Grails 圣杯&x2B;CXF+;安全服务工厂
当我尝试在Grails/CXF客户机上运行此脚本以保护我的web服务时,我得到了 secureServiceFactory上的“无法在null对象上调用方法getInInterceptors() 是否需要在其他地方设置secureServiceFactory 任何想法: 代码:Grails 圣杯&x2B;CXF+;安全服务工厂,grails,cxf,ws-security,Grails,Cxf,Ws Security,当我尝试在Grails/CXF客户机上运行此脚本以保护我的web服务时,我得到了 secureServiceFactory上的“无法在null对象上调用方法getInInterceptors() 是否需要在其他地方设置secureServiceFactory 任何想法: 代码: class BootStrap { def secureServiceFactory def init = { servletContext -> Map<String, Object>
class BootStrap {
def secureServiceFactory
def init = { servletContext ->
Map<String, Object> inProps = [:]
inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
inProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
Map<QName, Validator> validatorMap = new HashMap<QName, Validator>();
validatorMap.put(WSSecurityEngine.USERNAME_TOKEN, new UsernameTokenValidator() {
@Override
protected void verifyPlaintextPassword(org.apache.ws.security.message.token.UsernameToken usernameToken, org.apache.ws.security.handler.RequestData data)
throws org.apache.ws.security.WSSecurityException {
if(data.username == "wsuser" && usernameToken.password == "secret") {
println "username and password are correct!"
} else {
println "username and password are NOT correct..."
throw new WSSecurityException("user and/or password mismatch")
}
}
});
inProps.put(WSS4JInInterceptor.VALIDATOR_MAP, validatorMap);
secureServiceFactory.getInInterceptors().add(new WSS4JInInterceptor(inProps))
}
类引导{
def安全服务工厂
def init={servletContext->
映射inProps=[:]
inProps.put(WSHandlerConstants.ACTION,WSHandlerConstants.USERNAME\u令牌);
inProps.put(WSHandlerConstants.PASSWORD\u类型,WSConstants.PW\u文本);
Map validatorMap=newhashmap();
validatorMap.put(WSSecurityEngine.USERNAME\u令牌,新UsernameTokenValidator(){
@凌驾
受保护的无效验证明文密码(org.apache.ws.security.message.token.UsernameToken UsernameToken,org.apache.ws.security.handler.RequestData数据)
抛出org.apache.ws.security.WSSecurityException{
if(data.username==“wsuser”&&usernameToken.password==“secret”){
println“用户名和密码正确!”
}否则{
println“用户名和密码不正确…”
抛出新的WSSecurityException(“用户和/或密码不匹配”)
}
}
});
inProps.put(wss4jinterceptor.VALIDATOR\u映射,validatorMap);
secureServiceFactory.getInInterceptors().add(新的WSS4JInInterceptor(inProps))
}
我不确定这是一个完整的答案,但是,我收到了相同的错误,我知道cxf插件是用来连接服务工厂的,这些工厂将与您公开的服务的名称相匹配。我已经验证了这一点,即使用grails run app
运行grails cxf插件,应用程序可以工作。但是,通过执行test('org.apache.ws.security:wss4j:1.6.7')
更改为compile('org.apache.ws.security:wss4j:1.6.7')
,否则生成的war将无法工作,我必须使用compile('org.apache.ws.security:wss4j:1.6.9')
不幸的是,在超过这一点之后,我在部署war时遇到了第三个错误,这在grails run app
中没有发生:
22-Aug-2014 11:46:05.062 SEVERE [tomcat-http--1] org.apache.catalina.core.StandardWrapperValve.invoke Allocate exception for servlet CxfServlet
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'cxf' is defined
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:641)
at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1159)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:282)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:200)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:273)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:200)
at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:979)
at org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:75)
我将继续研究它,但也许这场战争不是为了真正部署,而是为了插件本身的开发。然而,如果是这样的话,最好还是在TC中工作,因为这样我们就可以放心地在我们自己的项目中利用代码。您可能希望包括您的资源。groovy或state你相信哪个插件会为你注入secureServiceFactory。我只是在下面这个例子:所以我的resources.groovy仍然是空的。请再次阅读文章。cxf插件将服务工厂连接起来,这些服务工厂将与你公开的服务的名称相匹配,例如
secureService
和名为secureServiceFactory
的bean。你知道吗您有一个名为secureService
的服务吗?