[jboss-user] [JBossWS] - Re: Web service security, how to filter client IP address?
scruffyminds
do-not-reply at jboss.com
Wed Jul 9 15:53:46 EDT 2008
First, you write a class derived from org.jboss.ws.core.jaxws.handler.GenericHandler:
| public class IPConstraintHandler
| extends GenericHandler
| {
| @Override
| protected boolean handleInbound( MessageContext msgContext )
| {
| HttpServletRequest request = (HttpServletRequest)msgContext.get( MessageContext.SERVLET_REQUEST );
| String ip = request.getRemoteAddr();
|
| if ( ipAddressIsOK( ip ))
| return super.handleInbound( msgContext );
|
| return false;
| }
| }
|
Next, add the following extra annotations to your web service implementation:
| @SecurityDomain( "myDomain" )
| @WebContext( authMethod="BASIC", secureWSDLAccess=true, contextRoot="/myRoot", urlPattern="/myPattern" )
| @HandlerChain( file="jaxws-handlers.xml" )
| public class MyWebServiceImpl
| implements MyWebService
| {
| ....
| }
|
And finally, you place a file called "jaxws-handlers.xml" (or whatever you used in your @HandlerChain annotation) in the package with your web service implementation class:
| <?xml version='1.0'?>
| <handler-chains
| xmlns="http://java.sun.com/xml/ns/javaee"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://java.sun.com/xml/ns/javaee javaee_web_services_1_2.xsd">
|
| <handler-chain>
| <protocol-bindings>##SOAP11_HTTP</protocol-bindings>
| <handler>
| <handler-name>IP Constraint Handler</handler-name>
| <handler-class>my.package.IPConstraintHandler</handler-class>
| </handler>
| </handler-chain>
|
| </handler-chains>
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4163402#4163402
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4163402
More information about the jboss-user
mailing list