:3.2.0 +mybatis:3.2.7+ eclipse 错误:class path reso ...

  10. ideal中spring的xml文件没有提示的问题

    ideal中spring的xml文件没有提示的问题 今天第一次用ideal来练习spring,发现和视频中老师不一样,我的没有提示.老师的视频里,他写了个<mvc:a   就会有一系列的提示,然 ...

随机推荐

  1. Bayesian statistics

    文件夹 1Bayesian model selection贝叶斯模型选择 1奥卡姆剃刀Occams razor原理 2Computing the marginal likelihood evidenc ...

  2. Spring Security实现后台管理员登录(一)

    一.实现功能 二.数据表设计 为了测试方便,这里创建一个简单的数据表,只含有name和password两个字段.至于角色,权限等,这里都先不考虑. 插入一条数据,name为admin,password ...

  3. Sublimetext 3 经常使用插件

    今天配了一下开发工具,事实上主要是想配置svn插件,可是后来查了下,发现sublimet的插件库还是蛮丰富的.顺手安了一些别的插件进去. 1,Svn插件安装的一些问题 首先ctrl+shift+p,打 ...

  4. 无废话MVC入门教程一[概述、环境安装、创建项目]

    (转载) 本文目标 1.对MVC有初步的了解 2.能够在VS2010的基础之上安装MVC3的开发和运行环境 3.对MVC框架有概括性的认识 本文目录 1.什么是MVC 2.VS2010安装MVC3 3 ...

  5. 解决:mysql5.7 timestamp默认值‘0000-00-00 00:00:00’报错

    mysql5.7 运行sql脚本时报错 - Invalid default value for 'UPDATE_TIME' [Err] CREATE TABLE `V_TBL_AMOUNT_REASO ...

  6. kindeditor 图片上传插件

    富文本编辑器,kindeditor是比较好用的一款.需要的功能都有,文档.demo也详细.有什么功能去官网看一眼就好. 官网:http://kindeditor.net/ 一些好用的如图片上传,kin ...

  7. ant-design表单处理和常用方法及自定义验证

    首先要说一下antdesign这个框架API和demo丰富,而且开发环境提供对应的warning来纠正用户的错误.是一个很好的组件库. 关于表单验证方面是依赖于 async-validator  库. ...

  8. hibernate session的load和get方法

    @Test public void testLoad() {     Session session = sessionFactory.getCurrentSession();     session ...

  9. 自己Cookie写的自动登录功能 包含BASE64 和MD5的使用

    sql表 username  password字段 User类 有 id username password等字段 Service有一函数 @Override public User findUser ...

  10. 关于nodejs中npm命令没有反应的解决方法

    最近在学习angularJS,正在做一个单页面应用,在安装nodejs之后,发现命令行传了输入npm -v能输出结果外,其余npm的任何操作都没有反应,一开始我以为是下载的比较慢,等了半小时还是没动静 ...