我试图做一个基本的身份验证中使用Tomcat 6.0和JAX-RS的球衣实现我的服务。
下面是我遵循的实现步骤:
1)增加了在这样的server.xml中的境界:
<Realm className="org.apache.catalina.realm.JDBCRealm" connectionName="XXX" connectionPassword="YYY" connectionURL="jdbc:oracle:thin:@localhost:1521/orcl" driverName="oracle.jdbc.OracleDriver" roleNameCol="role_name" userCredCol="user_pass" userNameCol="user_name" userRoleTable="user_roles" userTable="users"/>
我正在使用其他的JSP应用程序相同的领域,它在那里工作的罚款。
2)下面是在web.xml
<servlet>
<servlet-name>jersey-serlvet</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>com.infy.security</param-value>
</init-param>
<init-param>
<param-name>com.sun.jersey.spi.container.ResourceFilters</param-name>
<param-value>com.sun.jersey.api.container.filter.RolesAllowedResourceFilterFactory</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>jersey-serlvet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>BasicDemo</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<!-- <user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint> -->
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<!-- The realm name is typically displayed by the browser in the login dialog box. -->
<realm-name>Login</realm-name>
</login-config>
下面是该服务:
@Path("/authenticate")
@RolesAllowed({"Admin","Guest"})
public class BasicAuthenticationSecurity {
@GET
@Path("/wbiPing")
@Produces(MediaType.TEXT_PLAIN)
@RolesAllowed("Admin")
public Response wbiPing(){
System.out.println("Pinged!!!");
return Response.ok("Pinged!!!").build();
}
}
实施后,无论是在登录认证弹出(即使用户是“admin”),我收到unauthentication错误页的输入。 下面的网址是:
http://localhost:8002/BASICAuthentication/rest/authenticate/wbiping
请让我知道如果我misisng东西。
谢谢,
