Restlet 2.0.8:单个 Restlet 应用程序实例的多种身份验证方法(BASIC、DIGEST)?
我们使用 Restlet 2.0.8 并有一个覆盖 org.restlet.Application#createInboundRoot() 的 Application 实例。在那里,我们创建 Router 实例并返回(此时)一个 DigestAuthenticator,如下面的代码片段所示:
@Override
public synchronized Restlet createInboundRoot() {
log.info("App::createInboundRoot called");
this.authenticator = getAuthenticator();
Router router = new Router(getContext());
router.attach("/echo", EchoResource.class);
router.attach("/status", StatusResource.class);
authenticator.setNext(router);
return authenticator;
}
private ChallengeAuthenticator getAuthenticator() {
DigestAuthenticator auth = new DigestAuthenticator(getContext(), "Guard", "s3cret");
auth.setWrappedVerifier(new SimpleVerifier("user","pass");
auth.setOptional(false);
return auth;
}
我想要实现的是:
- 让 EchoResource 使用摘要身份验证,而 StatusResource 应该使用 HTTP 基本身份验证
这可能吗?与 Restlet?
最好的, 克里斯
We're using Restlet 2.0.8 and have an Application instance overwriting org.restlet.Application#createInboundRoot(). In there, we create the Router instance and return (at the moment) a DigestAuthenticator, like in the code snipped below:
@Override
public synchronized Restlet createInboundRoot() {
log.info("App::createInboundRoot called");
this.authenticator = getAuthenticator();
Router router = new Router(getContext());
router.attach("/echo", EchoResource.class);
router.attach("/status", StatusResource.class);
authenticator.setNext(router);
return authenticator;
}
private ChallengeAuthenticator getAuthenticator() {
DigestAuthenticator auth = new DigestAuthenticator(getContext(), "Guard", "s3cret");
auth.setWrappedVerifier(new SimpleVerifier("user","pass");
auth.setOptional(false);
return auth;
}
What I would like to achieve is:
- have the EchoResource using digest authentication and the StatusResource should use HTTP basic authentication
Is this possible with Restlets?
Best,
Chris
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
这可以通过链接 DigestAuthenticator(可选:true)和 BasicAuthenticator(可选:false)来实现。伪代码:
This is possible by chaining the DigestAuthenticator (optional: true) and the BasicAuthenticator (optional: false). Pseudo-code:
在类似的情况下,我们创建了两个 org.restlet.Application 对象,需要对一个应用程序进行身份验证(如上一问题所示),并将这两个应用程序附加到 Servlet 容器中的不同路径。
In a similar situation, we created two org.restlet.Application objects, require authentication for one Application as in the question above, and did attach both the Applications to different paths in the Servlet container.