Question

UserService.getCurrentUser()在AppEngine HttpServlet发布请求中返回null。

resp.sendRedirect()也未被重定向。这在生产环境中发生，而user数据在开发服务器中返回。

UserService userService = UserServiceFactory.getUserService();
user = userService.getCurrentUser();
if (user == null) {
  resp.sendRedirect(userService.createLoginURL(req.getRequestURI()));
  return;
}

调用OAuthService.getCurrentUser()时会抛出InvalidOAuthParametersException。

OAuthService oathService = OAuthServiceFactory.getOAuthService();
try {
  String scope = "https://www.googleapis.com/auth/userinfo.email";
  user = oathService.getCurrentUser(scope);
} catch (OAuthRequestException e) {
  throw new IOException("Error retrieving user info!");
}

在生产环境中的HttpServlet中获取User数据会以一切可能的方式抛出错误。检索User数据的推荐方法是什么？

我已经分享了下面的appengine-web.xml文件。

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE xml>
<appengine-web-app xmlns="http://appengine.google.com/ns/1.0">
  <application>${appengine.app.id}</application>
  <version>${appengine.app.version}</version>
  <threadsafe>true</threadsafe>
  <env-variables>
    <env-var name="TEST_DATA" value="xxx"/>
  </env-variables>
  <system-properties>
    <property name="java.util.logging.config.file" value="WEB-INF/logging.properties"/>
  </system-properties>
</appengine-web-app>

web.xml在

下面分享

<?xml version="1.0" encoding="utf-8" standalone="no"?>
  <web-app version="2.5"
    xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

  <welcome-file-list>
    <welcome-file>index.html</welcome-file>
  </welcome-file-list>

  <servlet>
    <servlet-name>SystemServiceServlet</servlet-name>
    <servlet-class>com.google.api.server.spi.SystemServiceServlet</servlet-class>
    <init-param>
        <param-name>services</param-name>
        <param-value>com.setv.app.spi.DatabaseApi</param-value>
    </init-param>
  </servlet>
  <servlet-mapping>
    <servlet-name>SystemServiceServlet</servlet-name>
    <url-pattern>/_ah/spi/*</url-pattern>
  </servlet-mapping>

  <servlet>
    <servlet-name>TransactionStatus</servlet-name>
    <servlet-class>com.setv.app.servlet.TransactionStatus</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>TransactionStatus</servlet-name>
    <url-pattern>/transaction/*</url-pattern>
  </servlet-mapping>

  <filter>
    <filter-name>ObjectifyFilter</filter-name>
    <filter-class>com.googlecode.objectify.ObjectifyFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>ObjectifyFilter</filter-name>
    <url-pattern>/*</url-pattern> 
  </filter-mapping>

  <security-constraint>
    <web-resource-collection>
        <web-resource-name>all</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
  </security-constraint>
</web-app>

Answer 1

为了工作，UserService需要具有特定的web.xml配置，强制用户登录AppEngine。在您的web.xml中缺少以下条件：

<auth-constraint>
    <role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>

可能的角色名称是（admin或*）

https://cloud.google.com/appengine/docs/standard/java/config/webxml

如何通过HttpServlet获取生产服务器中的AppEngine用户

1 个答案: