Java 具有 ADFS SAML 身份验证的 Web 服务客户端
[英]Java webservice client with ADFS SAML authentication
问题描述
We are trying to connect to webservice (from Java ) that has ADFS SAML authentication.
我们正在尝试连接到具有ADFS SAML身份验证的Web服务(来自Java )。
All the examples I have seen, use Basic Authentication over HTTPS .我见过的所有示例,都在 HTTPS 上使用基本身份验证。 (I am just using HttpsURLConnection to make a request for now, not using anything like Axis or JAX-WS) (我现在只是使用 HttpsURLConnection 发出请求,而不是使用 Axis 或 JAX-WS 之类的东西)
I am not sure how to approach ADFS SAML authentication.我不确定如何处理ADFS SAML身份验证。 Here's what I understand so far (don't know much about SAML ):到目前为止,这是我所了解的(对SAML不太了解):
- I make one request, pass username/password and get the authentication token back我提出一个请求,传递用户名/密码并取回身份验证令牌
- Save the authentication token保存身份验证令牌
- Pass the token as some SOAP attribute in my calls where I invoke an actual operation on the webservice在我的调用中将令牌作为一些SOAP属性传递,我在其中调用Web服务的实际操作
- No idea under which attribute would I put this authentication token though不知道我会将这个身份验证令牌放在哪个属性下
Is my above approach correct?我的上述方法正确吗? If so, is there some library that I can use that does all this?如果是这样,是否有一些我可以使用的库来完成这一切?
If not how can I go about doing this manually?如果不是,我该如何手动执行此操作?
Please let me know if there are other or better ways of going about this.请让我知道是否有其他或更好的方法来解决这个问题。
1 个解决方案
解决方案1
0 2019-10-02 15:56:19
If you are trying to build native app then can use below code.如果您正在尝试构建本机应用程序,则可以使用以下代码。 i has tried to use power bi rest apis.我曾尝试使用 power bi rest api。 once you gets token you can use that in api calls.一旦获得令牌,您就可以在 api 调用中使用它。
public class PublicClient {
private final static String AUTHORITY = "https://login.microsoftonline.com/common";
private final static String CLIENT_ID = "XXXX-xxxx-xxx-xxx-xxxX";
private final static String RESOURCE = "https://analysis.windows.net/powerbi/api";
public static void main(String args[]) throws Exception {
try (BufferedReader br = new BufferedReader(new InputStreamReader(System.in))) {
System.out.print("Enter username: ");
String username = br.readLine();
System.out.print("Enter password: ");
String password = br.readLine();
AuthenticationResult result = getAccessTokenFromUserCredentials(
username, password);
System.out.println("Access Token - " + result.getAccessToken());
System.out.println("Refresh Token - " + result.getRefreshToken());
System.out.println("ID Token Expires on - " + result.getExpiresOn());
}
}
private static AuthenticationResult getAccessTokenFromUserCredentials(
String username, String password) throws Exception {
AuthenticationContext context = null;
AuthenticationResult result = null;
ExecutorService service = null;
try {
service = Executors.newFixedThreadPool(1);
context = new AuthenticationContext(AUTHORITY, false, service);
Future<AuthenticationResult> future = context.acquireToken(
RESOURCE, CLIENT_ID, username, password, null);
result = future.get();
} finally {
service.shutdown();
}
if (result == null) {
throw new ServiceUnavailableException(
"authentication result was null");
}
return result;
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.