我想我现在真的坚持了4个小时.我有一个在JAX-WS中开发的示例Web服务,我已经在web.xml中成功配置了BASIC身份验证,但我无法让"@RolesAllowed"的消息工作.这个注释被简单地忽略了.我正在使用servlet 3.0 API和tomcat 7.0.32,所以我认为应该支持@RolesAllowed.
以下是我的代码:在Web.xml中,我有以下配置:
<security-constraint>
<display-name>SecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>ApexeWebServiceCollection</web-resource-name>
<description>These resources are only accessible by authorised client.</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<description>These are the roles who have access.</description>
<role-name>developer</role-name>
<role-name>tester</role-name>
</auth-constraint>
<user-data-constraint>
<description>This is how the user data must be transmitted.</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<description>Service developer</description>
<role-name>developer</role-name>
</security-role>
<security-role>
<description>Service tester</description>
<role-name>tester</role-name>
</security-role>
然后我在服务端实现了以下方法.我想要方法:"sayNumber"只能由"developer"访问,而不是"tester":
@SchemaValidation(handler = SchemaValidationErrorHandler.class)@WebService(endpointInterface ="com.webservice.HelloWorld")
公共类HelloWorldImpl实现HelloWorld {
@Resource
WebServiceContext wsContext;
@Override
@WebMethod
@RolesAllowed("developer")
public int sayNumber(double number) throws SOAPException {
MessageContext …我正在使用Spring框架实现JAX-WS.
以下是我的Spring applicationContext.xml
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:ws="http://jax-ws.dev.java.net/spring/core"
xmlns:wss="http://jax-ws.dev.java.net/spring/servlet"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://jax-ws.dev.java.net/spring/core
http://jax-ws.dev.java.net/spring/core.xsd
http://jax-ws.dev.java.net/spring/servlet
http://jax-ws.dev.java.net/spring/servlet.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
">
但是,Eclipse抱怨道:
经过调查,我找到了URL:http: //jax-ws.dev.java.net/spring/servlet.xsd 不存在.相反,它似乎转移到:http: //jax-ws.java.net/spring/servlet.xsd(您可以在浏览器中打开此链接)
因此,我更新XSD架构URL从 http://jax-ws.dev.java.net/spring/servlet.xsd 到 http://jax-ws.java.net/spring/servlet.xsd
现在我的applicationContext.xml看起来像这样:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:ws="http://jax-ws.dev.java.net/spring/core"
xmlns:wss="http://jax-ws.dev.java.net/spring/servlet"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://jax-ws.dev.java.net/spring/core
http://jax-ws.java.net/spring/core.xsd
http://jax-ws.dev.java.net/spring/servlet
http://jax-ws.java.net/spring/servlet.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
">
实际上,通过此更改,Eclipse错误消失了.问题是在Tomcat 7中启动Web服务后,我得到以下运行时错误:
org.xml.sax.SAXParseException; lineNumber:20; columnNumber:29; schema_reference.4:无法读取模式文档" http://jax-ws.java.net/spring/servlet.xsd ",因为1)找不到该文档; 2)文件无法阅读; 3)文档的根元素不是.at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:198)at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.warning(ErrorHandlerWrapper.java:99) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:433)
请指教.
非常感谢你.问候,