我在 Jersey 上有我的网络服务,并使用此配置来确保安全(在 Spring 上):
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<!-- To allow public access by default and to set authentication mode to
basic login/password -->
<security:global-method-security secured-annotations="enabled"/>
<security:http>
<security:http-basic/>
<security:intercept-url pattern="/**" access="ROLE_DUMMY"/>
</security:http>
<!-- To delegate authorization to method calls rather than to urls -->
<!-- (Thus, we don't need to set any url-interceptor in this conf)
<security:global-method-security
pre-post-annotations="enabled" />-->
<!-- To create user/password with roles -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider>
<security:user-service>
<security:user authorities="ROLE_DUMMY" name="user1"
password="strongpassword1" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
</beans>
现在我尝试创建一个java项目来模拟客户端,所以我使用客户端 Jersey 框架:
ClientConfig config = new ClientConfig();
Client client = ClientBuilder.newClient(config);
WebTarget target = client.target(getBaseURI());
System.out.println(target.path("general").path("getWeather").request().request().header("Authorization: ", "Basic " + "dXNlcjE6c3Ryb25ncGFzc3dvcmQx")
.accept(MediaType.APPLICATION_JSON).get(Response.class)
.toString());
但是我有错误:status=401,reason=Unauthorized,如何设置授权?
最佳答案
我决定:
String authorization = "user1" + ":" + "strongpassword1";
String basic = new String(Base64.encodeBase64(authorization.getBytes(Charset.forName("US-ASCII"))));
System.out.println(target.path("generali").path("getMeteo").request().header("Authorization", "Basic " + basic).accept(MediaType.APPLICATION_JSON).get(String.class));
关于java - 如何使用 Jersey Client 针对 WS 上的 Spring Security 进行身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27959574/