我想使用基本身份验证(用户名/密码)访问v2 API。我已经完成了所有下面提到的更改,但是当我点击Web服务URL时,会弹出一个对话框,提示您提供的用户名/密码不会占用(验证)我的用户名/密码。我确定输入了正确的用户名和密码。
web.xml:
<security-role>
<description>
The role that is required to access the application
</description>
<role-name>admin</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>RestrictedWebResource</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<!-- transport-guarantee can be CONFIDENTIAL, INTEGRAL, or NONE -->
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
security-v2-spring.xml:
<security:http auto-config="true" use-expressions="true"> <security:intercept-url pattern="/rest/*" access="admin" />
<security:http-basic />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="ash" password="ash" authorities="admin" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
tomcat-users.xml:
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="ash" password="ash" roles="admin,manager"/>
</tomcat-users>
config / local.properties:
hybris.security.http.basic.auth.enable=true
hybris.security.http.basic.auth.username=ash
hybris.security.http.basic.auth.password=ash
tomcat-users.xml位置也已在server.xml中正确配置
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
我尝试访问的端点URL是:
https://localhost:9002/rest/v2/**/**/**
通常的管理控制台“ admin” /“ nimda”也不起作用。