2

我正在尝试使用 Spring MVC 3.1 和 REST API 开发示例应用程序。

在进入应用程序之前,有一个登录表单来验证用户。我想使用 REST API 使用用户在登录表单中提供的凭据(用户名和密码)进行基本身份验证。

我的问题是我不知道如何使用 REST API 进行基本身份验证。

我进行了很多搜索,但没有得到任何正确的教程,我可以从中解决我的错误。

请任何人指导我或告诉我任何好的文章?

现在我正在学习以下教程 http://www.jpalace.org/docs/technotes/spring/rest-security.html但得到空指针异常。

RestClient.java

import org.springframework.web.client.RestTemplate;


public class RestClient {

    RestTemplate restTemplate = new RestTemplate();
    static final String URL = "http://www.assembla.com/spaces/my_spaces";
    static final String username = "aaaaa";
    static final String password = "aaaaa";

    public RestClient() {

        BasicSecureSimpleClientHttpRequestFactory requestFactory = new BasicSecureSimpleClientHttpRequestFactory();
        requestFactory.setCredentialsProvider(new SimpleCredentialsProvider(
                new Credentials(username, password)));
        restTemplate.setRequestFactory(requestFactory);
    }

    public void exec() {
        System.out.println("restTemplate :::::::::::::::::: " + restTemplate);
        String response = restTemplate.getForObject(URL, String.class);
        System.out.println("Response:::::::::::::: " + response);
    }

}

BasicSecureSimpleClientHttpRequestFactory.java

import java.net.HttpURLConnection;
  import sun.misc.BASE64Encoder;


    public class BasicSecureSimpleClientHttpRequestFactory extends
            SecureSimpleClientHttpRequestFactory {

        public BasicSecureSimpleClientHttpRequestFactory() {
        }

        protected void prepareSecureConnection(HttpURLConnection connection) {
            if (credentialsProvider == null) {
                return;
            }
            Credentials credentials = credentialsProvider.getCredentials(null);
            String token = credentials.getUsername() + ":"
                    + credentials.getPassword();
            BASE64Encoder enc = new sun.misc.BASE64Encoder();
            String encodedAuthorization = enc.encode(token.getBytes());
            connection.setRequestProperty("Authorization", "Basic "
                    + encodedAuthorization);
        }
    }

SecureSimpleClientHttpRequestFactory .java

import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URI;

import org.springframework.http.HttpMethod;
import org.springframework.http.client.ClientHttpRequest;
import org.springframework.http.client.SimpleClientHttpRequestFactory;

abstract public class SecureSimpleClientHttpRequestFactory extends
        SimpleClientHttpRequestFactory {

    protected CredentialsProvider credentialsProvider;

    public SecureSimpleClientHttpRequestFactory() {
    }

    public CredentialsProvider getCredentialsProvider() {
        return credentialsProvider;
    }

    public void setCredentialsProvider(CredentialsProvider credentialsProvider) {
        this.credentialsProvider = credentialsProvider;
    }

    @Override
    public ClientHttpRequest createRequest(URI uri, HttpMethod httpMethod)
            throws IOException {
        HttpURLConnection connection = openConnection(uri.toURL(), null);
        prepareConnection(connection, httpMethod.name());
        prepareSecureConnection(connection);
        return new SecureSimpleClientHttpRequest(connection);
    }

    abstract protected void prepareSecureConnection(HttpURLConnection connection);

}

SecureSimpleClientHttpRequest .java

import java.io.IOException;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URI;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.client.ClientHttpRequest;
import org.springframework.http.client.ClientHttpResponse;
public class SecureSimpleClientHttpRequest implements ClientHttpRequest {
    public SecureSimpleClientHttpRequest(HttpURLConnection connection) {
        // TODO Auto-generated constructor stub
    }
    @Override
    public HttpMethod getMethod() {
        // TODO Auto-generated method stub
        return null;
    }
    @Override
    public URI getURI() {
        // TODO Auto-generated method stub
        return null;
    }
    @Override
    public HttpHeaders getHeaders() {
        // TODO Auto-generated method stub
        return null;
    }
    @Override
    public OutputStream getBody() throws IOException {
        // TODO Auto-generated method stub
        return null;
    }
    @Override
    public ClientHttpResponse execute() throws IOException {
        // TODO Auto-generated method stub
        return null;
    }
}

SimpleCredentialsProvider .java

public class SimpleCredentialsProvider implements CredentialsProvider {

    private Credentials credentials;

    public SimpleCredentialsProvider(Credentials credentials) {
        super();
        this.credentials = credentials;
    }

    @Override
    public Credentials getCredentials(String str) {

        return credentials;
    }

}

凭据提供程序.java

public interface CredentialsProvider {

    public Credentials getCredentials(String str);
}

凭据.java

public class Credentials {

    private String username;
    private String password;

    public Credentials(String username, String password) {
        super();
        this.username = username;
        this.password = password;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

}

我收到以下错误:

2012 年 10 月 16 日下午 12:56:04 org.apache.catalina.core.StandardWrapperValve 调用严重:servlet spring 的 Servlet.service() 在 org.springframework.web.client.RestTemplate$AcceptHeaderRequestCallback 处抛出异常 java.lang.NullPointerException。 doWithRequest(RestTemplate.java:530) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:444) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:409) at org.springframework .web.client.RestTemplate.getForObject(RestTemplate.java:207)

4

1 回答 1

2

一种方法是,如果您已经在使用 spring MVC,将它与 Spring Security 结合使用: http: //static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity.html

由于它以各种方式支持基本身份验证:http: //static.springsource.org/spring-security/site/docs/3.1.x/reference/ns-config.html#ns-form-and-basic

还可以查看这篇文章以了解将其与 REST 一起使用: http ://www.baeldung.com/2011/11/20/basic-and-digest-authentication-for-a-restful-service- with-spring-security-3-1/

于 2012-10-15T08:58:04.537 回答