Websphere에서 보안 REST 호출

WebSphere 8.5.0.2에서 보안 REST 서비스를 작성하려고합니다. 기본 인증을 사용하여 보안을 설정하려고합니다. web.xml을 수정하고 자동 삽입 된 SecurityContext를 읽도록 시도했습니다. 자동 주입 된 개체가 있지만 다양한 작업이 실패했습니다. securityContext.getAuthenticationScheme(); 또한 모든 인증을받은 영역의 사용자에게 내 역할을 매핑했습니다.Websphere에서 보안 REST 호출

윙크의 문서에서도 아무것도 찾을 수 없습니다. 내가 뭐 잘못하고 있니?

내 web.xml을하는 것은

<?xml version="1.0" encoding="UTF-8"?> 
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0"> 
    <display-name>RESTModulation</display-name> 
    <!-- Wink SDK servlet configuration. 
     This servlet handles HTTP requests 
     of SDK web service on application server.--> 

<servlet> 
    <description> 
    JAX-RS Tools Generated - Do not modify</description> 
    <servlet-name>EntryRestServlet</servlet-name> 
    <servlet-class>com.ibm.websphere.jaxrs.server.IBMRestServlet</servlet-class> 
    <init-param> 
     <param-name>javax.ws.rs.Application</param-name> 
     <param-value>com.demo.DemoResourceApplication</param-value> 
    </init-param> 
    <load-on-startup>1</load-on-startup> 
</servlet> 
<servlet-mapping> 
    <servlet-name>EntryRestServlet</servlet-name> 
    <url-pattern> 
    /resources/*</url-pattern> 
</servlet-mapping> 
<security-constraint id="SecurityConstraint_1"> 
     <web-resource-collection id="WebResourceCollection_1"> 
     <web-resource-name>EntryRestServlet</web-resource-name> 
     <description>Protection area for Rest Servlet</description> 
     <url-pattern>/resources/</url-pattern> 
     <http-method>GET</http-method> 
     <http-method>POST</http-method> 
     </web-resource-collection> 
     <auth-constraint id="AuthConstraint_1"> 
     <description>Role1 for this rest servlet</description> 
     <role-name>Role1</role-name> 
     </auth-constraint> 
</security-constraint> 
<security-role id="SecurityRole_1"> 
     <description>This is Role1</description> 
     <role-name>Role1</role-name> 
</security-role>  
<login-config> 
     <auth-method>BASIC</auth-method> 
     <realm-name>defaultWIMFileBasedRealm</realm-name> 
</login-config> 
    <welcome-file-list> 
    <welcome-file>index.html</welcome-file> 
    <welcome-file>index.htm</welcome-file> 
    <welcome-file>index.jsp</welcome-file> 
    <welcome-file>default.html</welcome-file> 
    <welcome-file>default.htm</welcome-file> 
    <welcome-file>default.jsp</welcome-file> 
    </welcome-file-list> 
</web-app> 

========================================================================== 
Service implementation 

@Path("/MyTestService") 

public class MyTestService{ 

    @Context 
    SecurityContext securityContext; 

    @GET 
    @Path("/getUser1") 
    @Produces(MediaType.TEXT_PLAIN) 
    public Response doInquiry()throws Exception { 
     String jsonData= "{'user':'I am here '}"; 

     String authnScheme = securityContext.getAuthenticationScheme(); 
      System.out.println("authnScheme : " + authnScheme); 
      // retrieve the name of the Principal that invoked the resource 
      String username = securityContext.getUserPrincipal().getName(); 
      System.out.println("username : " + username); 
      // check if the current user is in Role1 
      Boolean isUserInRole = securityContext.isUserInRole("Role1"); 
      System.out.println("isUserInRole : " + isUserInRole); 
return Response.status(Response.Status.OK).entity(jsonData).build(); 
    } 
}

출처

2016-11-07 Sunil

'실패하고 계십니까?' 코드에서 호출 한 결과와 예외가있는 경우 시스템을 추가하십시오. – Gas

나는 REST 클라이언트에서 올바른 암호를 전달하지 않았다. 올바른 자격 증명을 제공하면 작업이 시작됩니다.

출처

2016-11-10 17:00:36 Sunil

답변

관련 문제