我正在尝试使用Restlet 2.1实现基本的HTTP身份验证,而我却无法让它工作..!我正在使用ChallengeAuthenticator来设置基本HTTP身份验证。我只有一个URI \test,我正在努力让身份验证工作。
我构建我的代码,然后将其作为Web应用程序运行,然后浏览到http://localhost:8888/test以查看是否收到用户名/密码的提示,但我没有得到任何信息。我只是一个空白的屏幕。
当我浏览http://localhost:8888/test时,我会在Eclipse的控制台中编写以下内容:
WARNING: A response with a 200 (Ok) status should have an entity. Make sure that resource "http://localhost:8888/test" returns one or sets the status to 204 (No content).
当我浏览http://user:password@localhost:8888/test时,结果完全相同。
HTTP标头(来自Chrome)如下:
请求:
GET /test HTTP/1.1
Host: localhost:8888
Connection: keep-alive
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8,ms;q=0.6
响应(未提及基本身份验证):
HTTP/1.1 200 OK
Date: Fri, 13 Jun 2014 11:21:05 GMT
Accept-Ranges: bytes
Server: Development/1.0
Content-Length: 0
Cache-Control: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
以下是Java代码:
package com.poc.hw7;
import org.restlet.*;
import org.restlet.data.ChallengeScheme;
import org.restlet.data.Cookie;
import org.restlet.data.MediaType;
import org.restlet.routing.Router;
import org.restlet.security.*;
import org.restlet.util.Series;
public class AuthTestApp extends Application {
private ChallengeAuthenticator authenticator;
private ChallengeAuthenticator createAuthenticator() {
Context context = getContext();
boolean optional = false;
ChallengeScheme challengeScheme = ChallengeScheme.HTTP_BASIC;
String realm = "Example site";
MapVerifier verifier = new MapVerifier();
verifier.getLocalSecrets().put("user", "password".toCharArray());
ChallengeAuthenticator auth = new ChallengeAuthenticator(context, optional, challengeScheme, realm, verifier) {
@Override
protected boolean authenticate(Request request, Response response) {
if (request.getChallengeResponse() == null) {
return false;
} else {
return super.authenticate(request, response);
}
}
};
return auth;
}
@Override
public Restlet createInboundRoot() {
this.authenticator = createAuthenticator();
Restlet hw_restlet = new Restlet(getContext())
{
public void handle(Request request, Response response)
{
String message = "Hello World!";
response.setEntity(message,MediaType.TEXT_PLAIN);
}
};
Router router = new Router();
router.attach("/test", hw_restlet);
authenticator.setNext(router);
return authenticator;
}
public boolean authenticate(Request request, Response response) {
if (!request.getClientInfo().isAuthenticated()) {
authenticator.challenge(response, false);
return false;
}
return true;
}
}
这是web.xml文件:
<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<display-name>Restlet URI Rewrite</display-name>
<servlet>
<servlet-name>RestletServlet</servlet-name>
<servlet-class>org.restlet.ext.servlet.ServerServlet</servlet-class>
<init-param>
<param-name>org.restlet.application</param-name>
<param-value>com.poc.hw7.AuthTestApp</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>RestletServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>
有人可以告诉我如何让基本的HTTP身份验证工作吗?
答案 0 :(得分:0)
您的回复是200代码,这意味着您的服务器从未要求过。您需要发送401响应。对于大多数Web浏览器,这将自动弹出用户名和密码的basic-auth框。
至于为什么会发生这种情况......很难说。 restlet看起来很糟糕。有更简单的框架可供使用,您可以在其中注释函数以侦听某个URI和/或请求方法。