在java中使用http頭傳遞基本認證詳細信息

Question

我在我寧靜的Web服務中實現spring security。我正在使用http-basic身份驗證，現在當我嘗試訪問我的服務時，出現一個Windows安全對話框，詢問用戶名和密碼，現在我想通過http頭傳遞用戶名和密碼，這樣我就不需要僅在安全對話框中輸入詳細信息。我的安全配置文件看起來喜歡 -

<beans:beans xmlns="http://www.springframework.org/schema/security" 
    xmlns:beans="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
    http://www.springframework.org/schema/security 
    http://www.springframework.org/schema/security/spring-security-3.1.xsd"> 

    <http auto-config="true" create-session="stateless"> 
     <intercept-url pattern="/**" access="ROLE_USER" /> 
     <http-basic /> 
    </http> 

    <authentication-manager> 
     <authentication-provider> 
     <!-- <user-service> 
     <user name="yoman" password="123456" authorities="ROLE_USER" /> 
     </user-service> --> 
     <jdbc-user-service data-source-ref="dataSource" 

      users-by-username-query=" 
       select username,password, enabled 
       from users where username=?" 

      authorities-by-username-query=" 
       select u.username, ur.authority from users u, user_roles ur 
       where u.user_id = ur.user_id and u.username =? " 

     /> 
     </authentication-provider> 
    </authentication-manager> 

</beans:beans> 

，我試圖使用授權頭像這個 -

HttpHeaders requestHeaders = new HttpHeaders(); 
requestHeaders.set("Authorization", "Basic " 
     + "username:password"); 

通過用戶名和密碼，但仍然每次，當我訪問該服務的要求我的用戶名和密碼。

我在做什麼錯，什麼是正確的方法在這裏。我會非常感謝您提供的任何幫助。

Answer 1

您可以使用RestTemplate與Apache Commons Http Client .Build一個CommonsHttpClientFactory 並注入它的構造函數參數傳遞給resttemplate，你是好到go.Here是一些基本的配置，讓您開始。

的context.xml

<bean id="webServiceClient" class="com.webserviceclient.Client"> 
     <constructor-arg ref="restTemplate"/> 
     <constructor-arg ref="credentials"/> 
    </bean> 

    <bean id="httpClientParams" class="org.apache.commons.httpclient.params.HttpClientParams"> 
     <property name="authenticationPreemptive" value="true"/> 
     <property name="connectionManagerClass" 
        value="org.apache.commons.httpclient.MultiThreadedHttpConnectionManager"/> 
    </bean> 
    <bean id="httpClient" class="org.apache.commons.httpclient.HttpClient"> 
     <constructor-arg ref="httpClientParams"/> 
    </bean> 
    <bean id="credentials" class="org.apache.commons.httpclient.UsernamePasswordCredentials"> 
     <constructor-arg><value>${webservice.username}</value></constructor-arg> 
     <constructor-arg><value>${webservice.password}</value></constructor-arg> 
    </bean> 
    <bean id="httpClientFactory" class="org.springframework.http.client.CommonsClientHttpRequestFactory"> 
     <constructor-arg ref="httpClient"/> 
    </bean> 

    <bean id="restTemplate" class="org.springframework.web.client.RestTemplate"> 
     <constructor-arg ref="httpClientFactory"/> 

     <property name="messageConverters"> 
      <list> 
       <bean class="org.springframework.http.converter.json.MappingJacksonHttpMessageConverter"> 
       </bean> 
      </list> 
     </property> 
    </bean> 

    <bean id="jaxbMarshaller" class="org.springframework.oxm.jaxb.Jaxb2Marshaller"> 
     <property name="classesToBeBound"> 
      <list> 
       <value>your classes</value> 
      </list> 
     </property> 
    </bean> 

Client.java

public class Client { 

    private final RestTemplate restTemplate; 
    private final Credentials credentials; 


    public Client(RestTemplate restTemplate, Credentials credentials) { 
     this.restTemplate = restTemplate; 
     this.credentials = credentials; 
     CommonsClientHttpRequestFactory factory = (CommonsClientHttpRequestFactory) restTemplate.getRequestFactory(); 
     HttpClient client = factory.getHttpClient(); 
     client.getState().setCredentials(AuthScope.ANY, this.credentials); 
    } 
    //consuming websevice 
    public <yourObject> get(String url) 
    { 
     return restTemplate.getForObject(url, <yourObject>.class); 
    } 

} 

乾杯。