Avatar of aronezhang

by

WebService系列:Office VBA调用已安全性认证的Web Service

二月 14, 2009 in Oracle 融合中间件

 

上一篇文章中已经描述了如何生成 Office VBA 客户端代理程序来调用 Web Service,但是如果Web Service已

添加了安全性认证的话,仅仅使用MS Office2003 WebServices Tools工具产生的代理程序还不足以完成调用。

 

本文描述如何扩展Microsoft提供的SOAP Toolit中的IHeaderHandler接口来格式化SOAP Headers,进而实现

调用Web Service时提供必要的安全认证信息,本文只描述最基本的基于用户名口令认证方式。

 

一、编写安全认证的SOAP头信息

 

WebService系列:为WebService添加安全性一文中,当调用一个已添加安全验证的Web Service时,需要提供必要的验证信息,

验证信息包含在SOAP Header部分,本文的目标就是在VBA代理程序调用Web Service时,添加如下的SOAP Header信息到Web Service的请求消息中

?View Code XML
1
2
3
4
5

 
 
 
               aronehome
               aronehome

 

在前面的文章中已经说明了VBA代理类主要完成的任务,其中就是初始化一个Soapclient30的实例,

而Soapclient30提供了一个属性HeaderHandler来接收实现IHeaderHandler接口的实现类。

而HeaderHandler对象定义了SOAP头如何读取和写入,下面就描述如何编写实现IHeaderHandler接口的VBA类模块 UserTokenAuthHelper 来返回一个OC4J Web Service能够识别的SOAP头信息。

下面是实现的类模块代码:

?View Code VB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

Option Explicit
 
Implements IHeaderHandler
 
Private Const XmlnsSoap As String = "http://schemas.xmlsoap.org/soap/envelope/"
Private Const SecurityXmlnsWsse As String = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
Private Const SecurityXmlns As String = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
Private Const SecurityXmlnsEnv As String = "http://schemas.xmlsoap.org/soap/envelope/"
Private Const UsernameTokenXmlnsWsse As String = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
Private Const UsernameTokenXmlns As String = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
Private Const WssePasswordType As String = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"
 
Private myUsernameToken As String
Private myPassword As String
Private myMustUnderstand As Integer
 
Public Property Let UsernameToken(ByVal pUsernameToken As String)
    myUsernameToken = pUsernameToken
End Property
 
Public Property Get UsernameToken() As String
    UsernameToken = myUsernameToken
End Property
 
Public Property Let Password(ByVal pPassword As String)
    myPassword = pPassword
End Property
 
Public Property Get Password() As String
    Password = myPassword
End Property
 
Public Property Let MustUnderstand(ByVal pMustUnderstand As Integer)
    myMustUnderstand = pMustUnderstand
End Property
 
Public Property Get MustUnderstand() As Integer
    MustUnderstand = myMustUnderstand
End Property
 
Private Function IHeaderHandler_ReadHeader(ByVal par_Reader As MSOSOAPLib30.ISoapReader, ByVal par_HeaderNode As MSXML2.IXMLDOMNode, ByVal par_Object As Object) As Boolean
    IHeaderHandler_ReadHeader = True
End Function
 
Private Function IHeaderHandler_WillWriteHeaders() As Boolean
    IHeaderHandler_WillWriteHeaders = True
End Function
 
Private Sub IHeaderHandler_WriteHeaders(ByVal par_ISoapSerializer As MSOSOAPLib30.ISoapSerializer, ByVal par_Object As Object)
    Dim tempHeaderDoc As String
    tempHeaderDoc = ""
    tempHeaderDoc = tempHeaderDoc & " " _
                    & "" _
    tempHeaderDoc = tempHeaderDoc & " " _
                    & "" & myUsernameToken & "" _
                    & "" & myPassword & ""
    tempHeaderDoc = tempHeaderDoc & "" _
                    & "" _
                    & ""
    par_ISoapSerializer.WriteXml tempHeaderDoc   
End Sub

上面的UserTokenAuthHelper类实现了按照OC4J的要求将安全验证需要的SOAP Header信息添加到请求消息中的功能

 

二、添加UserTokenAuthHelper实现类到Web Services代理类

 

上面已经实现了UserTokenAuthHelper类来添加SOAP Header信息,用于进行安全验证。只要修改MS Office2003 WebServices Tools生成的Web Services代理类,

将SOAP头信息传给消息即可,在代理类Class_Initialize()方法的最后添加如下的代码:

?View Code VB
1
2
3
4
5
6
7

'用户认证
Dim objCurAuthHelper As UserTokenAuthHelper
Set objCurAuthHelper = New UserTokenAuthHelper
objCurAuthHelper.UsernameToken = "aronehome"
objCurAuthHelper.Password = "aronehome"
objCurAuthHelper.MustUnderstand = 1
Set sc_UserListInfo.HeaderHandler = objCurAuthHelper

 

在任何一个代理类都是相同的代码,只要根据实际代理类替换红色部分的Soapclient30变量就可以了。

 

再次运行VBA程序进行调试,提供正确的用户和密码,程序能够成功运行。上面代码中的用户名和密码直接写为aronehome/aronehome,根据情况进行修改,

最后将其修改为让用户录入的方式来提供,当然如果你提供错误的用户名或者密码,那Web Services返回的错误应该是:The security token could not be authenticated or authorized.

 

 

VBA客户端代理程序下载:Download TEMPLFLD_R11i Version 1

 

 

相关文章:

  1. 编写Java Web Service Proxy
  2. IREP: 测试Integration Repository客户化Web服务的调用
  3. WebService系列:问题处理(Troubleshooting)
  4. WebService系列:Office VBA调用Web Service
  5. WebService系列:创建PL/SQL复合式数据类型Web Services
  6. WebService系列:OC4J安全性提供程序
  7. WebService系列:为WebService添加安全性
  8. WebService系列:PL/SQL调用Web Service(Web Service Callout)
  9. WebService系列:将PL/SQL功能发布为Web Service到OC4J
  10. 用代码实现页面Action跳转

Tags: , , ,  

Leave a reply

You must be logged in to post a comment.