我有一个在Tomcat上部署的Java应用程序(它本身位于Docker容器中)。 Tomcat需要验证,要求用户和密码。用户和密码将写入tomcat / tomcat-users.xml,并使用
写入web.xml<security-constraint>
<web-resource-collection>
<web-resource-name>RESTful Application Service</web-resource-name>
<url-pattern>/rest/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>restservice</role-name>
</auth-constraint>
</security-constraint>
这一切都按计划进行。
应用程序是swaggerized,我想使用swagger-ui(https://github.com/swagger-api/swagger-ui)来连接它。然而,这不起作用。我得到了
$ curl -I "http://localhost:8080/my-rest-service/rest/swagger.json"
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: XXXXXXXX
WWW-Authenticate: Basic realm="RESTful Application Service"
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 951
Date: XXXXXXXX
如果我通过在web.xml中注释上面提到的安全性约束来禁用密码保护,它确实有效。
我可以做些什么来为我的Tomcat / Tomcat应用程序提供用户和密码?
来自SaúlMartínezVidals:
在dist / index.html中,我必须操纵部分
function addApiKeyAuthorization(){
var key = encodeURIComponent($('#input_apiKey')[0].value);
if(key && key.trim() != "") {
var apiKeyAuth = new SwaggerClient.ApiKeyAuthorization("api_key", key, "query");
window.swaggerUi.api.clientAuthorizations.add("api_key", apiKeyAuth);
log("added key " + key);
}
}
但究竟是怎么回事?
来自Adding Basic Authorization for Swagger-UI我认为可能是
function addApiKeyAuthorization(){
var key = encodeURIComponent($('#input_apiKey')[0].value);
if(key && key.trim() != "") {
var apiKeyAuth = new SwaggerClient.ApiKeyAuthorization("api_key", key, "query");
window.swaggerUi.api.clientAuthorizations.add("api_key", apiKeyAuth);
swaggerUi.api.clientAuthorizations.add("api_key", new SwaggerClient.ApiKeyAuthorization("Authorization", "Basic YWRtaW46dG9tY2F0=", "header"));
log("added key " + key);
}
}
其中YWRtaW46dG9tY2F0来自https://webnet77.net/cgi-bin/helpers/base-64.pl,但这没有帮助。
答案 0 :(得分:0)
您必须修改索引文件( dist / index.html ),然后编辑JS代码以使用Custom Headers Parameters(它用于存在于2.x API中)
类似的东西: