restfull api+Basic auth+weblogic
Basic auth+weblogic
使用 weblogic中配置的auth
1.web.xml添加
<security-constraint> <display-name>Secure REST Area</display-name> <web-resource-collection> <web-resource-name>Secure REST</web-resource-name> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> <http-method>DELETE</http-method> </web-resource-collection> <auth-constraint> <role-name>webserviceuser</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>default</realm-name> </login-config> <security-role> <role-name>webserviceuser</role-name> </security-role>
2.weblogic.xml添加( Basic authentication, input username&password.this account set in weblogic group, find group name in weblogic.xml)
<wls:security-role-assignment>
<wls:role-name>webserviceuser</wls:role-name>
<wls:principal-name>webserviceuser</wls:principal-name>
</wls:security-role-assignment>
3. 添加攔截器:
AuthInterceptor.java
public class AuthInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { return true; } }
InterceptorConfig.java:
public class InterceptorConfig implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { registry.addInterceptor( this.authInterceptor() ).addPathPatterns("/**"); } @Bean public AuthInterceptor authInterceptor() { return new AuthInterceptor(); } }
Call api時候例如使用postman,auth type選擇basic,輸入username&& password ,分別來自於weblogic console中的配置
Implement restfull api via Spring
@RestController @RequestMapping("/") public class ClassNameController { @Autowired private ClassNameService classNameService; @RequestMapping(value = "/methodName", method = RequestMethod.GET)
@RequestHeader(value="end_date",required=false) String endDate, @RequestHeader(required=false,value="in_date")@DateTimeFormat(pattern="yyyy-MM-ddHH:mm:ss")Date effectiveDate public ClassNameResponse methodName( return response; )
注意
以上僅爲get+header方法,post等類似
Input 允許不輸入或者爲空:
接收默認值by Jackson
Spring boot包含jackson