Basic auth+weblogic
使用 weblogic中配置的auth
1.web.xml添加
<security-constraint>
<display-name>Secure REST Area</display-name>
<web-resource-collection>
<web-resource-name>Secure REST</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>webserviceuser</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>webserviceuser</role-name>
</security-role>
2.weblogic.xml添加( Basic authentication, input username&password.this account set in weblogic group, find group name in weblogic.xml)
<wls:security-role-assignment>
<wls:role-name>webserviceuser</wls:role-name>
<wls:principal-name>webserviceuser</wls:principal-name>
</wls:security-role-assignment>
3. 添加攔截器:
AuthInterceptor.java
public class AuthInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { return true; } }
InterceptorConfig.java:
public class InterceptorConfig implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor( this.authInterceptor() ).addPathPatterns("/**"); } @Bean public AuthInterceptor authInterceptor() { return new AuthInterceptor(); } }
Call api時候例如使用postman,auth type選擇basic,輸入username&& password ,分別來自於weblogic console中的配置
Implement restfull api via Spring
@RestController @RequestMapping("/") public class ClassNameController { @Autowired private ClassNameService classNameService; @RequestMapping(value = "/methodName", method = RequestMethod.GET)
@RequestHeader(value="end_date",required=false) String endDate, @RequestHeader(required=false,value="in_date")@DateTimeFormat(pattern="yyyy-MM-ddHH:mm:ss")Date effectiveDate public ClassNameResponse methodName( return response; )
注意
以上僅爲get+header方法,post等類似
Input 允許不輸入或者爲空:
接收默認值by Jackson
Spring boot包含jackson
restfull api+Basic auth+weblogic
原文:https://www.cnblogs.com/javac/p/14749029.html