Liferay api / jsonws页面只能供管理员用户访问
[英]Liferay api/jsonws page should be accessible only for admin users
问题描述
Can anyone please tell me how we can Restrict Access to Liferay api/jsonws page for normal users. 
任何人都可以告诉我如何限制普通用户访问Liferay api / jsonws页面。 api/jsonws page should be accessible only for admin users. api / jsonws页面只能供管理员用户访问。
Do we have any option to do that in Liferay. 我们在Liferay中有任何选择吗?
Can anyone please help me on this 任何人都可以帮我这个
2 个解决方案
解决方案1
2 已采纳 2017-02-12 17:19:13
I guess this feature is not in Liferay 6.2 :( 我猜这个功能不在Liferay 6.2中:(
jsonws.web.service.api.discoverable=false
Reference : https://issues.liferay.com/browse/LPS-50668 参考: https : //issues.liferay.com/browse/LPS-50668
Options which i am aware about you can do in 6.2 我所知道的选项可以在6.2中完成
- ServletFilter Hook ServletFilter Hook
Write your logic there //write specific pattern 在那里写下你的逻辑//编写特定模式
<servlet-filter>
<servlet-filter-name>ServiceAccessPage</servlet-filter-name>
<servlet-filter-impl>com.check.access.ServiceAccessPage</servlet-filter-impl>
<init-param>
<param-name>initparam</param-name>
<param-value>Hi IP Address Filter</param-value>
</init-param>
</servlet-filter>
<servlet-filter-mapping>
<servlet-filter-name>ServiceAccessPage</servlet-filter-name>
<url-pattern>/api/jsonws</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</servlet-filter-mapping>
inside ServiceAccessPage.java 在ServiceAccessPage.java中
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws java.io.IOException, ServletException {
//get user & Redirect to session.setAttribute(WebKeys.LAST_PATH, redirectionFailPath);
logger.info("DoFilter method being called");
}
- Crete service action Pre Action. 克里特岛服务行动预行动。
[This will be called before every every action :(] [这将在每个动作之前调用:(]
Get user from request, & Manage Landing page accordingly. 从请求中获取用户,并相应地管理登录页面。
- Use EXT 使用EXT
write one property to turn off/on page & Override JSONWebServiceServlet 写一个属性来关闭/打开页面和覆盖JSONWebServiceServlet
解决方案2
2 2017-02-16 11:53:06
you can custom auth.verifier for /api/jsonws/* by implementing AuthVerifier 您可以通过实现AuthVerifier为/ api / jsonws / *定制auth.verifier
and add these properties 并添加这些属性
auth.verifier.YOURAUTHVERFIER.urls.includes=/api/jsonws/*
please refer to this sample project 请参考此示例项目
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.