1. 首頁
  2. 問答
  3. 使用Jersey客戶端進行摘要式身份驗證

使用Jersey客戶端進行摘要式身份驗證

2010-06-02 134 views
9

我已經使用Jersey服務器編寫了一個REST Web服務(它完全可以!)。 我現在正在用Jersey客戶端開發它的客戶端部分。使用Jersey客戶端進行摘要式身份驗證

在服務器端,我選擇了一個DIGEST認證,因爲我個人認爲BASIC認證是在我們的頭腦爲「DEPRECATED」應該標誌着一個異端。

不幸的是,我在客戶端看不到任何對摘要式身份驗證的支持。 對於BASIC認證,一個不一樣的東西:

client.addFilter(
    new HTTPBasicAuthFilter(
     user, 
     password));

但我看不出有什麼 「HTTPDigestAuthFilter」 對口。 我錯過了什麼嗎?

感謝您的幫助,

拉斐爾

來源

2010-06-02 Raphael Jolivet

+0

好吧,我在澤西島的郵件列表上詢問過,它目前不存在。 所以我正在實施它。 我會盡快將它發佈到那裏。 – 2010-06-09 09:20:37

+0

請按照Nabble上Jersey郵件列表的相應線索進行操作: http://jersey.576304.n2.nabble.com/DIGEST-Authentication-with-Jersey-client-td5132921.html – 2010-06-14 10:00:58

+0

爲什麼要將* HTTP基本訪問驗證*將被棄用? – user359996 2010-11-04 20:28:35

回答

23

我剛纔已經實現了它。 我已經創造了澤西問題跟蹤功能請求,並張貼我的實現還有,作爲附件: https://jersey.dev.java.net/issues/show_bug.cgi?id=542

它正常工作與Tomcat服務器的摘要式身份驗證通信。 我還沒有測試過其他網絡服務器。

來源

2010-06-24 21:53:30

+11

+1自己實現缺失功能並釋放它。 – user359996 2010-12-17 17:09:01

+0

鏈接不再有效,它移動了嗎? – 2014-12-16 02:07:15

0

這裏我寫了一些隨機的uri。請填寫您想要的URI

對於樣本測試,您可以藉助互聯網上可用的Google服務進行打開。

import javax.ws.rs.core.*; 
    import org.apache.commons.codec.digest.*; 
    import org.codehaus.jettison.json.*; 
    import com.sun.jersey.api.*; 


    public class DigestClient { 

    //Dividing into two parts because we need to send the last part of uri in our second request to service. 
    static String baseUri = "https://www.something.com"; 
    static String subUri = "/later-part"; 

    public static void main(String[] args) throws JSONException{ 

     ClientConfig cc = new DefaultClientConfig(); 
     Client client = Client.create(cc); 

     WebResource webResource = client.resource(baseUri+subUri); 
     ClientResponse response = webResource.get(ClientResponse.class); 
     // Basically in Digest-Authentication mechanism, we hit the rest service two times. 
     // First time with No Authentication, which returns some values (qop, nonce, realm) which are used as inputs in second call to rest service. 


     /*--------------- First call-----------------*/ 
     // We get 401, Unauthorized 
     System.out.println(response.getStatus()+" "+response.getStatusInfo()); 
     // Here is the complete header information 
     System.out.println(response.getHeaders()); 
     // We need "WWW-Authenticate" part information for our second call to rest 
     System.out.println("WWW-Authenticate: \t" + response.getHeaders().get("www-Authenticate")); 


     String noAuthResp = response.getHeaders().get("www-Authenticate").toString(); 
     noAuthResp = noAuthResp.replace("Digest ", ""); 
     noAuthResp = noAuthResp.replace('[', '{'); 
     noAuthResp = noAuthResp.replace(']', '}'); 

     // Creating a JSONObject for easy information retrieval 
     JSONObject resp = new JSONObject(noAuthResp); 


     /*--------------- Second call-----------------*/ 
     // Here client has to set the fields which was returned from the first call 
     String user = "postman";   // username 
     String password = "password";   // password 
     String realm = resp.getString("realm");   // realm value from the first rest-call response 
     String qop = resp.getString("qop");   //qop value from the first rest-call response 
     String nonce = resp.getString("nonce");   // nonce value from the first rest-call response 
     String opaque = resp.getString("opaque");   // Some times if we don't get this value, set it with "" 
     String algorithm = "MD5";   // The algorithm set by the client 
     int nonceCount = 678;   // Some numerical input from the client 
     String clientNonce = "afdjas0";   // Some random text from the client for encryption 

     String method = "GET";   // HTTP method 

     String ha1 = new DigestClient().formHA1(user, realm, password); 
     String ha2 = new DigestClient().formHA2(method, subUri); 
     String responseCode = new DigestClient().generateResponse(ha1, nonce, nonceCount, clientNonce, qop, ha2); 

     // Header to be sent to the service 
     String value = "Digest username=\""+user+"\", realm=\""+realm+"\", nonce=\""+nonce+"\", uri=\""+subUri+"\", qop="+qop+", nc="+nonceCount+", cnonce=\""+clientNonce+"\", response=\""+responseCode+"\", opaque=\""+opaque+"\"";   

     // Hitting the service 
     response = webResource.header("authorization", value).type(MediaType.TEXT_PLAIN).accept("*").get(ClientResponse.class); 
     System.out.println("\nComplete Response:\n"+response+"\n"); 
     String output = response.getEntity(String.class); 
     System.out.println("Response Text: "+output); 
    } 

    // For generating HA1 value 
    public String formHA1(String userName,String realm,String password){ 
     String ha1 = DigestUtils.md5Hex(userName + ":" + realm + ":" + password); 
     return ha1; 
    } 
    // For generating HA2 value 
    public String formHA2(String method,String uri){ 
     String ha2=DigestUtils.md5Hex(method + ":" + uri); 
     return ha2; 
    } 

    // For generating response at client side 
    public String generateResponse(String ha1,String nonce,int nonceCount,String clientNonce,String qop,String ha2){ 
     String response=DigestUtils.md5Hex(ha1 + ":" + nonce + ":" + nonceCount + ":" +clientNonce +":" + qop + ":" +ha2); 
     return response; 

    } 
    }

來源

2017-01-05 07:12:28

相關問題

 相關問題