Java Web Service客户端基本身份验证 [英] Java Web Service client basic authentication

问题描述

我在Glassfish之上创建了一个JAX-WS Web服务，它需要基本的HTTP身份验证。

I have created a JAX-WS Web Service on top of Glassfish which requires basic HTTP authentication.

现在我想为该Web创建一个独立的Java应用程序客户端服务，但我不知道如何传递用户名和密码。

Now I want to create a standalone java application client for that Web Service but I don't have a clue of how to pass the username and password.

它适用于Eclipse的Web服务资源管理器，并检查我找到的电线：

It works with Eclipse's Web Service explorer, and examining the wire I found this:

POST /SnaProvisioning/SnaProvisioningV1_0 HTTP/1.1
Host: localhost:8080
Content-Type: text/xml; charset=utf-8
Content-Length: 311
Accept: application/soap+xml, application/dime, multipart/related, text/*
User-Agent: IBM Web Services Explorer
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: ""
Authorization: Basic Z2VybWFuOmdlcm1hbg==
Connection: close

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:q0="http://ngin.ericsson.com/sna/types/v1.0" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <soapenv:Body>
    <q0:listServiceScripts/>
  </soapenv:Body>
</soapenv:Envelope>

如何使用java代码在Authorization标题中传递用户名和密码？它是哈希还是类似的东西？算法是什么？

How do I pass the username and password in this "Authorization" header using java code? Is it hashed or something like that? What is the algorithm?

如果没有安全性，我有一个独立的Java客户端：

Without security involved I have a working standalone java client:

SnaProvisioning myPort = new SnaProvisioning_Service().getSnaProvisioningV10Port();
myPort.listServiceScripts();

推荐答案

事实证明，这是一种简单，标准的方法实现我想要的：

It turned out that there's a simple, standard way to achieve what I wanted:

import java.net.Authenticator;
import java.net.PasswordAuthentication;

Authenticator myAuth = new Authenticator() 
{
    @Override
    protected PasswordAuthentication getPasswordAuthentication()
    {
        return new PasswordAuthentication("german", "german".toCharArray());
    }
};

Authenticator.setDefault(myAuth);

没有自定义sun类或外部依赖项，也没有手动编码任何内容。

No custom "sun" classes or external dependencies, and no manually encode anything.

我知道BASIC安全性不是很安全，但我们也使用HTTPS。

I'm aware that BASIC security is not, well, secure, but we are also using HTTPS.

这篇关于Java Web Service客户端基本身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！