我有几个第三方Web服务,我只有他们的WSDL。目前,它们只能在我的内部网络中访问。我想将这些Web服务暴露给互联网,但是,由于它们读/写敏感信息,我需要某种身份验证机制,以确保只有某些用户才能调用它们。
这个想法是暴露完全相同的接口(具有相同参数的相同操作),但是拦截每次调用以检查安全性,然后在认证有效时调用原始Web服务,否则返回异常或错误消息。我一直在尝试使用Mule ESB来完成我无法完成的任务 骡子有可能吗?如果没有,我将如何做到这一点?谁能指出我正确的方向? 提前谢谢。
答案 0 :(得分:0)
以下是将WS-Security添加到不安全的目标Web服务的Web服务代理示例:
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns="http://www.mulesoft.org/schema/mule/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:http="http://www.mulesoft.org/schema/mule/http"
xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf"
xmlns:spring="http://www.springframework.org/schema/beans"
xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security"
xmlns:ss="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/3.2/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/3.2/mule-http.xsd
http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/3.2/mule-cxf.xsd
http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/3.2/mule-spring-security.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<mule-ss:security-manager>
<mule-ss:delegate-security-provider
name="memory-provider" delegate-ref="authenticationManager" />
</mule-ss:security-manager>
<spring:beans>
<ss:authentication-manager alias="authenticationManager">
<ss:authentication-provider>
<ss:user-service id="userService">
<ss:user name="user" password="pass" authorities="ROLE_USER" />
</ss:user-service>
</ss:authentication-provider>
</ss:authentication-manager>
<cxf:security-manager-callback id="serverCallback" />
</spring:beans>
<flow name="secureStockQuoteWsProxy">
<http:inbound-endpoint address="http://localhost:8080/sec-ws/stockquote"
exchange-pattern="request-response">
<cxf:proxy-service>
<cxf:inInterceptors>
<spring:bean
class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
<spring:bean
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<spring:constructor-arg>
<spring:map>
<spring:entry key="action" value="UsernameToken" />
<spring:entry key="passwordCallbackRef"
value-ref="serverCallback" />
</spring:map>
</spring:constructor-arg>
</spring:bean>
</cxf:inInterceptors>
</cxf:proxy-service>
</http:inbound-endpoint>
<http:outbound-endpoint address="http://www.webservicex.net/stockquote.asmx"
exchange-pattern="request-response">
<cxf:proxy-client enableMuleSoapHeaders="false"
soapVersion="1.2" />
</http:outbound-endpoint>
</flow>
答案 1 :(得分:0)
http://www.webservicex.net/stockquote.asmx?wsdl给出了相同的结果。所以你可以在那里测试一下。也许问题在于.net服务。
无论如何,现在我使用webservice模式创建了一个成功的代理。现在我仍在努力改变一个回应。没有太大的成功,因为Mule不断给我一个ReleasingInputStream作为响应。