将基本授权标头添加到某些请求
[英]Add Basic Authorization header to some requests
问题描述
I want to display a live mjpeg stream from a camera in my Spring-based web-application, and the camera requires basic authentication. 
我想在基于Spring的Web应用程序中显示来自摄像机的实时mjpeg流,并且该摄像机需要基本身份验证。
Since Chrome does not support authentication in urls anymore (see https://code.google.com/p/chromium/issues/detail?id=123150#c3 ), and I am using the webapp mostly on Android tablets with Chrome in a fullscreen/homescreen mode, I am in trouble. 由于Chrome浏览器不再支持网址身份验证(请参阅https://code.google.com/p/chromium/issues/detail?id=123150#c3 ),因此我主要在装有Chrome浏览器的Android平板电脑上使用webapp全屏/主屏模式,我遇到了麻烦。
The image tag, with embedded auth, which btw works in Firefox, would be like this: 带有嵌入式auth的image标签,该标签在Firefox中工作,如下所示:
<img src="http://username:password@the.camera.local/video.mjpeg" />
Is there a way with Spring to intercept the GET request for certain urls and add an Authorization header? Spring是否可以拦截某些URL的GET请求并添加Authorization标头?
Edit 1 编辑1
On the other hand, if I could manage to load the image url with an jQuery ajax-request, to which I can add username and password parameters. 另一方面,如果我可以通过jQuery ajax-request加载图像URL,则可以在其中添加用户名和密码参数。
Any hint on how to do that practically is welcomed. 任何有关如何实际执行操作的提示都值得欢迎。
Edit 2 编辑2
In fact my initial question is flawed. 实际上,我最初的问题是有缺陷的。 The request for the image is done by the browser directly to the camera url, and thus can not be modified by Spring Security. 对图像的请求是由浏览器直接对相机URL完成的,因此不能由Spring Security修改。
Probably the only solution is to load the image by Ajax. 可能唯一的解决方案是通过Ajax加载图像。
2 个解决方案
解决方案1
0 2014-11-01 07:21:59
I think using spring security would solve your purpose. 我认为使用Spring Security可以解决您的目的。
For Ex:- you can mention in spring-security.xml file,for which url you want to implement this. 例如:-您可以在spring-security.xml文件中提及您要实现该URL的URL。
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http>
<intercept-url pattern="/video/*" access="ROLE_USER" />
<!-- Basic authentication -->
<http-basic/>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="test" password="test_pass" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
Configure web.xml for spring security and add the dependencies in pom.xml also. 配置用于春季安全性的web.xml并在pom.xml中添加依赖项。
Now when you try to access the resource /video/ ,for every succesful authentication,it would add Authorization header. 现在,当您尝试访问资源/ video /时,对于每个成功的身份验证,都会添加Authorization标头。
解决方案2
0 2014-11-03 09:47:46
How can add basic authentication to some of the request? 如何向某些请求添加基本身份验证? if i use spring security will add header to all requests. 如果我使用spring security,则会向所有请求添加标头。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.