我有一個我想要的API。我遵循Example。該API是安全的,但該請求不會被轉發到API,我看不到API的響應。 該API有一些動態URI變量被設置。如果我硬編碼的uri模板,然後該API的作品,但如果我不它只是掛起!WSO2基本身份驗證和url重定向
JAVA CLASS
package com.pru.basicauth.handler.rest;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.core.axis2.Axis2Sender;
import org.apache.synapse.rest.Handler;
public class BasicAuthHandler1 implements Handler {
public void addProperty(String s, Object o) {
//To change body of implemented methods use File | Settings | File Templates.
}
public Map getProperties() {
return null; //To change body of implemented methods use File | Settings | File Templates.
}
public boolean handleRequest(MessageContext messageContext) {
org.apache.axis2.context.MessageContext axis2MessageContext
= ((Axis2MessageContext) messageContext).getAxis2MessageContext();
Object headers = axis2MessageContext.getProperty(
org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
if (headers != null && headers instanceof Map) {
Map headersMap = (Map) headers;
if (headersMap.get("Authorization") == null) {
headersMap.clear();
axis2MessageContext.setProperty("HTTP_SC", "401");
headersMap.put("WWW-Authenticate", "Basic realm=\"WSO2 ESB\"");
axis2MessageContext.setProperty("NO_ENTITY_BODY", new Boolean("true"));
messageContext.setProperty("RESPONSE", "true");
messageContext.setTo(null);
Axis2Sender.sendBack(messageContext);
return false;
} else {
String authHeader = (String) headersMap.get("Authorization");
String credentials = authHeader.substring(6).trim();
if (processSecurity(credentials)) {
**headersMap.clear(); //This worked for me!**
return true;
} else {
headersMap.clear();
axis2MessageContext.setProperty("HTTP_SC", "403");
axis2MessageContext.setProperty("NO_ENTITY_BODY", new Boolean("true"));
messageContext.setProperty("RESPONSE", "true");
messageContext.setTo(null);
Axis2Sender.sendBack(messageContext);
return false;
}
}
}
return true;
}
public boolean handleResponse(MessageContext messageContext) {
return true;
}
public boolean processSecurity(String credentials) {
String decodedCredentials = new String(new Base64().decode(credentials.getBytes()));
String userName = decodedCredentials.split(":")[0];
String password = decodedCredentials.split(":")[1];
if ("admin".equals(userName) && "admin".equals(password)) {
return true;
} else {
return false;
}
}
}
API的作品!
<api xmlns="http://ws.apache.org/ns/synapse" name="TApi" context="/ta">
<resource methods="GET" url-mapping="/city" protocol="https" outSequence="conf:/taOut">
<inSequence>
<sequence key="conf:/taConf"/>
<property name="ContentType" value="text/plain" scope="axis2"/>
<property name="POST_TO_URI" value="true" scope="axis2"/>
<send>
<endpoint>
<http trace="enable" method="GET" uri-template="http://abcd:1234/html/en/default/rest/Integration?USERNAME=XXXXXX&PASSWORD=xxxxxxx&ioName=Geography%20-%20Database%20-%20Create%20City%20Inbound"/>
</endpoint>
</send>
</inSequence>
<faultSequence/>
</resource>
</api>
API不起作用
<api xmlns="http://ws.apache.org/ns/synapse" name="TApi" context="/ta">
<resource methods="GET" url-mapping="/city" protocol="https" outSequence="conf:/taOut">
<inSequence>
<sequence key="conf:/taConf"/>
<property name="ContentType" value="text/plain" scope="axis2"/>
<property name="POST_TO_URI" value="true" scope="axis2"/>
<send>
<endpoint>
<http trace="enable" method="GET" uri-template="{uri.var.service.host}:{uri.var.service.port}/html/en/default/rest/Integration?USERNAME={uri.var.service.user}&PASSWORD={uri.var.service.pass}&ioName=Geography%20-%20Database%20-%20Create%20City%20Inbound"/>
</endpoint>
</send>
</inSequence>
<faultSequence/>
</resource>
</api>
taConf
<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="conf:taConf">
<property name="uri.var.service.user"
value="XXXXX"
scope="default"
type="STRING"/>
<property name="uri.var.service.pass"
value="XXXXXXXX"
scope="default"
type="STRING"/>
<property name="uri.var.service.host"
value="XXXXXXX"
scope="default"
type="STRING"/>
<property name="uri.var.service.port"
value="XXXXX"
scope="default"
type="STRING"/>
</sequence>
TAOUT
<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse"
name="conf:taOut"
trace="enable">
<out>
<filter xmlns:ns="http://org.apache.synapse/xsd"
source="get-property('axis2', 'HTTP_SC')"
regex="^(2[0-9][0-9])$">
<then>
<payloadFactory media-type="text">
<format>RetCode=C;Message=Success</format>
</payloadFactory>
<send/>
</then>
<else>
<payloadFactory media-type="text">
<format>RetCode=F;Message=Failed because Itegration Exception</format>
</payloadFactory>
</else>
</filter>
</out>
</sequence>
HTTP日誌
[2016-05-19 09:20:52,020] DEBUG - wire >> "GET /t/city HTTP/1.1[\r][\n]"
[2016-05-19 09:20:52,021] DEBUG - wire >> "Host: 48.123.84.5:8243[\r][\n]"
[2016-05-19 09:20:52,021] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2016-05-19 09:20:52,021] DEBUG - wire >> "User-Agent: Apache-HttpClient/4.3.1 (java 1.5)[\r][\n]"
[2016-05-19 09:20:52,021] DEBUG - wire >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2016-05-19 09:20:52,022] DEBUG - wire >> "[\r][\n]"
[2016-05-19 09:20:52,024] DEBUG - wire << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2016-05-19 09:20:52,024] DEBUG - wire << "WWW-Authenticate: Basic realm="WSO2 ESB"[\r][\n]"
[2016-05-19 09:20:52,024] DEBUG - wire << "Date: Thu, 19 May 2016 13:20:52 GMT[\r][\n]"
[2016-05-19 09:20:52,024] DEBUG - wire << "Transfer-Encoding: chunked[\r][\n]"
[2016-05-19 09:20:52,025] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2016-05-19 09:20:52,025] DEBUG - wire << "[\r][\n]"
[2016-05-19 09:20:52,025] DEBUG - wire << "0[\r][\n]"
[2016-05-19 09:20:52,025] DEBUG - wire << "[\r][\n]"
[2016-05-19 09:20:52,048] DEBUG - wire >> "G"
[2016-05-19 09:20:52,049] DEBUG - wire >> "ET /tririga/city HTTP/1.1[\r][\n]"
[2016-05-19 09:20:52,049] DEBUG - wire >> "Host: 48.123.84.5:8243[\r][\n]"
[2016-05-19 09:20:52,050] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2016-05-19 09:20:52,050] DEBUG - wire >> "User-Agent: Apache-HttpClient/4.3.1 (java 1.5)[\r][\n]"
[2016-05-19 09:20:52,050] DEBUG - wire >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2016-05-19 09:20:52,051] DEBUG - wire >> "Authorization: Basic YWaaaa6YWRtaW4=[\r][\n]"
[2016-05-19 09:20:52,051] DEBUG - wire >> "[\r][\n]"
[2016-05-19 09:20:52,055] INFO - LogMediator host = localhost, port = 1234, user = XXXXXX, pass = XXXXXX
[2016-05-19 09:20:52,065] DEBUG - wire << "GET http://localhost:1234/aaaa?USERNAME=XXXXXX&PASSWORD=XXXXXX&ioName=Geogra
phy%20-%20Database%20-%20Create%20City%20Inbound HTTP/1.1[\r][\n]"
[2016-05-19 09:20:52,065] DEBUG - wire << "Authorization: Basic YWRtaaaaaaRtaW4=[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "Accept-Encoding: gzip,deflate[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "Host: localhost:1234[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "User-Agent: Synapse-PT-HttpComponents-NIO[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "[\r][\n]"
[2016-05-19 09:20:52,076] DEBUG - wire >> "HTTP/1.1 401 Unauthorized[\r][\n]"
[2016-05-19 09:20:52,076] DEBUG - wire >> "Date: Thu, 19 May 2016 13:20:51 GMT[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "Content-Length: 13[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "Content-Type: text/html;charset=UTF-8[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "WWW-Authenticate: Basic[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "Set-Cookie: JSESSIONID=8p3JLQcWIB7Y97_t6gSnVCJ2zze328m0-vRF1-QajTGg3pn5T-Fj!1643223368; path=/[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "X-UA-Compatible: IE=edge[\r][\n]"
[2016-05-19 09:20:52,078] DEBUG - wire >> "[\r][\n]"
[2016-05-19 09:20:52,078] DEBUG - wire >> "Login Failed."
謝謝
謝謝你的迴應,我已經試過這沒有處理程序,它工作正常。但是,當我添加處理程序,它似乎並沒有工作。最初,它發送沒有授權標頭的請求,然後它獲得包含Authorization:Basic sadashdlas =的標頭,並將其解碼並檢查。它傳遞並返回true。仍然我一直未經授權403(登錄失敗)。 – sarvs
最後,它通過對java類進行以下更改對我有用。在將它發送到api之前,我清除了標題。這幾乎爲我做了。 – sarvs