java Apache CXF:如何使用基本身份验证保护 JAX-RS Web 服务
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1497297/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Apache CXF: How to secure JAX-RS web service with basic authentication
提问by David Tinker
I have a Spring application that publishes some RESTful web services using Apache CXF (using jax-rs). I would like to secure access to those services using HTTP basic authentication. The username and password should be in a Spring configuration file. The main application already uses Spring Security and I would prefer not to mess with that setup.
我有一个 Spring 应用程序,它使用 Apache CXF(使用 jax-rs)发布一些 RESTful Web 服务。我想使用 HTTP 基本身份验证来保护对这些服务的访问。用户名和密码应该在 Spring 配置文件中。主应用程序已经使用 Spring Security,我不想弄乱这个设置。
What is the easiest way to do this? I could write my own ServletFilter but surely there must be a way to configure this?
什么是最简单的方法来做到这一点?我可以编写自己的 ServletFilter 但肯定必须有一种方法来配置它吗?
采纳答案by Pascal Thivent
The author of HTTP Basic Authentication with Apache CXF Revisitedprovides the code of a CXF Interceptor that implements HTTP Basic Authentication validation and a sample of how to define the security interceptor and enable it on a simple endpoint.
笔者HTTP基本身份验证与Apache CXF再访提供了CXF拦截器的代码实现HTTP基本身份验证的验证和如何定义安全拦截器,并使其在一个简单的端点的样本。
