java - 如何使用 Jersey Client 针对 WS 上的 Spring Security 进行身份验证

Question

我在 Jersey 上有我的网络服务，并使用此配置来确保安全(在 Spring 上):

    <?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
  http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">

    <!-- To allow public access by default and to set authentication mode to 
        basic login/password -->
    <security:global-method-security secured-annotations="enabled"/>

    <security:http>
        <security:http-basic/>
        <security:intercept-url pattern="/**" access="ROLE_DUMMY"/>
    </security:http>

    <!-- To delegate authorization to method calls rather than to urls -->
    <!-- (Thus, we don't need to set any url-interceptor in this conf) 
    <security:global-method-security
        pre-post-annotations="enabled" />-->

    <!-- To create user/password with roles -->
    <security:authentication-manager alias="authenticationManager">
        <security:authentication-provider>
            <security:user-service>
                <security:user authorities="ROLE_DUMMY" name="user1"
                    password="strongpassword1" />
            </security:user-service>
        </security:authentication-provider>
    </security:authentication-manager>
</beans>

现在我尝试创建一个java项目来模拟客户端，所以我使用客户端 Jersey 框架:

ClientConfig config = new ClientConfig();


        Client client = ClientBuilder.newClient(config);


        WebTarget target = client.target(getBaseURI());

        System.out.println(target.path("general").path("getWeather").request().request().header("Authorization: ", "Basic " + "dXNlcjE6c3Ryb25ncGFzc3dvcmQx")
 .accept(MediaType.APPLICATION_JSON).get(Response.class)
.toString());

但是我有错误:status=401，reason=Unauthorized，如何设置授权？

Answer 1

我决定:

String authorization = "user1" + ":" + "strongpassword1";
String basic = new String(Base64.encodeBase64(authorization.getBytes(Charset.forName("US-ASCII"))));

System.out.println(target.path("generali").path("getMeteo").request().header("Authorization", "Basic " + basic).accept(MediaType.APPLICATION_JSON).get(String.class));