带有cxf拦截器和回调处理程序的jax-rs [英] jax-rs with cxf interceptors and callback handler
问题描述
我想将现有的基于XML的Web服务转换为REST Web服务.这些服务已经开始运作,但我正在努力实现安全性.
I want to transform an existing XML-based webservice to a REST webservice. While the services are working already, I'm struggling with implementing the security.
在以前的实现中,我们使用了这样的拦截器(文件ws-server-context.xml
):
In the former implementation, we used interceptors like this (file ws-server-context.xml
):
<jaxws:endpoint id="someService" implementor="..." address="/..." >
<jaxws:inInterceptors>
<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken" />
<entry key="passwordType" value="PasswordText" />
<entry key="passwordCallbackRef" value-ref="sessionService" />
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
无论何时调用此端点的地址,都会调用Bean sessionService
的方法handle(Callback[] callbacks)
,该方法将检查适当的凭据(用户名+令牌).该bean实现接口CallbackHandler
.
Whenever the address of this endpoint is called, the method handle(Callback[] callbacks)
of the bean sessionService
is invoked, which checks for proper credentials (username + token). This bean implements the interface CallbackHandler
.
如何在JAX-RS中实现这种方法?端点是在webservice类本身(@Path
)上定义的,因此是否需要在其中使用任何注释?如何注册拦截器?
How can this approach be implemented in JAX-RS? The endpoints are defined at the webservice classes themself (@Path
), so do I need to use any annotations there? How do I register the interceptors?
感谢您的帮助!
推荐答案
您可以在web.xml中声明一个过滤器,而不是拦截器-
Instead of the interceptor, you can declare a filter in your web.xml -
<filter>
<display-name>MyFilter</display-name>
<filter-name>MyFilter</filter-name>
<filter-class>com.*.MyFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>MyFilter</filter-name>
<url-pattern></url-pattern> <!-- keep this same as your rest servlet's url pattern -->
</filter-mapping>
在您的JAX-RS实现之前将调用此类.
This class will be called before your JAX-RS implementation.
您可以在过滤器类中引用callBackHandler
.
You can refer to the callBackHandler
from within the filter class.
这篇关于带有cxf拦截器和回调处理程序的jax-rs的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!