public class AuthenticationHandler extends AbstractHandler { public static ResourceBundle resourceBundle; static { resourceBundle = ResourceBundle.getBundle("sysParam"); } public void invoke(MessageContext cfx) throws Exception { if (cfx.getInMessage().getHeader() == null) { throw new org.codehaus.xfire.fault.XFireFault("请求必须包含验证信息",org.codehaus.xfire.fault.XFireFault.SENDER); } Element token = cfx.getInMessage().getHeader().getChild( "AuthenticationToken"); if (token == null) { throw new org.codehaus.xfire.fault.XFireFault("请求必须包含身份验证信息",org.codehaus.xfire.fault.XFireFault.SENDER); } String check_usernames = resourceBundle.getString("username"); HashMapcurrentUser = new HashMap ,string>(); String check_userName [] = check_usernames.split(","); for(String _s : check_userName){ currentUser.put(_s,resourceBundle.getString(_s+"_psw")); } String username = token.getChild("Username").getValue(); String password = token.getChild("Password").getValue(); try { if(!clsstringTool.isEmpty(currentUser.get(username))){ if(currentUser.get(username).equals(password)){ //System.out.println("用户名密码验证通过"); String ip = XFireServletController.getRequest().getHeader("remoteIp"); if( ip == null) ip = XFireServletController.getRequest().getRemoteAddr(); //System.out.println("ip==="+ip); if(resourceBundle.getString("ip").contains(ip)){ //System.out.println("用户IP验证通过"); }else{ throw new org.codehaus.xfire.fault.XFireFault("非法的IP来源",org.codehaus.xfire.fault.XFireFault.SENDER); } }else{ throw new Exception(); } }else{ throw new Exception(); } } catch (Exception e) { throw new org.codehaus.xfire.fault.XFireFault("非法的用户名、密码或IP",org.codehaus.xfire.fault.XFireFault.SENDER); } } ,string>