版本:jersey v2.10
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.Principal;
import javax.annotation.Priority;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Priorities;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.ext.Provider;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.glassfish.jersey.internal.util.Base64;
/**
*
* @author zhangdapeng
* @version 1.0,2014年7月7日
* @since 1.0
*/
@Provider
@Priority(Priorities.AUTHENTICATION)
public class AuthRequestFilter implements ContainerRequestFilter {
private Log logger = LogFactory.getLog(getClass());
@Context
HttpServletRequest webRequest;
@Context
ServletConfig servletConfig;
@Context
ServletContext servletContext;
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
final Charset CHARACTER_SET = Charset.forName("utf-8");
String authHeader = requestContext.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
if (authHeader != null && authHeader.startsWith("Basic")) {
String decoded = new String(Base64.decode(authHeader.substring(6).getBytes()), CHARACTER_SET);
// String decoded = Base64.decodeAsString(authHeader.substring(6));
final String[] split = decoded.split(":");
final String username = split[0];
final String pwd = split[1];
if (pwd.equals(pwd)) {//这里做了最大简化
requestContext.setSecurityContext(new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return new Principal() {
@Override
public String getName() {
return username;
}
};
}
@Override
public boolean isUserInRole(String role) {
return true;
}
@Override
public boolean isSecure() {
return false;
}
@Override
public String getAuthenticationScheme() {
return "BASIC";
}
});
return;
}
}
requestContext.abortWith(Response.status(401).header(HttpHeaders.WWW_AUTHENTICATE, "Basic").build());
//TODO : HERE YOU SHOULD ADD PARAMETER TO REQUEST, TO REMEMBER USER ON YOUR REST SERVICE...
// logger.info(requestContext.getSecurityContext().getUserPrincipal().getName());
}
}
客户端访问:
@Test
public void testBasicPreemptive() {
Client client = ClientBuilder.newClient();
WebTarget target = client
.target("http://localhost:8080/boa/rest/customer/retrieve/1");
Response response = target.register(HttpAuthenticationFeature.basicBuilder().credentials("homer", "country").build())
.request().get();
assertEquals(200, response.getStatus());
Customer c= response.readEntity(Customer.class);
System.out.println("--"+c.getFirstName());
}
参考:http://blog.csdn.net/philosophyatmath/article/details/37879451