[英]Implement basic Authentication for rest api using Jersey 2
I have exposed some rest api using Jersey 2
(Tomcat server) and successfully implemented Basic authentication
(only needed authentication stuff not authorization) using ContainerRequestFilter
filter as below我已经使用
Jersey 2
(Tomcat 服务器)公开了一些 rest api,并使用ContainerRequestFilter
过滤器成功实现了Basic authentication
(只需要身份验证而不是授权),如下所示
public class AuthFilter implements ContainerRequestFilter{
@Context
HttpServletRequest request;
@Override
public void filter(ContainerRequestContext context) {
............................
//getting username/password authorization header and validating
When I told the same to my Lead, he said don't use filters as every time your rest api is hit, this filter will get invoked.Therefore, implement basic authentication security at container level.I am using Tomcat server.当我告诉我的主管时,他说不要使用过滤器,因为每次你的 REST API 被点击时,这个过滤器都会被调用。因此,在容器级别实现基本的身份验证安全。我正在使用 Tomcat 服务器。 In
web.xml
, this is defined在
web.xml
,这是定义的
<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
Is the above he is referring to?上面是他指的吗? Can anyone please guide me how to implement the way my lead is saying?
任何人都可以指导我如何实施我的领导所说的方式吗?
The documentation gives you examples on how to configure this via web.xml.该文档为您提供了有关如何通过 web.xml 进行配置的示例。 You'll need to configure this using a
login-config
that belongs to a realm.您需要使用属于领域的
login-config
来login-config
它。 The web container then takes care of securing resources based on URL patterns.然后,Web 容器负责根据 URL 模式保护资源。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.