向第三方Web服务添加授权 [英] Adding authorization to a third-party web service
问题描述
我有几个第三方Web服务,其中只有他们的WSDL.目前只能在我的内部网络中访问它们.我想将这些Web服务公开给Internet,但是,由于它们读取/写入敏感信息,因此我需要某种身份验证机制,以确保只有某些用户才能调用它们.
I have several third-party web services of which I only have their WSDL's. Currently they are only accessible in my internal network. I would like to expose those web services to the internet but, since they read/write sensitive information, I would need some sort of authentication mechanism in order to assure that only certain users are able to invoke them.
这个想法是公开完全相同的接口(具有相同参数的相同操作),但是拦截每个调用以检查安全性,然后如果身份验证有效,则调用原始Web服务,否则返回异常或错误消息.我一直在尝试使用Mule ESB来完成任务,但是我不能完全到达那里 m子有可能吗?如果没有,我将如何去做?谁能指出我正确的方向? 预先感谢.
The idea is to expose exactly the same interface (same operations with the same parameters) but intercepting each invocation to check the security and then invoking the original web service if the authentication is valid or returning an exception or error message otherwise. I've been trying to use Mule ESB for the task abut I can't quite get there Is this possible with mule? If not, how would i go about doing this? Can anyone point me in the right direction? Thanks in advance.
推荐答案
以下是Web服务代理向不安全的目标Web服务添加WS-Security的示例:
Here is an example of a web service proxy adding WS-Security to an unsecure target web service:
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns="http://www.mulesoft.org/schema/mule/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:http="http://www.mulesoft.org/schema/mule/http"
xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf"
xmlns:spring="http://www.springframework.org/schema/beans"
xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security"
xmlns:ss="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/3.2/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/3.2/mule-http.xsd
http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/3.2/mule-cxf.xsd
http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/3.2/mule-spring-security.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<mule-ss:security-manager>
<mule-ss:delegate-security-provider
name="memory-provider" delegate-ref="authenticationManager" />
</mule-ss:security-manager>
<spring:beans>
<ss:authentication-manager alias="authenticationManager">
<ss:authentication-provider>
<ss:user-service id="userService">
<ss:user name="user" password="pass" authorities="ROLE_USER" />
</ss:user-service>
</ss:authentication-provider>
</ss:authentication-manager>
<cxf:security-manager-callback id="serverCallback" />
</spring:beans>
<flow name="secureStockQuoteWsProxy">
<http:inbound-endpoint address="http://localhost:8080/sec-ws/stockquote"
exchange-pattern="request-response">
<cxf:proxy-service>
<cxf:inInterceptors>
<spring:bean
class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<spring:bean
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<spring:constructor-arg>
<spring:map>
<spring:entry key="action" value="UsernameToken" />
<spring:entry key="passwordCallbackRef"
value-ref="serverCallback" />
</spring:map>
</spring:constructor-arg>
</spring:bean>
</cxf:inInterceptors>
</cxf:proxy-service>
</http:inbound-endpoint>
<http:outbound-endpoint address="http://www.webservicex.net/stockquote.asmx"
exchange-pattern="request-response">
<cxf:proxy-client enableMuleSoapHeaders="false"
soapVersion="1.2" />
</http:outbound-endpoint>
</flow>
这篇关于向第三方Web服务添加授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
