如何获取主体名称,会话并理想地检查主体是否通过接收来自Android客户端的呼叫的CXF JAX-RS Web服务方法中的Spring Security上下文进行身份验证?这是我目前正在使用的代码。我已经评论了我想要获得的地方和内容。
调用webservice的Android代码:
httpclient.getCredentialsProvider().setCredentials(
new AuthScope("192.168.1.101", 80),
new UsernamePasswordCredentials("joesmith", "mypasswd"));
HttpGet httpget = new HttpGet(WEBSERVICE_URL+"/makePayload");
httpget.setHeader("User-Agent", userAgent);
httpget.setHeader("Content-Type", "application/xml");
HttpResponse response;
try {
response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
... parse xml from response
}
CXF,Spring网络服务代码:
@GET
@Path("/getPayload")
@Produces("application/XML")
public Response makePayload(@Context Request request){
//Get user principal name
//Get session?
//Get Spring security context?
Payload payload = new Payload();
payload.setUsersOnline(new Long(200));
return Response.ok().entity(payload).build();
}
答案 0 :(得分:0)
request.getUserPrincipal.getName()或静态SecurityContextHolder.getContext().getAuthentication().getName()可能有效