我按照這個教程Best practice for REST token-based authentication with JAX-RS and Jersey,我在過濾器部分。OSGi中的身份驗證過濾器?
我正在使用OSGI,我不知道如何註冊我的過濾器。我創建了我的過濾器,並且沒有錯誤地構建我的項目。我部署了我的包在卡拉夫,但我的@Secured服務不安全,因爲過濾器沒有被稱爲...
我應該添加我的過濾器激活?在藍圖中? (我在OSGi的世界是新的)
這裏我的過濾器:
@Secured
@Provider
@Priority(Priorities.AUTHENTICATION)
public class AuthenticationFilter implements ContainerRequestFilter {
private static Logger LOGGER = LoggerFactory.getLogger(AuthenticationFilter.class);
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
LOGGER.info("[AuthenticationFilter] started");
// Get the HTTP Authorization header from the request
String authorizationHeader =
requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
// Check if the HTTP Authorization header is present and formatted correctly
if (authorizationHeader == null || !authorizationHeader.startsWith("Bearer ")) {
throw new NotAuthorizedException("Authorization header must be provided");
}
// Extract the token from the HTTP Authorization header
String token = authorizationHeader.substring("Bearer".length()).trim();
try {
// Validate the token
validateToken(token);
} catch (Exception e) {
requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
}
LOGGER.info("[AuthenticationFilter] ended");
}
//TODO: add the key in properties
//TODO: check the username in DB
private void validateToken(String token) throws Exception {
// Check if it was issued by the server and if it's not expired
// Throw an Exception if the token is invalid
String username = Jwts.parser()
.setSigningKey("jeSuisLaSecretPhrase,1234,ilFaudraMePlacerEnConf,Merci")
.parseClaimsJws(token)
.getBody()
.getIssuer();
if(!"admin".equals(username)){
throw new NotAuthorizedException("bad token");
}
}
}
編輯
Karaf無法加載 「http://cxf.apache.org/blueprint/jaxrs」 這是我的藍圖:
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0"
xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs">
<!-- Beans declaration -->
<bean id="AuthenticationServlet" class="com.mycompanie.fr.core.servlets.jaxrs.impl.AuthenticationServletImpl">
<property name="service" ref="service" />
</bean>
<service ref="AuthenticationServlet" interface="com.mycompanie.fr.core.servlets.jaxrs.AuthenticationServlet" />
<bean id="CommitmentServlet" class="com.mycompanie.fr.core.servlets.jaxrs.impl.CommitmentServletImpl">
<property name="service" ref="service" />
</bean>
<service ref="CommitmentServlet" interface="com.mycompanie.fr.core.servlets.jaxrs.CommitmentServlet" />
<!-- Dependency definition -->
<reference id="service" interface="com.mycompanie.fr.core.api.services.MainService" />
<jaxrs:providers>
<ref bean="AuthenticationFilter" />
</jaxrs:providers>
<bean id="AuthenticationFilter" class="com.mycompanie.fr.core.servlets.filter.AuthenticationFilter"/>
<web-spa xmlns="http://www.mycompanie.com/xmlns/web-spa/v1.0.0" context="/myProject">
<service ref="AuthenticationServlet" />
<service ref="CommitmentServlet" />
</web-spa>
</blueprint>
你如何公開你的REST服務?你使用藍圖和CXF命名空間或其他類似CXF-DOSGi的東西嗎? –
我在藍圖中使用藍圖 –