Fatal编程技术网
  • java/
  • Java SEAM-获取base65身份验证的url

Java SEAM-获取base65身份验证的url

java

Java SEAM-获取base65身份验证的url,java,seam,Java,Seam,我的components.xml中有此配置: <web:authentication-filter url-pattern="/resource/rest/*" auth-type="basic"/> <security:identity authenticate-method="#{basicAuthenticator.login}"/> 但是它给我空值,因为我这里没有jsf 你知道还有别的办法吗 谢谢。克里斯蒂安 因为ServletFilter总是在FacesSer

我的components.xml中有此配置:

<web:authentication-filter url-pattern="/resource/rest/*" auth-type="basic"/>
<security:identity authenticate-method="#{basicAuthenticator.login}"/>
但是它给我空值,因为我这里没有jsf

你知道还有别的办法吗

谢谢。

克里斯蒂安

因为ServletFilter总是在FacesServlet之前被调用,您总是会得到null

所以不要使用

private @In FacesContext facesContext;
当使用Servlet过滤器时

解决方案:嗯,这不是最好的解决方案,但它解决了你想做的事情

创建一个CustomAuthenticationFilter,如下所示

@Scope(APPLICATION)
@Name("org.jboss.seam.web.authenticationFilter")
@Install(value = false, precedence = BUILT_IN)
@BypassInterceptors
@Filter(within = "org.jboss.seam.web.exceptionFilter")
public class CustomAuthenticationFilter extends org.jboss.seam.web.AbstractFilter {

    /** 
      * Because of some private methods defined in AuthenticationFilter
      * do Ctrl + C / Ctrl + V All of source code of AuthenticationFilter
      *
      * Except authenticate method which is shown bellow
      */

    private void authenticate(HttpServletRequest request, final String username) throws ServletException, IOException {
        new ContextualHttpServletRequest(request) {

            @Override
            public void process() throws ServletException, IOException, LoginException {
                Identity identity = Identity.instance();
                identity.getCredentials().setUsername(username);

                try {
                    identity.preAuthenticate();

                    /**
                      * Yes, THE SAME LOGIC performed by authenticate-method must goes here
                      */

                    /**
                      * Do not use @In-jection here
                      * 
                      * Use context lookup instead
                      * For instance, UserService userService = (UserService) Contexts.lookupInStatefulContexts("userService");
                      */

                    identity.postAuthenticate();
                } finally {
                    // Set password to null whether authentication is successful or not
                    identity.getCredentials.setPassword(null);    
                }
            }
        }.run();  
    }

}
现在覆盖/WEB-INF/componets.xml中的默认AuthenticationFilter

<web:rewrite-filter view-mapping="/resource/rest/*"/>
<component name="org.jboss.seam.web.authenticationFilter" class="br.com.ar.seam.CustomAuthenticationFilter">  
    <property name="urlPattern">/resource/rest/*</property>
    <property name="authType">basic</property>
</component>


/资源/休息/*
基本的
要启用restURL,请执行以下操作

@Scope(APPLICATION)
@Name("org.jboss.seam.web.authenticationFilter")
@Install(value = false, precedence = BUILT_IN)
@BypassInterceptors
@Filter(within = "org.jboss.seam.web.exceptionFilter")
public class CustomAuthenticationFilter extends org.jboss.seam.web.AbstractFilter {

    /** 
      * Because of some private methods defined in AuthenticationFilter
      * do Ctrl + C / Ctrl + V All of source code of AuthenticationFilter
      *
      * Except authenticate method which is shown bellow
      */

    private void authenticate(HttpServletRequest request, final String username) throws ServletException, IOException {
        new ContextualHttpServletRequest(request) {

            @Override
            public void process() throws ServletException, IOException, LoginException {
                Identity identity = Identity.instance();
                identity.getCredentials().setUsername(username);

                try {
                    identity.preAuthenticate();

                    /**
                      * Yes, THE SAME LOGIC performed by authenticate-method must goes here
                      */

                    /**
                      * Do not use @In-jection here
                      * 
                      * Use context lookup instead
                      * For instance, UserService userService = (UserService) Contexts.lookupInStatefulContexts("userService");
                      */

                    identity.postAuthenticate();
                } finally {
                    // Set password to null whether authentication is successful or not
                    identity.getCredentials.setPassword(null);    
                }
            }
        }.run();  
    }

}
web.xml

<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<!--HERE GOES NON-REST INTERCEPTED URL-->
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.seam</url-pattern>
</servlet-mapping>
<!--HERE GOES REST INTERCEPTED URL-->
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>/*</url-pattern>
</servlet-mapping>


Facesservlet
javax.faces.webapp.FacesServlet
1.
Facesservlet
*.接缝
Facesservlet
/*
现在,假设您想要调用与restURL servlet映射匹配的/resource/rest/user。在/WEB-INF/pages.xml中声明

<page view-id="<VIEW_ID_GOES_HERE>">
    <rewrite pattern="/resource/rest/user"/>
    <rewrite pattern="/resource/rest/{userId}"/>
    <!--userId comes from pattern shown above-->
    <param name="userId" value="#{userService.userId}"/>
</page>
为了避免FacesServlet拦截任何客户端资源,如css、javaScript和图像文件,您可以定义

<servlet>
    <servlet-name>Seam Resource Servlet</servlet-name>
    <servlet-class>org.jboss.seam.servlet.SeamResourceServlet</servlet-class>
</servlet>
<servlet-mapping>
    <servlet-name>Seam Resource Servlet</servlet-name>
    <url-pattern>/resource/*</url-pattern>
</servlet-mapping>


Seam资源Servlet
org.jboss.seam.servlet.SeamResourceServlet
Seam资源Servlet
/资源/*
不适用于JSF生命周期的确保将Seam Resource Servlet置于FacesServlet声明之上。

查看并确保您的应用程序已正确打包。已检查,但似乎没有问题……问题仍然存在……:(非常感谢Arthur。您的解决方案确实非常适合我的需要!