我有一个OSGi部署到Apache Karaf 2.2.8. 在这个捆绑包中,我正在使用CXF和Camel路由。我编写了一个CXF拦截器,它执行基本身份验证:从数据库中获取所有现有用户并进行验证。
问题是当方法handleMessage被调用时,AuthorizationPolicy对象为空。它不提供任何凭据。这是我的代码:
@Override
public void handleMessage(Message message)
throws Fault {
AuthorizationPolicy policy = message.get(AuthorizationPolicy.class);
if (users == null) {
setLastAccessedTime(Calendar.getInstance());
}
if (!wasRecentlyAccessed()) {
users = this.loadUsers();
setLastAccessedTime(Calendar.getInstance());
}
for (String user : users.values()) {
LOGGER.debug("Existing user: " + user);
}
if (policy == null) {
LOGGER.error("User attempted to log in with no credentials");
sendErrorResponse(message, HttpURLConnection.HTTP_UNAUTHORIZED);
return;
}
String password = users.get(policy.getUserName());
if (password == null || !policy.getPassword().equals(password)) {
LOGGER.error("Invalid login authentication for user: " + policy.getUserName());
sendErrorResponse(message, HttpURLConnection.HTTP_FORBIDDEN);
}
}
无论如何我可以在 Karaf 中为特定端点设置基本身份验证参数吗?是否有某种配置文件或其他东西?我在互联网上找不到任何东西......