泽西JAX-RS服务和Tomcat 6.0中的BASIC身份验证失败

本文介绍了泽西JAX-RS服务和Tomcat 6.0中的BASIC身份验证失败的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在尝试使用Tomcat 6.0和JAX-RS球衣实现在我的服务中进行BASIC身份验证。

I am trying to do a BASIC Authentication in my service using Tomcat 6.0 and JAX-RS jersey implementation.

以下是我遵循的实施步骤：

Below are the implementation steps I followed:

1）在 server.xml 中添加了这样的域：

1) Added the Realm in server.xml like this:

<Realm className="org.apache.catalina.realm.JDBCRealm" connectionName="XXX" connectionPassword="YYY" connectionURL="jdbc:oracle:thin:@localhost:1521/orcl" driverName="oracle.jdbc.OracleDriver" roleNameCol="role_name" userCredCol="user_pass" userNameCol="user_name" userRoleTable="user_roles" userTable="users"/>

我在其他JSP应用程序中使用的相同域，它在那里工作正常。

The same realm I am using in other JSP application, it is working fine over there.

2）以下是 web.xml

<servlet>
    <servlet-name>jersey-serlvet</servlet-name>
    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
    <init-param>
        <param-name>com.sun.jersey.config.property.packages</param-name>
        <param-value>com.infy.security</param-value>
    </init-param>
    <init-param>
        <param-name>com.sun.jersey.spi.container.ResourceFilters</param-name>
        <param-value>com.sun.jersey.api.container.filter.RolesAllowedResourceFilterFactory</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>jersey-serlvet</servlet-name>
    <url-pattern>/*</url-pattern>
</servlet-mapping>

<security-constraint>
  <web-resource-collection>
      <web-resource-name>BasicDemo</web-resource-name>
      <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
      <role-name>*</role-name>
  </auth-constraint>
  <!-- <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint> -->
</security-constraint>
<login-config>
  <auth-method>BASIC</auth-method>
  <!-- The realm name is typically displayed by the browser in the login dialog box. -->
  <realm-name>Login</realm-name>
</login-config>

以下是服务：

@Path("/authenticate")
@RolesAllowed({"Admin","Guest"})
public class BasicAuthenticationSecurity {

@GET
@Path("/wbiPing")
@Produces(MediaType.TEXT_PLAIN)
@RolesAllowed("Admin")
public Response wbiPing(){

    System.out.println("Pinged!!!");
    return Response.ok("Pinged!!!").build();
}

}

实施后，无论输入是什么在登录身份验证弹出窗口中（即使用户是管理员）我收到了unauthentication错误页面。以下是网址：

After implementation, whatever is the input in the login authentication popup (even if the user is "Admin") I am getting the unauthentication error page. Below is the URL:

http://localhost:8002/BASICAuthentication/rest/authenticate/wbiping

如果我有误，请告诉我。

Please let me know if I am misisng something.

谢谢，

推荐答案

我遇到了同样的问题，我无法在server.xml中使用realm定义运行它。

I had the same problem and I wasn't able to get it running with the realm definition in the server.xml.

一旦我移动了

<Realm
    className="org.apache.catalina.realm.JDBCRealm"
    driverName="oracle.jdbc.driver.OracleDriver"
    connectionURL="jdbc:oracle:thin:@//10.21.105.185:1552/CRODODEV.DE.MADM.NET"
    connectionName="1234556"
    connectionPassword="*****"
    userTable="cpim_users"
    userNameCol="user_name"
    userCredCol="password"
    userRoleTable="cpim_user_roles"
    roleNameCol="role_name"
    digest="sha-256" />

进入context.xml。 TomCat的日志记录使我发现服务器没有使用JDBC领域。

into the context.xml. The logging of the TomCat toled me that the server wasn't using the JDBC realm.

这篇关于泽西JAX-RS服务和Tomcat 6.0中的BASIC身份验证失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！