编辑：消息已清除并添加了代码

我用基本的Java客户端开发了一个基于jax-ws的Web服务。

我使用SOAP处理程序来验证用户身份。一个在客户端将userId和令牌添加到SOAP标头中，另一个在服务器端将其获取这些信息并通过数据库对用户进行身份验证。

客户端（简体）：

import static modules.auth.AuthClient.userID;
import static modules.auth.AuthClient.token;

public boolean handleMessage(SOAPMessageContext context) {

    //Getting SOAP headers
    SOAPMessage soapMsg = context.getMessage();
    SOAPEnvelope soapEnv = soapMsg.getSOAPPart().getEnvelope();
    SOAPHeader soapHeader = soapEnv.getHeader();

    QName qname;
    SOAPHeaderElement soapHeaderElement;

    //Add userID in SOAP header
    qname = new QName("****","UserID");
    soapHeaderElement = soapHeader.addHeaderElement(qname);
    soapHeaderElement.setActor(SOAPConstants.URI_SOAP_ACTOR_NEXT);
    soapHeaderElement.addTextNode(userID);

    //Add token in SOAP header
    qname = new QName("****","Token");
    soapHeaderElement = soapHeader.addHeaderElement(qname);
    soapHeaderElement.setActor(SOAPConstants.URI_SOAP_ACTOR_NEXT);
    soapHeaderElement.addTextNode(token);

    soapMsg.saveChanges();

    return true;
}

public boolean handleMessage(SOAPMessageContext context) {
    Boolean isRequest = (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);

    if (!isRequest) {
        //Getting SOAP headers
        SOAPMessage soapMsg = context.getMessage();
        SOAPEnvelope soapEnv = soapMsg.getSOAPPart().getEnvelope();
        SOAPHeader soapHeader = soapEnv.getHeader();

        Iterator it = soapHeader.extractHeaderElements(SOAPConstants.URI_SOAP_ACTOR_NEXT);

        Node userIDNode = (Node) it.next();
        String userID = (userIDNode == null) ? null : userIDNode.getValue();

        Node tokenNode = (Node) it.next();
        String token = (tokenNode == null) ? null : tokenNode.getValue();

        //Return if the user is connected
        User u = AuthWS.validToken(userID, token);

        //Here I have my user but I don't know how to get it in my requested method
    }
    return true;
}

public Project getProject(@WebParam(name = "name") String name) throws WebServiceFailure, EntityNotFoundException {

    //Here I would like to verify the user's rights

    try {
        PreparedStatement ps = DBConnect.getStatement("SELECT name FROM projects WHERE name = '" + name + "'");
        ResultSet res = ps.executeQuery();
        if(res.next()){
            Project p = new Project(res.getString("name"));
            ps.close();
            return p;
        } else {
            ps.close();
            throw new EntityNotFoundException("Can't find the project '"+name+"'");
        }
    } catch (SQLException ex) {
        throw new WebServiceFailure(ex.getMessage());
    }
}

最后，我确切地找到了要搜索的内容：

Follow this link.

在“将信息从处理程序级别传递到应用程序”部分中