我是Authorization标头的新手,尝试使用JAX-RS服务创建授权(和身份验证)
我的JavaScript代码段如下所示:
sUrl = getURL() + "/com.cabRoutePlanner.Login/Login";
var oHeaders = {};
oHeaders['Authorization'] = "Basic " + btoa(getUserName() + ":" + getPassword());
var request = {
headers : oHeaders,
requestUri : sUrl,
data: connectionData,
method : "POST"
};
OData.request(request, onSuccessForRegister, onRegError);
现在,我想在JAX-RS服务中读取此授权标头,即,在Java Rest服务中返回用户名和密码,并检查数据库。我感到困惑的是,我不知道如何使用此授权标头。如果有人可以向我展示REST服务中函数的声明,并只是访问我的用户名和passwrd,那将是很棒的。
我以某种方式编写了代码,并获得了Eclipse的一些直觉和大力帮助
@Path("/Log")
@POST
@Produces(MediaType.APPLICATION_JSON)
public Response log(HttpServletRequest req)throws JSONException
{
JSONObject returnObject = new JSONObject();
String authorization = req.getHeader("Authorization");
if (authorization != null && authorization.startsWith("Basic"))
{
//byte[] message = authorization.substring("Basic".length()).trim().getBytes();
String credentials = authorization.substring("Basic".length()).trim();
byte[] decoded = DatatypeConverter.parseBase64Binary(credentials);
String decodedString = new String(decoded);
String[] actualCredentials = decodedString.split(":");
String ID = actualCredentials[0];
String Password = actualCredentials[1];
String Result = actualLog(ID, Password);
if(Result.equals("ID Does not exist"))
{
returnObject.put("Result", "ID Does not exist");
return Response.status(401).entity(returnObject).build();
}
else if(Result.equals("Password incorrect for given User"))
{
returnObject.put("Result", "Password incorrect for given User");
return Response.status(401).entity(returnObject).build();
}
else
{
returnObject.put("Result", Result);
return Response.status(200).entity(returnObject).build();
}
}
else
{
returnObject.put("Result", "Authorization header wrong");
return Response.status(401).entity(returnObject).build();
}
}
现在,这是我正在获取的当前异常,我无法理解它:
Oct 06, 2014 4:13:59 PM com.sun.jersey.spi.container.ContainerRequest getEntity
SEVERE: A message body reader for Java class javax.servlet.http.HttpServletRequest, and Java type interface javax.servlet.http.HttpServletRequest, and MIME media type application/octet-stream was not found.
The registered message body readers compatible with the MIME media type are:
application/octet-stream ->
com.sun.jersey.core.impl.provider.entity.ByteArrayProvider
com.sun.jersey.core.impl.provider.entity.FileProvider
com.sun.jersey.core.impl.provider.entity.InputStreamProvider
com.sun.jersey.core.impl.provider.entity.DataSourceProvider
com.sun.jersey.core.impl.provider.entity.RenderedImageProvider
*/* ->
com.sun.jersey.core.impl.provider.entity.FormProvider
com.sun.jersey.core.impl.provider.entity.MimeMultipartProvider
com.sun.jersey.core.impl.provider.entity.StringProvider
com.sun.jersey.core.impl.provider.entity.ByteArrayProvider
com.sun.jersey.core.impl.provider.entity.FileProvider
com.sun.jersey.core.impl.provider.entity.InputStreamProvider
com.sun.jersey.core.impl.provider.entity.DataSourceProvider
com.sun.jersey.core.impl.provider.entity.XMLJAXBElementProvider$General
com.sun.jersey.core.impl.provider.entity.ReaderProvider
com.sun.jersey.core.impl.provider.entity.DocumentProvider
com.sun.jersey.core.impl.provider.entity.SourceProvider$StreamSourceReader
com.sun.jersey.core.impl.provider.entity.SourceProvider$SAXSourceReader
com.sun.jersey.core.impl.provider.entity.SourceProvider$DOMSourceReader
com.sun.jersey.json.impl.provider.entity.JSONJAXBElementProvider$General
com.sun.jersey.json.impl.provider.entity.JSONArrayProvider$General
com.sun.jersey.json.impl.provider.entity.JSONObjectProvider$General
com.sun.jersey.core.impl.provider.entity.XMLRootElementProvider$General
com.sun.jersey.core.impl.provider.entity.XMLListElementProvider$General
com.sun.jersey.core.impl.provider.entity.XMLRootObjectProvider$General
com.sun.jersey.core.impl.provider.entity.EntityHolderReader
com.sun.jersey.json.impl.provider.entity.JSONRootElementProvider$General
com.sun.jersey.json.impl.provider.entity.JSONListElementProvider$General
com.sun.jersey.json.impl.provider.entity.JacksonProviderProxy
您应该使用@Context HttpServletRequest request
注入方法中的请求,如下所示:
public Response log(@Context HttpServletRequest req) throws JSONException
可以使用其他有用的对象进行注入@Context
(有关详细信息,请参见JAX-RS规范):
Application
UriInfo
, HttpHeaders
SecurityContext
,Providers
, Request
ServletConfig
,ServletContext
,HttpServletRequest
和HttpServletResponse
所以你的情况你也可以使用@Context HttpHeaders headers
,然后
List<String> authHeaders = headers.getRequestHeader(HttpHeaders.AUTHORIZATION);
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句