Java 在RESTEasy和JAX-RS中实现简单身份验证
我想用RESTEasy和JAX-RS实现简单身份验证,这样只有拥有正确用户名和密码的用户才能访问服务。我的web应用程序代码如下所示:Java 在RESTEasy和JAX-RS中实现简单身份验证,java,jax-rs,resteasy,Java,Jax Rs,Resteasy,我想用RESTEasy和JAX-RS实现简单身份验证,这样只有拥有正确用户名和密码的用户才能访问服务。我的web应用程序代码如下所示: @GET @Path("/{param}") public Response printMessage(@PathParam("param") String msg, @Context HttpHeaders headers) { String result = null; String username = headers.getRequest
@GET
@Path("/{param}")
public Response printMessage(@PathParam("param") String msg, @Context HttpHeaders headers) {
String result = null;
String username = headers.getRequestHeader("username").get(0);
String password = headers.getRequestHeader("password").get(0);
if(username.equals("hello2017") && password.equals("bye")) {
result = "Restful example : " + msg + " from " + headers.getRequestHeader("user-agent").get(0) + " " + headers.getRequestHeader("username").get(0)+ " " + headers.getRequestHeader("password").get(0) + " " + hashString2( headers.getRequestHeader("password").get(0));
return Response.status(200).entity(result).build();
}else {
result="Not Authorized";
return Response.status(404).entity(result).build();
//
}
}
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<display-name>Location Service</display-name>
<context-param>
<param-name>resteasy.resources</param-name>
<param-value>de.locationservice.LocationService</param-value>
</context-param>
<listener>
<listener-class>
org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap
</listener-class>
</listener>
<servlet>
<servlet-name>resteasy-servlet</servlet-name>
<servlet-class>
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>resteasy-servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>
My web.xml如下所示:
@GET
@Path("/{param}")
public Response printMessage(@PathParam("param") String msg, @Context HttpHeaders headers) {
String result = null;
String username = headers.getRequestHeader("username").get(0);
String password = headers.getRequestHeader("password").get(0);
if(username.equals("hello2017") && password.equals("bye")) {
result = "Restful example : " + msg + " from " + headers.getRequestHeader("user-agent").get(0) + " " + headers.getRequestHeader("username").get(0)+ " " + headers.getRequestHeader("password").get(0) + " " + hashString2( headers.getRequestHeader("password").get(0));
return Response.status(200).entity(result).build();
}else {
result="Not Authorized";
return Response.status(404).entity(result).build();
//
}
}
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<display-name>Location Service</display-name>
<context-param>
<param-name>resteasy.resources</param-name>
<param-value>de.locationservice.LocationService</param-value>
</context-param>
<listener>
<listener-class>
org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap
</listener-class>
</listener>
<servlet>
<servlet-name>resteasy-servlet</servlet-name>
<servlet-class>
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>resteasy-servlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>
定位服务
resteasy.resources
de.locationservice.locationservice
org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap
RESTEasyServlet
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher
RESTEasyServlet
/*
但是我不认为这是正确的方法,因为我只使用它实现了一个简单的身份验证。我试着跟随,但我仍然不明白,因为我是这个话题的新手 在java中,将字符串与“==”进行比较是不正确的,使用equals方法而不是可能的重复。除了错误地比较字符串之外,为什么要尝试实现自己的安全机制?基本的有什么问题吗?您是否在上阅读了官方文档?当然,
404
是未找到资源的状态代码
。你需要使用401
进行未经授权的@VladBochenin这是真的,我忘了。谢谢