今天用SOAPUI发request到后台,给了个401 error,想跟踪下代码来查看如何进行验证的,于是就各种找。
1. 现在的项目用的是EJB3,JBOSS, 查看web.xml 可以看到是用Resteasy 进行验证的:
<web-app>
...
<context-param>
<context-name>resteasy.role.based.security</context-name>
<context-value>true</context-value>
</context-param>
</web-app>
以下摘自JBOSS官网(貌似resteasy也是JBOSS的?):
所以也就是说只要HttpServletRequest.isUserInRole给个true 就OK了
以下更多的resteasy配置在web.xml中供您参考:
<web-app>
<context-param>
<context-name>resteasy.role.based.security</context-name>
<context-value>true</context-value>
</context-param>
<listener>
<listener-class>org.resteasy.plugins.server.servlet.ResteasyBootstrap</listener-class>
</listener>
<servlet>
<servlet-name>Resteasy</servlet-name>
<servlet-class>org.resteasy.plugins.server.servlet.HttpServletDispatcher</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Resteasy</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Resteasy</web-resource-name>
<url-pattern>/security</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Test</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>
1)应该有一个@Remote or @Local aannotation在你的EJB里,通常在类名上面,E.G.:
<web-app>
<display-name>Archetype Created Web Application</display-name>
<context-param>
<param-name>resteasy.jndi.resources</param-name>
<param-value>LibraryBean/local</param-value>
</context-param>
<listener>
<listener-class>org.resteasy.plugins.server.servlet.ResteasyBootstrap</listener-class>
</listener>
<servlet>
<servlet-name>Resteasy</servlet-name>
<servlet-class>org.resteasy.plugins.server.servlet.HttpServletDispatcher</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Resteasy</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
</web-app>
第一篇博客,也不review一遍了,如果有错误的地方,敬请指出