使用OpenAM令牌确定用户身份的JavaRESTAPI?
我无法使用OpenAM验证用户令牌。特别是我应该创建什么类型的代理。有人可以推荐解决方案吗 本质上,RESTAPI将读取用户OpenAM令牌ID,并使用OpenAM验证令牌,然后OpenAM将返回包含用户名的数据。该用户名可在RESTAPI方法中用于标识访问该方法的用户 更简单的是如何使用OpenAM令牌来获取OpenAM用户信息使用OpenAM令牌确定用户身份的JavaRESTAPI?,java,rest,openam,Java,Rest,Openam,我无法使用OpenAM验证用户令牌。特别是我应该创建什么类型的代理。有人可以推荐解决方案吗 本质上,RESTAPI将读取用户OpenAM令牌ID,并使用OpenAM验证令牌,然后OpenAM将返回包含用户名的数据。该用户名可在RESTAPI方法中用于标识访问该方法的用户 更简单的是如何使用OpenAM令牌来获取OpenAM用户信息 谢谢 您可以使用以下端点: 验证用户: curl --request POST --header "X-OpenAM-Username: demo" \ --head
谢谢 您可以使用以下端点:
curl --request POST --header "X-OpenAM-Username: demo" \
--header "X-OpenAM-Password: changeit" \
--header "Content-Type: application/json"
"http://openam.example.com:8080/sso/json/authenticate"
{"tokenId":"AQIC5wM2LY4SfcyTReB5nbrLt3QaH-7GhPuU2-uK2k5tJsA.*AAJTSQACMDEAAlNLABMyOTUxODgxODAwOTE0MTA4NDE3*","successUrl":"/sso/console"}
curl --request POST \
--header "Content-Type: application/json" \
"http://openam.example.com:8080/sso/json/sessions/AQIC5wM2LY4SfczadxSebQWi9UEyd2ZDnz_io0Pe6NDgMhY.*AAJTSQACMDEAAlNLABM3MTMzMTYwMzM1NjE4NTE4NTMx*?_action=validate"
{"valid":true,"uid":"demo","realm":"/"}
curl --request GET \
--header "iPlanetDirectoryPro: AQIC5wM2LY4SfczadxSebQWi9UEyd2ZDnz_io0Pe6NDgMhY.*AAJTSQACMDEAAlNLABM3MTMzMTYwMzM1NjE4NTE4NTMx*" \
"http://openam.example.com:8080/sso/json/users/demo"
{"username":"demo","realm":"/","uid":["demo"],"userPassword":["{SSHA}cIgTNGHWd4t4Ff3SHa6a9pjMyn/Z3e3EOp5mrA=="],"sn":["demo"],"createTimestamp":["20160406210602Z"],"cn":["demo"],"givenName":["demo"],"inetUserStatus":["Active"],"dn":["uid=demo,ou=people,dc=example,dc=com"],"objectClass":["devicePrintProfilesContainer","person","sunIdentityServerLibertyPPService","inetorgperson","sunFederationManagerDataStore","iPlanetPreferences","iplanet-am-auth-configuration-service","organizationalperson","sunFMSAML2NameIdentifier","oathUser","inetuser","forgerock-am-dashboard-service","iplanet-am-managed-person","iplanet-am-user-service","sunAMAuthAccountLockout","top"],"universalid":["id=demo,ou=user,dc=openamcfg,dc=example,dc=com"]}
我最终选择了idFromSession:
curl --request POST \
--header "iplanetdirectorypro: AQIC5wM2LY4SfczUFNs-TJwFrCVAKgR0NulIAyNaIkQmjis.*AAJTSQACMDEA
AlNLABQtNTQ3NDE2Njc5ODk4MjYzMzA2MQ..*" \
--header "Content-Type: application/json"
http://openam.example.com:8080/openam/json/users?_action=idFromSession
然后在我的java REST API方法中,我使用了:
String httpsURL = "https://openam.example.com:8080/openam/json/users?_action=idFromSession";
URL url = new URL(httpsURL);
HttpsURLConnection con = (HttpsURLConnection) url.openConnection();
//add request headers
con.setRequestMethod("POST");
con.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0");
con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
con.setRequestProperty("Content-Type", "application/json");
// Add session token as header
con.setRequestProperty("iplanetdirectorypro", "AQIC5wM2LY4SfczUFNs-TJwFrCVAKgR0NulIAyNaIkQmjis.*AAJTSQACMDEA
AlNLABQtNTQ3NDE2Njc5ODk4MjYzMzA2MQ..*");
// Send post request
con.setDoOutput(true);
// Read output
BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
基于HTTP发布:您不需要设置cookie吗
Response fieldResponse = given().auth().oauth2( oAuthLogin.getToken())
.config(new RestAssuredConfig().
decoderConfig(
new DecoderConfig("UTF-8")
).encoderConfig(
new EncoderConfig("UTF-8", "UTF-8")
))
.header("iplanetDirectoryPro", oAuthLogin.getToken())
.header("Content-Type", "application/json")
// .contentType("application/json")
.body(myRequest).with()
.when()
.post(dataPostUrl)
.then()
.assertThat()
.log().ifError()
.statusCode(200)
.extract().response();
作为错误请求400失败。相同的内容标头在postman中工作。
我看到的唯一区别是饼干。
按邮递员办事
这个答案和OpenAM有什么关系吗?我不知道它是如何回答这个问题的。