Saya ini saya ingin mencoba implementasi Security WSI.
Pada proyek ini kita memerlukan domain UserWebservice sebagai penyimpan data username dan password.
package org.grails.cxf.samplewssecurity1
class UserWebservice {
String username
String password
static constraints = {
}
}
Setelah itu kita buat ServerPasswordCallbackHandlerService. Service ini berguna untuk lookup pasangan username dan password
package org.grails.cxf.samplewssecurity1
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback
import org.springframework.beans.factory.InitializingBean
class ServerPasswordCallbackHandlerService implements CallbackHandler,InitializingBean{
@Override
void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException{
for (pc in callbacks){
if(log.debugEnabled){
log.debug pc.identifier
log.debug pc.password
}
def password= UserWebservice.findByUsername(pc.identifier)?.password
if(password) {
pc.password = password
}
}
}
@Override
void afterPropertiesSet() {
}
}
Kita mempunyai service yang akan proteksi dengan password yang bernama AnnotatedSecureService Seperti dibawah ini.
package org.grails.cxf.samplewssecurity1
import org.grails.cxf.utils.EndpointType
import org.grails.cxf.utils.GrailsCxfEndpoint
import org.grails.cxf.utils.GrailsCxfEndpointProperty
import javax.jws.WebMethod
import javax.jws.WebParam
import javax.jws.WebResult
@GrailsCxfEndpoint(expose = EndpointType.JAX_WS,properties = [@GrailsCxfEndpointProperty(name = "ws-security.enable.nonce.cache", value = "false"), @GrailsCxfEndpointProperty(name = "ws-security.enable.timestamp.cache", value = "false")])
class AnnotatedSecureService {
@WebMethod(operationName = "simpleMethod")
@WebResult(name = "simpleResult")
String simpleMethod(@WebParam(name = "param") String param) {
return param.toString()
}
}
Kita akan tambahkan di class BootStrap sebagai berikut.
package org.grails.cxf.samplewssecurity1
import org.apache.cxf.frontend.ServerFactoryBean
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
import org.apache.ws.security.WSConstants
import org.apache.ws.security.handler.WSHandlerConstants
import org.grails.cxf.samplewssecurity1.UserWebservice
class BootStrap {
ServerFactoryBean annotatedSecureServiceFactory
def serverPasswordCallbackHandlerService
def init = { servletContext ->
// add user
UserWebservice.findByUsername('agus') ?: new UserWebservice(
username: 'agus',
password: 'ramdan').save(failOnError: true)
//Register some wss4j security
Map inProps = [:]
inProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
// uncomment when need particular PASSWORD_TYPE
//inProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST);
inProps.put WSHandlerConstants.PW_CALLBACK_REF, serverPasswordCallbackHandlerService
annotatedSecureServiceFactory.getInInterceptors().add(new WSS4JInInterceptor(inProps))
//These can be added here or taken care of in the @GrailsCxfEndpoint annotation
//annotatedSecureServiceFactory.getProperties(true).put("ws-security.enable.nonce.cache","false")
//annotatedSecureServiceFactory.getProperties(true).put("ws-security.enable.timestamp.cache","false")
}
def destroy = {
}
}
Program selengkapnya bisa clone di git://git.cloudbees.com/agusramdan/SampleWSSecurity2.git