[英]Play Framework - Proxy request with session authentication
I have a couchapp that I want to control access to with Play! 我有一个沙发应用程序,我想控制Play的访问! on a per user basis.
基于每个用户。 My plan is to host the couchapp on port xxxx, which is only accessable internally, and host Play!
我的计划是在只能在内部访问的端口xxxx上托管沙发应用程序,并托管Play! on port 80.
在端口80上。
In Apache I would do it like this, 在Apache中,我会这样做,
ProxyPass /couchapp http://localhost:xxxx
ProxyPassReverse /couchapp http://localhost:xxxx
But there is no authentication with this approach. 但是这种方法没有身份验证。 I see Play!
我看到播放! has some proxy features, but I don't see anyway to add user authentication to this, http://www.playframework.com/documentation/2.0/HTTPServer
具有某些代理功能,但是我仍然看不到要为此添加用户身份验证, http://www.playframework.com/documentation/2.0/HTTPServer
Any idea how to add user authentication to a Play! 任何想法如何将用户身份验证添加到Play! proxy?
代理? The code would look something like this.
代码看起来像这样。
// Routes all request to http://localhost:xxxx/ if authenticated
public static Result useProxy() {
if (!session("authorized").equals("true")) {
String pingURL = "";
return redirect(pingURL); // will call pingCallback after login
}
return ok(); // take the original request to /couchapp/xxxx.asset and proxy it to http://localhost:xxxx/xxxx.asset
}
public static Result pingCallback() {
Form<PingResponse> pingResponseForm = Form.form(PingResponse.class);
PingResponse pingResponse = pingResponseForm.bindFromRequest().get();
if (!pingResponse.isAuthorized()) {
return unauthorized();
} else {
session("authorized", "true");
}
return ok(); // take the original request to /couchapp/xxxx.asset and proxy it to http://localhost:xxxx/xxxx.asset
}
Thanks! 谢谢!
您是否尝试添加:
-Dhttp.proxyUser=username -Dhttp.proxyPassword=password
I used play.libs.WS to make the proxy calls pragmatically. 我使用play.libs.WS进行实用的代理调用。 Here's the code.
这是代码。 Currently the session is getting lost on every call, but that's a different issue.
当前,每次通话都丢失了会话,但这是另一个问题。
-Edit - The session getting lost happens because the fav.ico doesn't have a cookie sent with it and Play relies on cookies for the session. -编辑-会话丢失是因为fav.ico没有发送cookie,而Play依赖会话的cookie。 I added a check for that, but it's probably better to filter that out in the routes file.
我为此添加了一个检查,但最好将其过滤到路由文件中。
package controllers;
import models.PingResponse;
import play.data.Form;
import play.libs.F;
import play.mvc.Controller;
import play.mvc.Result;
import play.libs.WS;
public class Ping extends Controller {
final static String playProxyURL = "http://localhost:9000/"; // pretend this is our proxy domain(should be on port 80)
final static String couchAppURL = "http://localhost:80/couchappTest/"; // pretend this is our internal secure site
final static String pingURL = "http://localhost:80/pingTest/"; // pretend this is ping endpoint
public static Result init() {
return Ping.useProxy("");
}
public static Result useProxy(String assetPath) {
// request for favicon.ico doesn't include cookie :(
if (assetPath.equals("favicon.ico")) {
return ok();
}
if (session("authorized") == null || !session("authorized").equals("true")) {
System.out.println("not auth");
return redirect(pingURL);
} else {
return async(
WS.url(couchAppURL + assetPath).get().map(
new F.Function<WS.Response, Result>() {
public Result apply(WS.Response response) {
return ok(response.getBody()).as(response.getHeader("Content-type"));
}
}
)
);
}
}
public static Result pingCallbackGET(String token, String httpRef) {
if (token == null || token.equals("")) {
return unauthorized();
} else {
System.out.println("auth");
session("authorized", "true");
session("token", token);
}
return redirect(playProxyURL + httpRef);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.