将Http基本身份验证添加到servletRequest
[英]Add Http Basic Authentication to servletRequest
问题描述
I have a ProxyServlet to handle requests to another server (which uses HTTP Basic Authentication) sent from my Application, and i want to add the header manually before the Servlet fires the actual request so the User wont have to enter any credentials. 
我有一个ProxyServlet来处理从我的应用程序发送到另一个服务器(使用HTTP基本身份验证)的请求,并且我想在Servlet触发实际请求之前手动添加标头,这样用户就不必输入任何凭据。
I have tried something like this code below using HttpServletRequestWrapper 我已经在下面使用HttpServletRequestWrapper尝试过类似以下代码的内容
public class DataServlet extends ProxyServlet {
@Override
protected void service(HttpServletRequest servletRequest, HttpServletResponse servletResponse)
throws ServletException, IOException {
final SystemCredentials credentials = new SystemCredentials("username", "password");
HttpServletRequestWrapper wrap = new HttpServletRequestWrapper(servletRequest){
@Override
public String getHeader(String name) {
if (name.equals("Authorization")){
String encoding = Base64.getEncoder().encodeToString((credentials.getUser().concat(":").concat(credentials.getPassword()).getBytes()));
return "Basic " + encoding;
} else
return super.getHeader(name);
}
};
super.service(wrap, servletResponse);
}
}
It doesnt seem to work, when i try to access it, shows a pop-up and asks for credentials for the remote server. 当我尝试访问它时,它似乎不起作用,显示了一个弹出窗口,并要求提供远程服务器的凭据。
My web.xml contains 我的web.xml包含
<servlet>
<servlet-name>data</servlet-name>
<servlet-class>foo.package.servlet.DataServlet</servlet-class>
<init-param>
<param-name>targetUri</param-name>
<param-value>http://fooServer/DataServer</param-value>
</init-param>
<async-supported>true</async-supported>
</servlet>
<servlet-mapping>
<servlet-name>data</servlet-name>
<url-pattern>/DataServer/*</url-pattern>
</servlet-mapping>
Is there any other way to make this work? 还有其他方法可以使这项工作吗?
Thanks! 谢谢!
1 个解决方案
解决方案1
1 已采纳 2017-05-26 11:13:29
Solution was to override the methods getHeader(String name) , getHeaders(String name) and getHeaderNames() as shown below. 解决方案是重写方法getHeader(String name) , getHeaders(String name)和getHeaderNames() ,如下所示。 This depends also on how the implementation is looking for headers. 这还取决于实现如何查找标头。 In this case ProxyServlet is looking via Enumeration<String> getHeaders(String name) . 在这种情况下, ProxyServlet通过Enumeration<String> getHeaders(String name)查找。
HttpServletRequestWrapper wrap = new HttpServletRequestWrapper(servletRequest){
@Override
public String getHeader(String name) {
if (name.equals(HttpHeaders.AUTHORIZATION)){
String encoding = Base64.getEncoder().encodeToString((credentials.getUser().concat(":").concat(credentials.getPassword()).getBytes()));
return "Basic " + encoding;
}
return super.getHeader(name);
}
@Override
public Enumeration<String> getHeaders(String name) {
if (name.equals(HttpHeaders.AUTHORIZATION)){
List<String> temp = new ArrayList<>();
String encoding = Base64.getEncoder().encodeToString((credentials.getUser().concat(":").concat(credentials.getPassword()).getBytes()));
temp.add("Basic " + encoding);
return Collections.enumeration(temp);
}
return super.getHeaders(name);
}
@Override
public Enumeration<String> getHeaderNames() {
// TODO Auto-generated method stub
List<String> temp = Collections.list(super.getHeaderNames());
temp.add(HttpHeaders.AUTHORIZATION);
return Collections.enumeration(temp);
}
};
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.