10

如何对 Dropwizard 管理门户进行身份验证,以限制普通用户访问?请帮忙

4

3 回答 3

16

在您的配置中,您可以像这样设置adminUsernameadminPasswordhttp

http:
  adminUsername: user1234
  adminPassword: pass5678
于 2012-10-20T21:09:51.740 回答
15

对于 DW 0.7,我的方法是:

public class AdminConstraintSecurityHandler extends ConstraintSecurityHandler {

    private static final String ADMIN_ROLE = "admin";

    public AdminConstraintSecurityHandler(final String userName, final String password) {
        final Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, ADMIN_ROLE);
        constraint.setAuthenticate(true);
        constraint.setRoles(new String[]{ADMIN_ROLE});
        final ConstraintMapping cm = new ConstraintMapping();
        cm.setConstraint(constraint);
        cm.setPathSpec("/*");
        setAuthenticator(new BasicAuthenticator());
        addConstraintMapping(cm);
        setLoginService(new AdminMappedLoginService(userName, password, ADMIN_ROLE));
    }
}

public class AdminMappedLoginService extends MappedLoginService {

    public AdminMappedLoginService(final String userName, final String password, final String role) {
        putUser(userName, new Password(password), new String[]{role});
    }

    @Override
    public String getName() {
        return "Hello";
    }

    @Override
    protected UserIdentity loadUser(final String username) {
        return null;
    }

    @Override
    protected void loadUsers() throws IOException {
    }
}

并以这种方式使用它们:

environment.admin().setSecurityHandler(new AdminConstraintSecurityHandler(...))
于 2014-05-23T12:01:46.020 回答
4

较新的 Jetty 版本没有MappedLoginService,所以@Kamil 的回答不再有效。我已经修改了他们的答案以使其从 Dropwizard 1.2.2 开始工作:

public class AdminConstraintSecurityHandler extends ConstraintSecurityHandler {

    private static final String ADMIN_ROLE = "admin";

    public AdminConstraintSecurityHandler(final String userName, final String password) {
        final Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, ADMIN_ROLE);
        constraint.setAuthenticate(true);
        constraint.setRoles(new String[]{ADMIN_ROLE});
        final ConstraintMapping cm = new ConstraintMapping();
        cm.setConstraint(constraint);
        cm.setPathSpec("/*");
        setAuthenticator(new BasicAuthenticator());
        addConstraintMapping(cm);
        setLoginService(new AdminLoginService(userName, password));
    }

    public class AdminLoginService extends AbstractLoginService {

        private final UserPrincipal adminPrincipal;
        private final String adminUserName;

        public AdminLoginService(final String userName, final String password) {
            this.adminUserName = Objects.requireNonNull(userName);
            this.adminPrincipal = new UserPrincipal(userName, new Password(Objects.requireNonNull(password)));
        }


        @Override
        protected String[] loadRoleInfo(final UserPrincipal principal) {
            if (adminUserName.equals(principal.getName())) {
                return new String[]{ADMIN_ROLE};
            }
            return new String[0];
        }

        @Override
        protected UserPrincipal loadUserInfo(final String userName) {
            return adminUserName.equals(userName) ? adminPrincipal : null;
        }
    }
}
于 2018-02-12T23:12:42.837 回答