浏览器不使用基本身份验证提示输入凭据

时间:2019-05-24 10:41:51

标签: jax-rs jax-ws basic-authentication

我的目标是为服务器上的单个资源提供身份验证,为此,我正在使用自定义过滤器。由于使用JAVA 1.6的限制,我没有使用@NameBinding。使用Response.header(HttpHeaders.WWW_AUTHENTICATE,"Basic")不会提示输入凭据。

使用ContainerRequestFilter不能解决我的问题,因为它将在服务器的每个资源上放置过滤器。

过滤器

@Provider
public class AuthenticationFilter implements Filter {

    @Override
    public void doFilter(ServletRequest req, ServletResponse resp,
            FilterChain chain) throws IOException, ServletException {

        HttpServletRequest request = (HttpServletRequest) req;

        System.out.println("Entered authentication filter");

        throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED)
                .header(HttpHeaders.AUTHORIZATION,"Basic")
                .entity("Credentials are required to access this resource.")
                .build());

//      chain.doFilter(req, resp);

    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {}

    @Override
    public void destroy() {}
}

web.xml映射

<filter>
    <filter-name>AuthenticationFilter</filter-name>
    <filter-class>Utils.LDAPAuthentication.AuthenticationFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>AuthenticationFilter</filter-name>
    <url-pattern>/download</url-pattern>
  </filter-mapping>

我遇到的Web服务响应是 enter image description here

1 个答案:

答案 0 :(得分:0)

因此,根据保罗的建议,我使用了var xmlString = "<employee><field id = \"firstName\">"+fn+"</field><field id = \"lastName\">"+ln+"</field></employee>"; var _contt = new StringContent(xmlString,Encoding.UTF8, "text/xml"); var _response = await _client.PostAsync(_url, _contt);

HttpServletResponse