无法从Spring-Jersey内检索安全上下文 [英] Unable to retrieve security context from within Spring-Jersey
问题描述
我正在尝试在我的spring-jersey bean中检索安全上下文,但是我一直在获得Null身份验证.当我在spring应用程序中运行同一命令时,它会正确检索当前已登录用户的安全上下文.
I am trying to retrieve a security context within my spring-jersey bean, however I keep getting Null authentication. When I run the same command from within my spring application it correctly retrieves the current logged in users security context.
spring-jersey的配置需要为主spring应用程序创建一个单独的servlet,因此web.xml有两个servlet-一个用于spring应用程序,另一个用于jersey rest api.
The configuration of spring-jersey requires creating a separate servlet to the main spring application, thus the web.xml has two servlet's - one for spring app, second for jersey rest api.
假设问题与此相关,我尝试将安全上下文共享模式设置为global,但是我仍然无法从Jersey内获取上下文信息.
Assuming the problem is related to this, I tried setting the security context sharing mode to global, however I still unable to get the context information from within Jersey.
SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_GLOBAL)
任何帮助,将不胜感激!
Any help with this would be greatly appreciated!
非常感谢, 奈杰尔
推荐答案
也许用户只是未通过身份验证,因为您的Jersey请求没有会话cookie,因此未与经过身份验证的用户的会话相关联?
Perhaps user is simply not authenticated, because your Jersey requests don't have a session cookie and therefore are not associated with the authenticated user's session?
您可以通过在Spring Security中启用匿名身份验证来进行检查-如果猜测正确,则应该获取匿名身份验证而不是null
.
You may check it by enabling anonymous authentication in Spring Security - you should get anonymous authentication instead of null
if the guess is right.
这篇关于无法从Spring-Jersey内检索安全上下文的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!