1. 使用soapUI 反向出接口定义

输入服务URL地址或选择定义文件

邮件选择生成方式，需要提前配置soapUI的apache CXF路径

这里建议选择生成全部代码

好啦，接下来就可以把反向出的代码复制到项目中啦；代码中可能会有一些注解里面配了原有的包路径，需要改成现在项目中的包，不然启动可能会报错的。

2. pom引用

       <dependency>
            <groupId>org.apache.cxf</groupId>
            <artifactId>cxf-bundle</artifactId>
            <version>2.0.10</version>
            <exclusions>
                <exclusion>
                    <groupId>org.apache.geronimo.specs</groupId>
                    <artifactId>
                        geronimo-annotation_1.0_spec
                    </artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.apache.geronimo.specs</groupId>
                    <artifactId>geronimo-stax-api_1.0_spec</artifactId>
                </exclusion>
              </exclusions>
        </dependency>

3. 创建服务

            String address = "http://localhost:8080/test";
            JaxWsServerFactoryBean factory = new JaxWsServerFactoryBean();
            factory.setAddress(address);
            factory.setServiceClass(XXX.class);
            factory.setServiceBean(new XXX());
            factory.create();

4. 给服务添加身份校验，创建拦截器

import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.transport.http.AbstractHTTPDestination;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.servlet.http.HttpServletRequest;
import javax.xml.soap.SOAPException;
import java.util.Base64;

public class AuthenticationInInterceptor extends AbstractPhaseInterceptor<SoapMessage> {

    private static final Logger logger = LoggerFactory.getLogger(AuthenticationInInterceptor.class);

    private static final String BASIC_PREFIX = "Basic ";
    private static final String USERNAME = "name";
    private static final String PASSWORD = "pwd";

    public AuthenticationInInterceptor() {
        super(Phase.PRE_INVOKE);
    }

    @Override
    public void handleMessage(SoapMessage message) throws Fault {

        HttpServletRequest request = (HttpServletRequest) message.get(AbstractHTTPDestination.HTTP_REQUEST);
        String auth = request.getHeader("Authorization");
        if (auth == null) {
            SOAPException exception = new SOAPException("auth failed, header [Authorization] not exists");
            throw new Fault(exception);
        }
        if (!auth.startsWith(BASIC_PREFIX)) {
            SOAPException exception = new SOAPException("auth failed, header [Authorization] is illegal");
            throw new Fault(exception);
        }
        String plaintext = new String(Base64.getDecoder().decode(auth.substring(BASIC_PREFIX.length())));
        if (StringUtils.isEmpty(plaintext) || !plaintext.contains(":")) {
            SOAPException exception = new SOAPException("auth failed, header [Authorization] is illegal");
            throw new Fault(exception);
        }
        String[] userAndPass = plaintext.split(":");
        String username = userAndPass[0];
        String password = userAndPass[1];
        if (!USERNAME.equals(username) || !PASSWORD.equals(password)) {
            SOAPException exception = new SOAPException("auth failed, username or password is incorrect");
            throw new Fault(exception);
        }
    }

}

创建服务时，加入拦截器

            String address = "http://localhost:8080/test";
            JaxWsServerFactoryBean factory = new JaxWsServerFactoryBean();
            factory.setAddress(address);
            factory.setServiceClass(XXX.class);
            factory.setServiceBean(new XXX());
            factory.getInInterceptors().add(new AuthenticationInInterceptor()); //拦截器
            factory.create();

soapui 发起带身份校验的请求