Authenticating users via Active Directory programmatically on REST service API call
Question
I have a spring mvc web app that has an API, that looks like this
/api/createUser?name=Tom .
At the same time there is a web site backed by the same web app, that has restricted pages, which can only be accessed once the a user authorizes using login form + Active Directory. I have managed to set up AD and it works well, but I am kinda lost with the API.
I want to make an authentication for API calls too. Namely, I want to introduce username and password fields to every API call, so that when the relevant controller receives this API call, it first authenticates the user programmatically and it succeeded, then proceeds further with the request.
So the question is, how can I authenticate a user programmatically outright from MVC controller in Spring? Is there any magic bean that I can inject and harness its power?
1 answers
solution1
0 2014-08-08 04:41:15
I think you could use spring sercurity
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<http auto-config="true">
<intercept-url pattern="/api**" access="ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="username" password="password" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.