2

如何获取主体名称、会话并在理想情况下检查主体是否已使用 CXF JAX-RS Web 服务方法中的 Spring Security 上下文进行身份验证,该方法接收来自 Android 客户端的调用?这是我目前正在使用的代码。我已经评论了我想要得到的地方和内容。

调用webservice的Android代码:

httpclient.getCredentialsProvider().setCredentials(
          new AuthScope("192.168.1.101", 80), 
          new UsernamePasswordCredentials("joesmith", "mypasswd"));

 HttpGet httpget = new HttpGet(WEBSERVICE_URL+"/makePayload");
  httpget.setHeader("User-Agent", userAgent);
  httpget.setHeader("Content-Type", "application/xml");

  HttpResponse response;

  try {
      response = httpclient.execute(httpget);
      HttpEntity entity = response.getEntity();

      ... parse xml from response


      }

CXF,Spring Web服务代码:

@GET
@Path("/getPayload")
@Produces("application/XML")
public Response makePayload(@Context Request request){

         //Get user principal name
         //Get session?
         //Get Spring security context?

         Payload payload = new Payload();
         payload.setUsersOnline(new Long(200));

         return Response.ok().entity(payload).build();

 }
4

1 回答 1

0

request.getUserPrincipal.getName()或静态SecurityContextHolder.getContext().getAuthentication().getName()可能有效

于 2010-02-13T06:11:12.387 回答