限制dropwizard管理页面

时间:2012-10-20 11:22:18

标签: dropwizard

如何验证Dropwizard管理门户,以限制普通用户访问它? 请帮忙

3 个答案:

答案 0 :(得分:15)

在您的配置中,您可以在adminUsername下设置adminPasswordhttp,如下所示:

http:
  adminUsername: user1234
  adminPassword: pass5678

答案 1 :(得分:15)

对于DW 0.7,我的方法是:

public class AdminConstraintSecurityHandler extends ConstraintSecurityHandler {

    private static final String ADMIN_ROLE = "admin";

    public AdminConstraintSecurityHandler(final String userName, final String password) {
        final Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, ADMIN_ROLE);
        constraint.setAuthenticate(true);
        constraint.setRoles(new String[]{ADMIN_ROLE});
        final ConstraintMapping cm = new ConstraintMapping();
        cm.setConstraint(constraint);
        cm.setPathSpec("/*");
        setAuthenticator(new BasicAuthenticator());
        addConstraintMapping(cm);
        setLoginService(new AdminMappedLoginService(userName, password, ADMIN_ROLE));
    }
}

public class AdminMappedLoginService extends MappedLoginService {

    public AdminMappedLoginService(final String userName, final String password, final String role) {
        putUser(userName, new Password(password), new String[]{role});
    }

    @Override
    public String getName() {
        return "Hello";
    }

    @Override
    protected UserIdentity loadUser(final String username) {
        return null;
    }

    @Override
    protected void loadUsers() throws IOException {
    }
}

并在路上使用它们:

environment.admin().setSecurityHandler(new AdminConstraintSecurityHandler(...))

答案 2 :(得分:4)

较新的Jetty版本没有MappedLoginService,因此@Kamil的答案不再适用。我已经修改了他们的答案,让它从Dropwizard 1.2.2开始工作:

public class AdminConstraintSecurityHandler extends ConstraintSecurityHandler {

    private static final String ADMIN_ROLE = "admin";

    public AdminConstraintSecurityHandler(final String userName, final String password) {
        final Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, ADMIN_ROLE);
        constraint.setAuthenticate(true);
        constraint.setRoles(new String[]{ADMIN_ROLE});
        final ConstraintMapping cm = new ConstraintMapping();
        cm.setConstraint(constraint);
        cm.setPathSpec("/*");
        setAuthenticator(new BasicAuthenticator());
        addConstraintMapping(cm);
        setLoginService(new AdminLoginService(userName, password));
    }

    public class AdminLoginService extends AbstractLoginService {

        private final UserPrincipal adminPrincipal;
        private final String adminUserName;

        public AdminLoginService(final String userName, final String password) {
            this.adminUserName = Objects.requireNonNull(userName);
            this.adminPrincipal = new UserPrincipal(userName, new Password(Objects.requireNonNull(password)));
        }


        @Override
        protected String[] loadRoleInfo(final UserPrincipal principal) {
            if (adminUserName.equals(principal.getName())) {
                return new String[]{ADMIN_ROLE};
            }
            return new String[0];
        }

        @Override
        protected UserPrincipal loadUserInfo(final String userName) {
            return adminUserName.equals(userName) ? adminPrincipal : null;
        }
    }
}
相关问题
最新问题