根据这篇博客文章,我几个小时后就设法使它工作。
我的解决方案涉及:
- Maven工件:
- 球衣服务器(v 1.17)
- jersey-grizzly2(v 1.17)
- 硬编码的用户名/密码(如果愿意,可替换为数据库查找)
- 没有web.xml(以编程方式配置的服务器)
- 不涉及SSL
我创建了这个
ContainerRequestFilter:
public class AuthFilter implements ContainerRequestFilter { // Exception thrown if user is unauthorized. private final static WebApplicationException unauthorized = new WebApplicationException(Response.status(Status.UNAUTHORIZED) .header(HttpHeaders.WWW_AUTHENTICATE, "Basic realm="realm"") .entity("Page requires login.").build()); @Override public ContainerRequest filter(ContainerRequest containerRequest) throws WebApplicationException { // Automatically allow certain requests. String method = containerRequest.getMethod(); String path = containerRequest.getPath(true); if (method.equals("GET") && path.equals("application.wadl")) return containerRequest; // Get the authentication passed in HTTP headers parameters String auth = containerRequest.getHeaderValue("authorization"); if (auth == null) throw unauthorized; auth = auth.replaceFirst("[Bb]asic ", ""); String userColonPass = base64.base64Depre(auth); if (!usercolonPass.equals("admin:toHah1ooMeor6Oht")) throw unauthorized; return containerRequest; }}然后,我更改了启动代码以包括过滤器:
URI baseUri = UriBuilder.fromUri("http://localhost/api") .port(8081) .build();ResourceConfig rc = new PackagesResourceConfig("se.aioobe.resources");// Add AuthFilter ////////////rc.getProperties().put("com.sun.jersey.spi.container.ContainerRequestFilters", "<YOUR PACKAGE FOR AuthFilter>.AuthFilter");//////////////////////////////HttpServer httpServer = GrizzlyServerFactory.createHttpServer(baseUri, rc);
