Jive 4.5.5.0 で SOAP Web サービスに取り組んでいます。認証のないコードを書いていました。
私のサンプルプログラム:
SuppressWarnings("serial")
@WebService(name="Helloworld",portName="HelloworldPort", serviceName = "Helloworld", targetNamespace="http://Helloworld.com/webservices")
@SOAPBinding(style = SOAPBinding.Style.RPC, use= SOAPBinding.Use.LITERAL, parameterStyle= SOAPBinding.ParameterStyle.WRAPPED)
public class Helloworld extends JiveActionSupport {
public String sayHello(@WebParam(name="name")String name) {
return "hello "+name;
}
}
私のspring.xmlはこのようなものです
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:dwr="http://www.directwebremoting.org/schema/spring-dwr"
xmlns:cxf="http://cxf.apache.org/core"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd
http://www.directwebremoting.org/schema/spring-dwr http://www.directwebremoting.org/schema/spring-dwr-2.0.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd"
default-autowire="no">
<!-- Alter the default mapping chains, switching formAuthenticationFilter with the federatedIdentityAuthFilter defined below.
This definition uses the federated identity filter for normal app requests and Web Service requests, but leaves
the form mechanism in place for admin and upgrade purposes. The desired behavior will vary depending on
the application. -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/upgrade/**=httpSessionContextIntegrationFilter, upgradeAuthenticationFilter, upgradeExceptionTranslationFilter, jiveAuthenticationTranslationFilter
/post-upgrade/**=httpSessionContextIntegrationFilter, postUpgradeAuthenticationFilter, postUpgradeExceptionTranslationFilter,jiveAuthenticationTranslationFilter
/admin/**=httpSessionContextIntegrationFilter, adminAuthenticationFilter, adminExceptionTranslationFilter,jiveAuthenticationTranslationFilter
/rpc/xmlrpc=wsRequireSSLFilter, httpSessionContextIntegrationFilter, basicAuthenticationFilter, wsExceptionTranslator, jiveAuthenticationTranslationFilter, wsAccessTypeCheckFilter
/rpc/rest/**=wsRequireSSLFilter, httpSessionContextIntegrationFilter, basicAuthenticationFilter, wsExceptionTranslator, jiveAuthenticationTranslationFilter, wsAccessTypeCheckFilter
/rpc/soap/**=wsRequireSSLFilter, httpSessionContextIntegrationFilter, basicAuthenticationFilter, jiveAuthenticationTranslationFilter
/**=httpSessionContextIntegrationFilter, jiveAuthenticationTranslationFilter
</value>
</property>
</bean>
<bean id="hellworldbean" class="com.test.Helloworld">
</bean>
<jaxws:endpoint id="helloworld" address="/soap/sayHelloworld">
<jaxws:implementor>
<ref bean="hellworldbean" />
</jaxws:implementor>
</jaxws:endpoint>
</beans>
それに認証を追加したい。basicAuthenticationFilter は /rpc/soap/** パターンにありますが、認証を求めていません。管理コンソールの設定で、Web サービスで特定のユーザーのみにアクセスできるようにしました。
この Web サービスは正常に動作しており、正しい出力が得られます。しかし、権限がありません。
クライアントとサービスで認証と承認を行うサンプルコードを共有できますか。