webservice 查询时校验用户名及其IP

public class AuthenticationHandler extends AbstractHandler {
	public static ResourceBundle resourceBundle;
	static {
	        resourceBundle = ResourceBundle.getBundle("sysParam");
	}
	public void invoke(MessageContext cfx) throws Exception {
		if (cfx.getInMessage().getHeader() == null) {
			throw new org.codehaus.xfire.fault.XFireFault("请求必须包含验证信息",org.codehaus.xfire.fault.XFireFault.SENDER);
		}
		Element token = cfx.getInMessage().getHeader().getChild(
				"AuthenticationToken");
		
		if (token == null) {
			throw new org.codehaus.xfire.fault.XFireFault("请求必须包含身份验证信息",org.codehaus.xfire.fault.XFireFault.SENDER);
		} 
		String check_usernames = resourceBundle.getString("username");
		HashMap
 
 
  
   currentUser = new HashMap
  
  
    (); String check_userName [] = check_usernames.split(","); for(String _s : check_userName){ currentUser.put(_s,resourceBundle.getString(_s+"_psw")); } String username = token.getChild("Username").getValue(); String password = token.getChild("Password").getValue(); try { if(!clsstringTool.isEmpty(currentUser.get(username))){ if(currentUser.get(username).equals(password)){ //System.out.println("用户名密码验证通过"); String ip = XFireServletController.getRequest().getHeader("remoteIp"); if( ip == null) ip = XFireServletController.getRequest().getRemoteAddr(); //System.out.println("ip==="+ip); if(resourceBundle.getString("ip").contains(ip)){ //System.out.println("用户IP验证通过"); }else{ throw new org.codehaus.xfire.fault.XFireFault("非法的IP来源",org.codehaus.xfire.fault.XFireFault.SENDER); } }else{ throw new Exception(); } }else{ throw new Exception(); } } catch (Exception e) { throw new org.codehaus.xfire.fault.XFireFault("非法的用户名、密码或IP",org.codehaus.xfire.fault.XFireFault.SENDER); } } 
  ,string>
 
 ,string>
webservice 查询时校验用户名及其IP

相关文章
