当我们 对webservice 接口的 拦截 更具权限 来 判断 是否可以调用 一下是我的 一个demo
首先 我们写一个 拦截类
import javax.xml.soap.SOAPException;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageContentsList;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.springframework.beans.factory.annotation.Autowired;
import com.sinotrans.eaiconsole.model.EsUserModel;
import com.sinotrans.eaiconsole.user.service.LoginManager;
public class WebServiceUserAuthorityInterceptor extends AbstractPhaseInterceptor<Message> {
@Autowired
LoginManager loginManager;
public WebServiceUserAuthorityInterceptor() {
super(Phase.PRE_INVOKE);
}
public void handleMessage(Message message) throws Fault { // 指定CXF获取客户端的HttpServletRequest
// :
// http-request;
MessageContentsList contents = MessageContentsList
.getContentsList(message);
String userName = "", pwd = "";
if (contents != null && contents.size() > 0) {
userName = (String) contents.get(0);
pwd = (String) contents.get(1);
EsUserModel eum = loginManager.longinWebServiceUserAuthority(
userName, pwd);
if (null == eum) {
SOAPException soapExc = new SOAPException("用户名密码认证失败");
throw new Fault(soapExc);
}
} else {
SOAPException soapExc = new SOAPException("未输入参数信息");
throw new Fault(soapExc);
}
}
}
接着我们在 cxf 里配置如下
//我们的拦截类 注入进去
<bean id="inMessageInterceptor"
class="com.sinotrans.eaiconsole.Interceptor.WebServiceUserAuthorityInterceptor">
</bean>
//给需要拦截的 方法 注入 我们的拦截类
<jaxws:endpoint id="lMSWebService"
implementor="com.sinotrans.eaiconsole.service.impl.LMSWebServiceImpl"
address="/lMSWebService">
<jaxws:inInterceptors>
<ref bean="inMessageInterceptor" />
</jaxws:inInterceptors>
</jaxws:endpoint>