Restlet:使用不同的身份验证方法链接多个路由器

时间:2014-02-27 02:06:53

标签: java authentication routing restlet-2.0

我有两种方法可以验证我的用户以及连接到我的单个路由器的多条路由。出于安全考虑,我想使用自己的身份验证方法将路由器拆分为2个路由器。

到目前为止,我有:

Router router = new Router(getContext());

BBasicAuthenticator basicAuth = new BBasicAuthenticator(getContext(), true, false);
BCookieAuthenticator cookieAuth = new BCookieAuthenticator(getContext(), false, false);
Enroler enroler = new Enroler();

router.attach("route1/only/basicAuth", Resource1.class);
router.attach("route2/only/basicAuth", Resource2.class);
router.attach("route3/only/cookieAuth", Resource3.class);
router.attach("route4/only/cookieAuth", Resource4.class);
..

basicAuth.setNext(cookieAuth);
basicAuth.setEnroler(enroler);

cookieAuth.setNext(router);
cookieAuth.setEnroler(enroler);

是否可以有两个不同的路由器,每个路由器都有自己的身份验证方法。如何链接两个路由器?

理想情况是这样的:

Router basicRouter = new Router(getContext());
Router cookieRouter = new Router(getContext());

BBasicAuthenticator basicAuth = new BBasicAuthenticator(getContext(), true, false);
BCookieAuthenticator cookieAuth = new BCookieAuthenticator(getContext(), false, false);
Enroler enroler = new Enroler();

basicRouter.attach("route1/only/basicAuth", Resource1.class);
basicRouter.attach("route2/only/basicAuth", Resource2.class);
..
cookieRouter.attach("route3/only/cookieAuth", Resource3.class);
cookieRouter.attach("route4/only/cookieAuth", Resource4.class);
..

basicAuth.setNext(basicRouter);
basicAuth.setEnroler(enroler);

//how to set next cookieRouter

cookieAuth.setNext(cookieRouter);
cookieAuth.setEnroler(enroler);

感谢您的帮助。

更新1:

router.attach("/v1/invoices/{invoice_id}/installments/{id}", InvoiceInstallmentResource.class);
router.attach("/v1/{object_type}/{id}/change-status", ChangeStatusResource.class);
####
router.attach("/v1/accounts", AccountsResource.class);
router.attach("/v1/accounts/{id}", AccountResource.class);
router.attach("/v1/items/{id}", ItemResource.class);
router.attach("/v1/items", ItemsResource.class);
....

前两个路由是我们需要维护的“旧服务”,它们使用cookie身份验证。以下路由是使用basic-auth的新路由。

这里的问题是,使用cookie身份验证,可以访问所有资源,但只能访问前两个路径。

由于

1 个答案:

答案 0 :(得分:3)

这是一个棘手的案例。这是使用嵌套路由器和默认路由的解决方案。

BCookieAuthenticator cookieAuth1 = new BCookieAuthenticator(getContext(), false, false);
cookieAuth1.setNext(InvoiceInstallmentResource.class);
BCookieAuthenticator cookieAuth2 = new BCookieAuthenticator(getContext(), false, false);
cookieAuth2.setNext(ChangeStatusResource.class);

BBasicAuthenticator basicAuth = new BBasicAuthenticator(getContext(), true, false);
basicAuth.setNext(router2);

router2.attach("/v1/accounts", AccountsResource.class);
router2.attach("/v1/accounts/{id}", AccountResource.class);
router2.attach("/v1/items/{id}", ItemResource.class);
router2.attach("/v1/items", ItemsResource.class);

router1.attach("/v1/invoices/{invoice_id}/installments/{id}", cookieAuth1);
router1.attach("/v1/{object_type}/{id}/change-status", cookieAuth2);
router1.attachDefault(basicAuth);
相关问题
最新问题