Spring MVC 3.1 中的基本身份验证

【问题标题】:Basic Authentication in Spring MVC 3.1Spring MVC 3.1 中的基本身份验证
【发布时间】:2012-10-05 05:07:34
【问题描述】:

我正在尝试使用 Spring MVC 3.1 和 REST API 开发示例应用程序。

在进入应用程序之前,有一个登录表单来验证用户身份。我想使用 REST API 使用用户在登录表单中提供的凭据(用户名和密码)进行基本身份验证。

我的问题是我不知道如何使用 REST API 进行基本身份验证。

我进行了很多搜索,但没有得到任何正确的教程,我可以从中解决我的错误。

请任何人指导我或告诉我任何好的文章?

现在我正在学习以下教程 http://www.jpalace.org/docs/technotes/spring/rest-security.html 但出现空指针异常。

RestClient.java

import org.springframework.web.client.RestTemplate;


public class RestClient {

    RestTemplate restTemplate = new RestTemplate();
    static final String URL = "http://www.assembla.com/spaces/my_spaces";
    static final String username = "aaaaa";
    static final String password = "aaaaa";

    public RestClient() {

        BasicSecureSimpleClientHttpRequestFactory requestFactory = new BasicSecureSimpleClientHttpRequestFactory();
        requestFactory.setCredentialsProvider(new SimpleCredentialsProvider(
                new Credentials(username, password)));
        restTemplate.setRequestFactory(requestFactory);
    }

    public void exec() {
        System.out.println("restTemplate :::::::::::::::::: " + restTemplate);
        String response = restTemplate.getForObject(URL, String.class);
        System.out.println("Response:::::::::::::: " + response);
    }

}

BasicSecureSimpleClientHttpRequestFactory.java

import java.net.HttpURLConnection;
  import sun.misc.BASE64Encoder;


    public class BasicSecureSimpleClientHttpRequestFactory extends
            SecureSimpleClientHttpRequestFactory {

        public BasicSecureSimpleClientHttpRequestFactory() {
        }

        protected void prepareSecureConnection(HttpURLConnection connection) {
            if (credentialsProvider == null) {
                return;
            }
            Credentials credentials = credentialsProvider.getCredentials(null);
            String token = credentials.getUsername() + ":"
                    + credentials.getPassword();
            BASE64Encoder enc = new sun.misc.BASE64Encoder();
            String encodedAuthorization = enc.encode(token.getBytes());
            connection.setRequestProperty("Authorization", "Basic "
                    + encodedAuthorization);
        }
    }

SecureSimpleClientHttpRequestFactory .java

import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URI;

import org.springframework.http.HttpMethod;
import org.springframework.http.client.ClientHttpRequest;
import org.springframework.http.client.SimpleClientHttpRequestFactory;

abstract public class SecureSimpleClientHttpRequestFactory extends
        SimpleClientHttpRequestFactory {

    protected CredentialsProvider credentialsProvider;

    public SecureSimpleClientHttpRequestFactory() {
    }

    public CredentialsProvider getCredentialsProvider() {
        return credentialsProvider;
    }

    public void setCredentialsProvider(CredentialsProvider credentialsProvider) {
        this.credentialsProvider = credentialsProvider;
    }

    @Override
    public ClientHttpRequest createRequest(URI uri, HttpMethod httpMethod)
            throws IOException {
        HttpURLConnection connection = openConnection(uri.toURL(), null);
        prepareConnection(connection, httpMethod.name());
        prepareSecureConnection(connection);
        return new SecureSimpleClientHttpRequest(connection);
    }

    abstract protected void prepareSecureConnection(HttpURLConnection connection);

}

SecureSimpleClientHttpRequest .java

import java.io.IOException;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URI;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.client.ClientHttpRequest;
import org.springframework.http.client.ClientHttpResponse;
public class SecureSimpleClientHttpRequest implements ClientHttpRequest {
    public SecureSimpleClientHttpRequest(HttpURLConnection connection) {
        // TODO Auto-generated constructor stub
    }
    @Override
    public HttpMethod getMethod() {
        // TODO Auto-generated method stub
        return null;
    }
    @Override
    public URI getURI() {
        // TODO Auto-generated method stub
        return null;
    }
    @Override
    public HttpHeaders getHeaders() {
        // TODO Auto-generated method stub
        return null;
    }
    @Override
    public OutputStream getBody() throws IOException {
        // TODO Auto-generated method stub
        return null;
    }
    @Override
    public ClientHttpResponse execute() throws IOException {
        // TODO Auto-generated method stub
        return null;
    }
}

SimpleCredentialsProvider .java

public class SimpleCredentialsProvider implements CredentialsProvider {

    private Credentials credentials;

    public SimpleCredentialsProvider(Credentials credentials) {
        super();
        this.credentials = credentials;
    }

    @Override
    public Credentials getCredentials(String str) {

        return credentials;
    }

}

CredentialsProvider .java

public interface CredentialsProvider {

    public Credentials getCredentials(String str);
}

Credentials.java

public class Credentials {

    private String username;
    private String password;

    public Credentials(String username, String password) {
        super();
        this.username = username;
        this.password = password;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

}

我收到以下错误:

2012 年 10 月 16 日下午 12:56:04 org.apache.catalina.core.StandardWrapperValve 调用 SEVERE: Servlet.service() for servlet spring 抛出异常 java.lang.NullPointerException 在 org.springframework.web.client.RestTemplate$AcceptHeaderRequestCallback.doWithRequest(RestTemplate.java:530) 在 org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:444) 在 org.springframework.web.client.RestTemplate.execute(RestTemplate.java:409) 在 org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:207)

【问题讨论】:

    标签: rest spring-mvc spring-security basic-authentication restful-authentication


    【解决方案1】:

    如果您已经在使用 Spring MVC,则一种方法是将其与 Spring Security 结合使用:http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity.html

    由于它以各种方式支持基本身份验证: http://static.springsource.org/spring-security/site/docs/3.1.x/reference/ns-config.html#ns-form-and-basic

    还可以查看这篇文章,了解如何将它与 REST 一起使用: http://www.baeldung.com/2011/11/20/basic-and-digest-authentication-for-a-restful-service-with-spring-security-3-1/

    【讨论】:

    猜你喜欢
    • 2016-04-30
    • 2012-02-21
    • 2015-09-06
    • 2012-10-10
    • 2013-12-07
    • 2012-08-15
    • 2011-02-11
    • 2019-04-25
    • 2015-08-08
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode