由于有认证的免费资源实在难找,我只好把公司正在使用的一个服务的
wsdl
裁剪一下,拿到这里作为实例,裁剪后的
wsdl
只保留一个
echo
接口,顾名思义,就是客户端送什么字符串上来,服务端就返回同样的字符串。这个
wsdl
如下(业务相关的网址和
end point
均已作了特别处理):
- xml version='1.0' encoding='UTF-8'?>
- <s0:definitions name="ServicesDefinitions" targetNamespace="http://echo.rsecure.com/ECHO" xmlns="" xmlns:s0="" xmlns:s1="http://echo.rsecure.com/ECHO" xmlns:s2="soap/">
- <s0:types>
- <xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="http://echo.rsecure.com/ECHO" xmlns:s0="" xmlns:s1="http://echo.rsecure.com/ECHO" xmlns:s2="soap/" xmlns:xs="">
- <xs:element name="echo">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="EchoMessage" type="xs:string"/>
- xs:sequence>
- xs:complexType>
- xs:element>
- <xs:element name="echoResponse">
- <xs:complexType>
- <xs:sequence>
- <xs:element name="Echo" type="xs:string"/>
- xs:sequence>
- xs:complexType>
- xs:element>
- xs:schema>
- s0:types>
- <s0:message name="echo">
- <s0:part element="s1:echo" name="parameters"/>
- s0:message>
- <s0:message name="echoResponse">
- <s0:part element="s1:echoResponse" name="Echo"/>
- s0:message>
- <s0:portType name="LMIAPort">
- <s0:operation name="echo" parameterOrder="parameters">
- <s0:input message="s1:echo"/>
- <s0:output message="s1:echoResponse"/>
- s0:operation>
- s0:portType>
- <s0:binding name="ServicesSoapBinding" type="s1:LMIAPort">
- <s2:binding style="document" mce_style="document" transport=""/>
- <s0:operation name="echo">
- <s2:operation style="document" mce_style="document"/>
- <s0:input>
- <s2:body parts="parameters" use="literal"/>
- s0:input>
- <s0:output>
- <s2:body parts="Echo" use="literal"/>
- s0:output>
- s0:operation>
- s0:binding>
- <s0:service name="Services">
- <s0:port binding="s1:ServicesSoapBinding" name="lmiAPort">
- <s2:address location=""/>
- s0:port>
- s0:service>
- s0:definitions>
在
gsoap-2.7/gsoap/wsdl/
目录下建立两个目录:
echo
和
echo_server
,按照前几节的方法分别建立
gSOAP
客户端和服务端。客户端与前几节的相比,首先是增加了
soap_ssl_client_context
处理
HTTPS
协议。其次,本案例使用的是基本认证
(Basic Authentication)
,需要在
soap
变量初始化之后给出用户名和密码。
struct soap soap;
soap_init(&soap);
soap.userid = argv[1];
soap.passwd = argv[2];
客户端完整程序如下:
- #include "soapH.h"
- #include "ServicesSoapBinding.nsmap"
- int main(int argc, char **argv) {
- if ( argc != 4 && argc != 5 ) {
- printf("Usage: %s username password message [end_point]\n", argv[0]);
- exit(-1);
- }
- struct soap soap;
- soap_init(&soap);
- soap.userid = argv[1];
- soap.passwd = argv[2];
- struct _ns1__echo request;
- struct _ns1__echoResponse response;
- soap_ssl_init();
- if ( soap_ssl_client_context(&soap, SOAP_SSL_NO_AUTHENTICATION, NULL, NULL, NULL, NULL, NULL) ) {
- soap_print_fault(&soap, stderr);
- exit(-1);
- }
- request.EchoMessage = argv[3];
- char *endpoint = NULL;
- if ( argc == 5 )
- endpoint = argv[4];
- printf("username : %s\n", soap.userid);
- printf("password : %s\n", soap.passwd);
- printf("message : %s\n", request.EchoMessage);
- if ( endpoint )
- printf("end point : %s\n", endpoint);
- if ( soap_call___ns1__echo(&soap, endpoint, NULL, &request, &response) == SOAP_OK ) {
- printf("%s\n", response.Echo);
- }
- else {
- soap_print_fault(&soap, stderr);
- }
- soap_destroy(&soap);
- soap_end(&soap);
- soap_done(&soap);
- return 0;
- }
保存为
echo.c
,编译命令如下,注意增加了
-DWITH_OPENSSL
参数,以及需要链接
libssl
库。
gcc -DWITH_OPENSSL -O2 -o echo
echo.c soapC.c soapClient.c ../../stdsoap2.c -I../.. -L../.. -lgsoap –lssl
服务端的编写相对麻烦,以下给出一个最简单的实现。与第二节的
stock
服务端程序相比,主要是增加了
soap_ssl_server_context
处理
HTTPS
协议,其中需要用到
gsoap-2.7.17
自带的
ssl
实例程序中的几个
pem
证书,把它们拷贝过来即可使用。另外,与不需要认证的应用相比,
__ns1__echo
增加了用户密码校验。这个案例里,设定客户端送上来的用户
/
密码应当为
roy/liang
,否则将返回
401
错误。
- #include
- #include "soapH.h"
- #include "ServicesSoapBinding.nsmap"
- void *process_request(void *soap) {
- pthread_detach(pthread_self());
- if ( soap_ssl_accept((struct soap *) soap) != SOAP_OK )
- soap_print_fault((struct soap *) soap, stderr);
- else
- soap_serve((struct soap *) soap);
- soap_end((struct soap *) soap);
- soap_free((struct soap *) soap);
- return NULL;
- }
- int main(int argc, char **argv) {
- if ( argc != 2 ) {
- printf("Usage: %s port\n", argv[0]);
- exit(-1);
- }
- int port = atol(argv[1]);
- pthread_t tid;
- struct soap *tsoap;
- struct soap soap;
- soap_init(&soap);
- soap_ssl_init();
- if ( soap_ssl_server_context(&soap, SOAP_SSL_DEFAULT, "server.pem", "password", "cacert.pem", NULL, "dh512.pem", NULL, argv[0]) ) {
- soap_print_fault(&soap, stderr);
- exit(-1);
- }
- int m, s;
- if ( (m = soap_bind(&soap, NULL, port, 100)) < 0 ) {
- soap_print_fault(&soap, stderr);
- }
- else {
- printf("Socket connect successfully: master socket = %d\n", m);
- int i = 0;
- while ( 1 ) {
- if ( (s = soap_accept(&soap)) < 0 ) {
- soap_print_fault(&soap, stderr);
- break;
- }
- printf("Connection %d accepted from IP = %d.%d.%d.%d, slave socket = %d\n", ++i, (soap.ip >> 24) & 0xff, (soap.ip >> 16) & 0xff, (soap.ip >> 8) & 0xff, soap.ip & 0xff, s);
- tsoap = soap_copy(&soap);
- if ( !tsoap ) {
- soap_closesock(&soap);
- continue;
- }
- pthread_create(&tid, NULL, &process_request, (void *) tsoap);
- }
- }
- soap_done(&soap);
- return 0;
- }
- int __ns1__echo(
- struct soap *soap,
- struct _ns1__echo *request,
- struct _ns1__echoResponse *response) {
- if ( !soap->userid || !soap->passwd || strcmp(soap->userid, "roy") || strcmp(soap->passwd, "liang") )
- return 401;
- int len = strlen(request->EchoMessage);
- response->Echo = (char *) malloc(sizeof(char) * (len + 1));
- strcpy(response->Echo, request->EchoMessage);
- return SOAP_OK;
- }
保存为
echo_server.c
,编译命令是:
gcc -DWITH_OPENSSL -O2 -o
echo_server echo_server.c soapC.c soapServer.c ../../stdsoap2.c -I../.. -L../..
-lgsoap -lssl -lcrypto –lpthread
客户端和服务端都编译完成后,首先启动服务端:
-bash-3.2$ ./echo_server 6883
Socket
connect successfully: master socket = 3
然后,在另一个窗口运行客户端,由于
wsdl
里已经指定默认
end point
是
,因此,客户端并不需要额外给出。
正常的返回结果:
-bash-3.2$ ./echo roy liang hi
username
: roy
password
: liang
message
: hi
hi
用户、密码不正确将返回
401
错误:
-bash-3.2$ ./echo roy xxx hi
username
: roy
password
: xxx
message
: hi
Error
401 fault: SOAP-ENV:Server [no subcode]
"HTTP/1.1
401 Unauthorized"
Detail:
SOAP-ENV:ClientHTTP
Error:
401
Unauthorized
基于
HTTP
的基本认证
(Basic
Authentication)
比基于
HTTPS
的更加简单,在客户端和服务端的程序去除
HTTPS
处理即可,不再赘述。
另外,本案例中用到的证书的失效日期好像是
2010
年
11
月
2
日,在此之后执行的结果可能会不一样。
阅读(3702) | 评论(0) | 转发(1) |
