我正在对我的SOAP Web服务使用摘要式身份验证,但是每当我提供凭据时,它就与密码不匹配。
这是我的配置-
web.xml
<!-- HTTPS Digest Auth -->
<security-role>
<description>customergroup</description>
<role-name>customergroup</role-name>
</security-role>
<resource-ref>
<res-ref-name>hybrisDS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<security-constraint>
<web-resource-collection>
<web-resource-name>Order Status Webservice Authentication</web-resource-name>
<url-pattern>/orderStatusUpdate</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>customergroup</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>DIGEST</auth-method>
<realm-name>JDBCRealm</realm-name>
</login-config>
<!-- End HTTPS Basic Auth -->
Server.xml
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.JDBCRealm" resourceName="JDBCRealm"
driverName="${db.driver}"
connectionURL="${db.url.XMLENCODED}"
connectionName="${db.username}" connectionPassword="${db.password.XMLENCODED}"
userTable="USERS" userNameCol="P_UID" userCredCol="PASSWD"
userRoleTable="USERS" roleNameCol="P_NAME">
<CredentialHandler className="org.apache.catalina.realm.MessageDigestCredentialHandler" algorithm="SHA-256" />
</Realm>
</Realm>
我在数据库中提供了SHA-256散列并使用相同的算法提供了密码,但是以某种方式验证不起作用。
任何指针吗?