Resteasy客户端的基本身份验证 [英] Basic Authentication with Resteasy client

问题描述

我正在尝试对使用REST在我的jboss上运行的登录模块执行基本身份验证.我已经找到一个StackOverflow主题，该主题说明了如何使用凭据进行身份验证.

I'm trying to perform an basic auth to the login-module which runs on my jboss using REST. I already found an StackOverflow topic which explains how to authenticate with credentials.

RESTEasy客户端框架身份验证凭据

这不起作用.分析与Wireshark建立的连接，我看不到带有Authorization:Basic的HTTP包.经过更多研究，我发现本文 http://docs.jboss.org/resteasy/docs/2.3.3.Final/userguide/html/RESTEasy_Client_Framework.html ，其中介绍了如何将基本身份验证从resteasy附加到ApacheHttpClient4Executor.

This does not work. Analysing the established connection with Wireshark I was not able to see an HTTP package with Authorization: Basic. After more research I found this article, http://docs.jboss.org/resteasy/docs/2.3.3.Final/userguide/html/RESTEasy_Client_Framework.html which describes how to append basic auth to ApacheHttpClient4Executor from resteasy.

// Configure HttpClient to authenticate preemptively
// by prepopulating the authentication data cache.

// 1. Create AuthCache instance
AuthCache authCache = new BasicAuthCache();

// 2. Generate BASIC scheme object and add it to the local auth cache
BasicScheme basicAuth = new BasicScheme();
authCache.put("com.bluemonkeydiamond.sippycups", basicAuth);

// 3. Add AuthCache to the execution context
BasicHttpContext localContext = new BasicHttpContext();
localContext.setAttribute(ClientContext.AUTH_CACHE, authCache);

// 4. Create client executor and proxy
httpClient = new DefaultHttpClient();
ApacheHttpClient4Executor executor = new ApacheHttpClient4Executor(httpClient, localContext);
client = ProxyFactory.create(BookStoreService.class, url, executor);

但这也不起作用.没有描述如何将用户名和密码用于基本身份验证添加到构造.为什么该信息与httpcomponent中的任何类都不相关?

But this does not work either. There is no description how to append username and passwort for basic auth to the construct. Why is that information not associated with any class from httpcomponent?

推荐答案

您可以通过在客户端配置中调用.header(HttpHeaders.AUTHORIZATION, authHeader)来向REST客户端添加原始授权标头. 凭据必须以"user:pass"格式打包在授权标头中，编码为base64字节数组，然后附加到标识基本身份验证的字符串"Basic"上.

You can add a raw authorization header to your REST client by invoking .header(HttpHeaders.AUTHORIZATION, authHeader) in your client configuration. The credentials must be packed in authorization header in the format of "user:pass", encoded as base64 byte array and then appended to the string "Basic " which identifies basic auth.

这是完整的摘录(灵感来自这篇关于baeldung的帖子 )

This is the whole snippet (inspired by this post on baeldung)

    String auth = userName + ":" + password;
    byte[] encodedAuth = Base64.encodeBase64(auth.getBytes(Charset.forName("ISO-8859-1")));
    String authHeader = "Basic " + new String(encodedAuth);

    authToken = restClient.target(restApiUrl + loginPath)
            .request()
            .accept(MediaType.TEXT_PLAIN)
            .header(HttpHeaders.AUTHORIZATION, authHeader)
            .get(String.class);

这在Resteasy客户中对我有用.有关信息，请使用 wget 我必须使用--auth-no-challenge标志.

This worked for me in a Resteasy client. For information, when testing this with wget I had to use the --auth-no-challenge flag.

这篇关于Resteasy客户端的基本身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！