为什么基本身份验证始终使用restTemplate给出错误403?

时间:2019-06-12 13:26:27

标签: rest spring-boot spring-security activemq resttemplate

我尝试了多种方式来在Spring Boot项目中通过RestTemplate调用get url以获取json,但是每次我遇到以下403错误:

  <200,{"request":{"mbean":"org.apache.activemq.artemis:address=%22my.queue.demo%22,broker=%22141.110.112.13%22,component=addresses,queue=%22my.queue.demo%22,routing-type=%22anycast%22,subcomponent=queues","attribute":"MessageCount","type":"read"},"error_type":"java.lang.Exception","error":"java.lang.Exception
 : Reading attribute MessageCount is forbidden for MBean
 org.apache.activemq.artemis:address=%22my.queue.demo%22,broker=%22141.110.112.13%22,component=addresses,queue=%22my.queue.demo%22,routing-type=%22anycast%22,subcomponent=queues","status":403},[Date:"Wed,
 12 Jun 2019 12:56:22 GMT", Cache-Control:"no-cache",
 Pragma:"no-cache", Access-Control-Allow-Origin:"*",
 X-Frame-Options:"SAMEORIGIN", X-XSS-Protection:"1",
 Content-Type:"text/plain;charset=utf-8", Expires:"Wed, 12 Jun 2019
 11:56:22 GMT", Transfer-Encoding:"chunked"]>

这是我尝试调用的网址:

http://10.185.148.153:1495/console/jolokia/read/org.apache.activemq.artemis:broker=%22141.110.112.13%22,component=addresses,address=%22my.queue.demo%22,subcomponent=queues,routing-type=%22anycast%22,queue=%22my.queue.demo%22/MessageCount

当我将Postman与基本身份验证(用户=测试,通过= test)一起使用时,它可以查找,但不能与Resttemplate一起使用。

这是我的配置类:

@SpringBootApplication
public class StartWebApplication {

    public static void main(String[] args) {
        SpringApplication.run(StartWebApplication.class, args);
    }
}

@Configuration
class Appconfig{
    @Bean
    public RestTemplate restTemplate() {
        return new RestTemplate();
    }
}

我的助手:

...
@Autowired
private RestTemplate restTemplate;

....
restTemplate.exchange(url, HttpMethod.GET, createHeaders("test", "test"), String.class)
....
HttpEntity createHeaders(String username, String password) {
        byte[] token = Base64.getEncoder().encode(
                (username + ":" + password).getBytes());
        HttpHeaders headers = new HttpHeaders();
        headers.add("Authorization", "Basic " + new String(token));
        HttpEntity<String> request = new HttpEntity<>(headers);
        return request;
    }
}

2 个答案:

答案 0 :(得分:0)

您可以尝试:

String auth = username + ":" + password;
byte[] encodedAuth = Base64.encodeBase64(auth.getBytes(Charset.forName("US-ASCII")));
headers.add("Authorization", "Basic " + new String(encodedAuth));

答案 1 :(得分:0)

使用RestTemplate,您可以通过以下方式避免使用某些Base64样板:

@Bean
RestTemplate rest() {
    RestTemplate rest = new RestTemplate();
    rest.getInterceptors().add(new BasicAuthenticationInterceptor("test", "test"));
    return rest;
}

然后您可以简单地做到:

rest.getForObject(url, String.class);

不确定问题是否出在您的用户名和密码的Base64编码中,但这可以消除这种可能性。

相关问题
最新问题