A.8.3.2. Web Service Requester
本节详细介绍了 WS -Trust 场景中的 ws-requester
元素,这些元素已更新,以满足 OnBehalfOf 示例
的要求。该组件为:
A.8.3.2.1. OnBehalfOf Web 服务请求器实施类
客户端 OnBehalfOf
ws-requester
使用标准步骤在前四行中创建对 Web 服务的引用。为满足端点安全要求,Web 服务的请求上下文使用 BindingProvider
配置。通过其提供消息生成所需的信息。此部分中声明了 OnBehalfOf
用户 alice
,并向 STSClient
提供 callbackHandler
、UsernameTokenCallbackHandler
,用于生成 OnBehalfOf
消息元素的内容。在本例中,将创建一个 STSClient
对象,并提供给代理的请求上下文。另一种方法是提供带有 .it
后缀的键,如基本场景客户端中所执行的操作一样。OnBehalfOf
的使用通过 stsClient.setOnBehalfOf
调用方法进行配置。另一种方法是在 properties 映射中使用 key SecurityConstants.STS_TOKEN_ON_BEHALF_OF
和一个值。
final QName serviceName = new QName("http://www.jboss.org/jbossws/ws-extensions/onbehalfofwssecuritypolicy", "OnBehalfOfService"); final URL wsdlURL = new URL(serviceURL + "?wsdl"); Service service = Service.create(wsdlURL, serviceName); OnBehalfOfServiceIface proxy = (OnBehalfOfServiceIface) service.getPort(OnBehalfOfServiceIface.class); Bus bus = BusFactory.newInstance().createBus(); try { BusFactory.setThreadDefaultBus(bus); Map<String, Object> ctx = proxy.getRequestContext(); ctx.put(SecurityConstants.CALLBACK_HANDLER, new ClientCallbackHandler()); ctx.put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource( "META-INF/clientKeystore.properties")); ctx.put(SecurityConstants.ENCRYPT_USERNAME, "myactaskey"); ctx.put(SecurityConstants.SIGNATURE_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource( "META-INF/clientKeystore.properties")); ctx.put(SecurityConstants.SIGNATURE_USERNAME, "myclientkey"); // user and password OnBehalfOf user // UsernameTokenCallbackHandler will extract this information when called ctx.put(SecurityConstants.USERNAME,"alice"); ctx.put(SecurityConstants.PASSWORD, "clarinet"); STSClient stsClient = new STSClient(bus); // Providing the STSClient the mechanism to create the claims contents for OnBehalfOf stsClient.setOnBehalfOf(new UsernameTokenCallbackHandler()); Map<String, Object> props = stsClient.getProperties(); props.put(SecurityConstants.CALLBACK_HANDLER, new ClientCallbackHandler()); props.put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource( "META-INF/clientKeystore.properties")); props.put(SecurityConstants.ENCRYPT_USERNAME, "mystskey"); props.put(SecurityConstants.STS_TOKEN_USERNAME, "myclientkey"); props.put(SecurityConstants.STS_TOKEN_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource( "META-INF/clientKeystore.properties")); props.put(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO, "true"); ctx.put(SecurityConstants.STS_CLIENT, stsClient); } finally { bus.shutdown(true); } proxy.sayHello();