也许我的问题标题不清楚,我试着解释一下:
我使用Spring MVC + Spring Security实现了经过身份验证的REST服务。我配置了摘要式身份验证,因此我需要在服务的每个请求中包含凭据。
现在我需要为此服务实现一个Web客户端。在经典的Web应用程序中,我可以实现一个配置FORM auhtentication的简单登录表单,但在这种情况下我不知道应用哪种常用方法。
由于所有请求都需要身份验证,我应该从hypofetical登录表单调用哪个资源?我应该实现专用的“登录资源”来实现这一点(即:$customer = Mage::getModel('customer/customer')->load($customer_id);
$transaction = Mage::getModel('core/resource_transaction');
$storeId = $customer->getStoreId();
$reservedOrderId = Mage::getSingleton('eav/config')->getEntityType('order')->fetchNewIncrementId($storeId);
$order = Mage::getModel('sales/order')
->setIncrementId($reservedOrderId)
->setStoreId($storeId)
->setQuoteId(0)
->setGlobal_currency_code('USD')
->setBase_currency_code('USD')
->setStore_currency_code('USD')
->setOrder_currency_code('USD');
//Set your store currency USD or any other
// set Customer data
$order->setCustomer_email($customer->getEmail())
->setCustomerFirstname($customer->getFirstname())
->setCustomerLastname($customer->getLastname())
->setCustomerGroupId($customer->getGroupId())
->setCustomer_is_guest(0)
->setCustomer($customer);
// set Billing Address
$billing = $customer->getDefaultBillingAddress();
$billingAddress = Mage::getModel('sales/order_address')
->setStoreId($storeId)
->setAddressType(Mage_Sales_Model_Quote_Address::TYPE_BILLING)
->setCustomerId($customer->getId())
->setCustomerAddressId($customer->getDefaultBilling())
->setCustomer_address_id($billing->getEntityId())
->setPrefix($billing->getPrefix())
->setFirstname($billing->getFirstname())
->setMiddlename($billing->getMiddlename())
->setLastname($billing->getLastname())
->setSuffix($billing->getSuffix())
->setCompany($billing->getCompany())
->setStreet($billing->getStreet())
->setCity($billing->getCity())
->setCountry_id($billing->getCountryId())
->setRegion($billing->getRegion())
->setRegion_id($billing->getRegionId())
->setPostcode($billing->getPostcode())
->setTelephone($billing->getTelephone())
->setFax($billing->getFax());
$order->setBillingAddress($billingAddress);
$shipping = $customer->getDefaultShippingAddress();
$shippingAddress = Mage::getModel('sales/order_address')
->setStoreId($storeId)
->setAddressType(Mage_Sales_Model_Quote_Address::TYPE_SHIPPING)
->setCustomerId($customer->getId())
->setCustomerAddressId($customer->getDefaultShipping())
->setCustomer_address_id($shipping->getEntityId())
->setPrefix($shipping->getPrefix())
->setFirstname($shipping->getFirstname())
->setMiddlename($shipping->getMiddlename())
->setLastname($shipping->getLastname())
->setSuffix($shipping->getSuffix())
->setCompany($shipping->getCompany())
->setStreet($shipping->getStreet())
->setCity($shipping->getCity())
->setCountry_id($shipping->getCountryId())
->setRegion($shipping->getRegion())
->setRegion_id($shipping->getRegionId())
->setPostcode($shipping->getPostcode())
->setTelephone($shipping->getTelephone())
->setFax($shipping->getFax());
$order->setShippingAddress($shippingAddress)
->setShipping_method('flatrate_flatrate');
$orderPayment = Mage::getModel('sales/order_payment')
->setStoreId($storeId)
->setCustomerPaymentId(0)
->setMethod('checkmo')
->setPo_number(' – ');
$order->setPayment($orderPayment);
$subTotal = 0;
$_product = Mage::getModel('catalog/product')->load($productData->getEntityId());
$rowTotal = 0;
$orderItem = Mage::getModel('sales/order_item')
->setStoreId($storeId)
->setQuoteItemId(0)
->setQuoteParentItemId(NULL)
->setProductId($productData->getEntityId())
->setProductType($_product->getTypeId())
->setQtyBackordered(NULL)
->setTotalQtyOrdered(1)
->setQtyOrdered(1)
->setName($_product->getName())
->setSku($_product->getSku())
->setPrice(0)
->setBasePrice(0)
->setOriginalPrice(0)
->setRowTotal($rowTotal)
->setBaseRowTotal($rowTotal);
$subTotal += $rowTotal;
$order->addItem($orderItem);
$order->setSubtotal($subTotal)
->setBaseSubtotal($subTotal)
->setGrandTotal($subTotal)
->setBaseGrandTotal($subTotal);
$transaction->addObject($order);
$transaction->addCommitCallback(array($order, 'place'));
$transaction->addCommitCallback(array($order, 'save'));
$transaction->save();
$orders = Mage::getModel('sales/order')->getCollection()->getLastItem()->getIncrementId();
$order_mail = new Mage_Sales_Model_Order();
$incrementId = $orders;
$order_mail->loadByIncrementId($incrementId);
try
{
$order_mail->sendNewOrderEmail();
}
catch (Exception $ex)
{
}
)?
更新:我的想法是在首次访问时对用户进行身份验证,然后在客户端存储凭据,以便在每次请求时发送它们。所以我要定义的是在第一次请求时检查用户凭据的方法。有没有一种标准的方法来实现它?
答案 0 :(得分:0)
无需登录,在所有请求中都包含基本身份验证标头(用户名和密码)。 确保在spring security config中启用了基本身份验证。
<http use-expressions="false">
<intercept-url pattern="/**" access="ROLE_USER" />
<http-basic />
</http>