{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 走好不送 的问题《BASIC authentication in jersey JAX-RS service and》','https://www.manongdao.com/q-372051.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am trying to do a BASIC Authentication in my service using Tomcat 6.0 and JAX-RS jersey implementation.
Below are the implementation steps I followed:
1) Added the Realm in server.xml like this:
<Realm className="org.apache.catalina.realm.JDBCRealm" connectionName="XXX" connectionPassword="YYY" connectionURL="jdbc:oracle:thin:@localhost:1521/orcl" driverName="oracle.jdbc.OracleDriver" roleNameCol="role_name" userCredCol="user_pass" userNameCol="user_name" userRoleTable="user_roles" userTable="users"/>
The same realm I am using in other JSP application, it is working fine over there.
2) Below is the web.xml
<servlet>
<servlet-name>jersey-serlvet</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>com.infy.security</param-value>
</init-param>
<init-param>
<param-name>com.sun.jersey.spi.container.ResourceFilters</param-name>
<param-value>com.sun.jersey.api.container.filter.RolesAllowedResourceFilterFactory</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>jersey-serlvet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>BasicDemo</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<!-- <user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint> -->
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<!-- The realm name is typically displayed by the browser in the login dialog box. -->
<realm-name>Login</realm-name>
</login-config>
Below is the service:
@Path("/authenticate")
@RolesAllowed({"Admin","Guest"})
public class BasicAuthenticationSecurity {
@GET
@Path("/wbiPing")
@Produces(MediaType.TEXT_PLAIN)
@RolesAllowed("Admin")
public Response wbiPing(){
System.out.println("Pinged!!!");
return Response.ok("Pinged!!!").build();
}
}
After implementation, whatever is the input in the login authentication popup (even if the user is "Admin") I am getting the unauthentication error page. Below is the URL:
http://localhost:8002/BASICAuthentication/rest/authenticate/wbiping
Please let me know if I am misisng something.
thanks,
I had the same problem and I wasn't able to get it running with the realm definition in the server.xml.
It started to work as soon as I moved the
into the context.xml. The logging of the TomCat toled me that the server wasn't using the JDBC realm.