通过身份验证转发到另一个Webapp
[英]Forwarding to another webapp with authentication
问题描述
I was trying out my first web app. 
我正在尝试我的第一个Web应用程序。 Using Tomcat 7. 使用Tomcat 7。
I want to forward from host:port/app1/x/y with some post data and authentication headers to host:port/app2/x/y with the same post data and the headers. 我想从具有一些发布数据和身份验证标头的host:port / app1 / x / y转发到具有相同发布数据和标头的host:port / app2 / x / y。 Both the applications are on the same host. 两个应用程序都在同一主机上。
/app2 has basic authentication. / app2具有基本身份验证。 On the client side the code goes 在客户端,代码去了
method.addRequestHeader("Authorization",
"Basic " + new String(Base64.encodeBase64(userNPasswd.getBytes())));
I am able to forward from /app1 to /app2 by doing the following 通过执行以下操作,我可以从/ app1转发到/ app2
1) Implementing a Filter and doing this in the doFilter in /app1 1)在/ app1中的doFilter中实现过滤器并执行此操作
ServletContext othercontext = filterConfig.getServletContext().getContext("/app2");
RequestDispatcher dispatcher = othercontext.getRequestDispatcher(req.getRequestURI().replace("/app1", ""));
dispatcher.forward(request, response);
2) In app1.. under WEB-INF/web.xml forward all (/*) url mapping 2)在app1 ..中的WEB-INF / web.xml下转发所有(/ *)网址映射
<filter>
<filter-name>ForwardFilter</filter-name>
<filter-class><my.package.filter.ForwardFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ForwardFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
3) In tomcat in conf/server.xml.. Defining context for both /app1 and /app2 under the same host and turning off unpack war etc and having crossContext = true 3)在conf / server.xml中的tomcat中。在同一主机下为/ app1和/ app2定义上下文,并关闭解压缩战争等,并让crossContext = true
<Context path="/app1" docBase="app1" crossContext="true" />
<Context path="/app2" docBase="app2" crossContext="false" />
app1.war is a really simple with just one filter class and a web.xml which is mapped to forward requests app1.war非常简单,只有一个过滤器类和一个映射为转发请求的web.xml
app2.war is a spring enabled web app app2.war是启用了Spring的Web应用程序
When i directly make a request to /app2 with a wrong password, I get an error 当我使用错误的密码直接向/ app2请求时,出现错误
When I am forwarding the way currently forwarding (from /app1 to /app2), it is skipping the authentication and the request start processing under /app2. 当我转发当前转发方式(从/ app1到/ app2)时,它跳过了身份验证,并且请求开始在/ app2下进行处理。 It fails with npe when in some place in /app2.. it is trying to read the user name from the security context (Spring was expected to kick in and set this) 在/ app2中的某个位置时,它使用npe失败。.尝试从安全上下文中读取用户名(应使用Spring并进行设置)
SecurityContextHolder.getContext().getAuthentication().getName();
I cannot change code under /app2 我无法更改/ app2下的代码
I would like /app1 to be a very simple request forward.. 我希望/ app1是一个非常简单的请求。
I cannot use redirect or use a apache rule rewrite in front of tomcat 我不能在tomcat前面使用重定向或使用apache规则重写
Please let me know if any more information has to be shared 请让我知道是否需要共享更多信息
Does a forward also forward all the authentication headers as well, so its as though the request hit /app2 directly ? 转发是否还会转发所有身份验证标头,因此该请求就好像直接命中了/ app2一样?
1 个解决方案
解决方案1
1 已采纳 2015-12-09 13:33:06
By default filters are not applied for forwards. 默认情况下,过滤器不应用于转发。 It needs to be specified explicitly to apply for forwards as well 还需要明确指定它以申请转发
So in the WEB-INF/web.xml of the receiving app (here app2), for every filter which should be applied to the forward request as well add the following 因此,在接收应用程序(此处为app2)的WEB-INF / web.xml中,对于应应用于转发请求的每个过滤器,还添加以下内容
<filter-mapping>
...
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
...
<filter-mapping>
After that all the required filters in /app2 started executing as well 之后,/ app2中所有必需的过滤器也开始执行
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.