stackoom
  简体   繁体   中英

Setting a Authorization Header in Filter

 原文  2015-09-28 09:28:22       java/ web-services/ rest/ servlets/ servlet-filters

Question

Am new to RESTful web service. I got a new requirement. Its like, I need to create a new RESTful Web Service where my service will accept a token from the calling program. This token needs to be set to Authorization Header and hit a filter which is in a JAR given by the client. I have created a RESTFul web service where it accepts a Token from calling program. now how can I set this token to Authorization Header. pls help me with this.

3 answers

solution1
 2  2015-09-28 09:37:14

In plain Java you can set the Authorization Header Client side this way:

String url = "test.com";
URL urlObj = new URL(url);
HttpURLConnection con = (HttpURLConnection) urlObj.openConnection();
con.setRequestProperty("Authorization", "You Token");

Edit Just to be sure i dont miss the topic of the op. If you want to crate an token for authorization you have to pass this token to the user after the user has logged in at you site. After the user client reveives the token the client have to send this token with every request (be shure you use ssl for transmission)

The Serverside Code should look like this:

public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException {
    String auth = req.getHeader("Authorization");
    //validate Token
}

solution2
 1 ACCPTED  2015-09-28 11:00:16

Is the context of this question the same as in this post of yours - Calling a Filter before a Servlet from REST Webservice

Then to summarize you have a Restful service accepting a token as a Header. You invoke a Filter from the service which provides some functionality and you need to pass the token to the filter as a request header?

To achieve that you need to create a HttpServletRequestWrapper and pass that to the filter. You would override the getHeader(String name) method and

public class CustomHttpServletRequestWrapper implements HttpServletRequest{
       public CustomHttpServletRequestWrapper(HttpServletRequest request){
            super(request);
       }

       public String getHeader(String name){
            if(name.equals("AUTH-HEADER"){
                  //get the original request
                  HttpServletRequest request = (HttpServletRequest)getRequest();
                   //now get it from the original request and return
            }else{
                  return request.getHeader(name);
             }
       }

      //  TODO override getHeaderNames()
}

And then pass this while invoking your filter.

 CustomHttpServletRequestWrapper requestWrapper = new CustomHttpServletRequestWrapper(request);
 request.getRequestDispatcher("/secure").include(requestWrapper, response);

solution3
 0  2019-12-16 20:01:48

May be you can do it like this:

request.setAttribute("yourNameToken", yourToken);

then you can use the token with this script:

String tk = (String) request.getAttribute("yourNameToken");

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Setting Authorization header in Angular 2 Setting header Authorization for https get request in Java Getting unauthorized error after setting the authorization token in the header of retrofit call Setting Authentication Header in Servlet via Filter Spring Security ignore path filter still executed when Authorization header present Maven not adding “Authorization” header Spring: Redirect with Authorization Header HttpURLConnection - Authorization Header is missing? Retrofit Authorization Header with credentials HttpURLConnection send header authorization
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM