我想讓一個客戶端將REST調用到一個jhipster生成的webapp。 而我似乎誤解了一些信息來做到這一點。在java中製作一個Jhipster REST客戶端
我發現是在application.yml我需要啓用cors選項。 所以我註釋掉如下:
jhipster:
cors: #By default CORS are not enabled. Uncomment to enable.
allowed-origins: "*"
allowed-methods: GET, PUT, POST, DELETE, OPTIONS
allowed-headers: "*"
exposed-headers:
allow-credentials: true
max-age: 1800
這將使REST調用可能。
我想我還需要啓用這個,但我不知道:
security:
basic:
enabled: true
我希望,我可以作出這樣一個電話:
import com.fasterxml.jackson.databind.ObjectMapper;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.api.client.filter.HTTPBasicAuthFilter;
....
Client client = Client.create();
client.addFilter(new HTTPBasicAuthFilter("admin", "admin"));
WebResource webResource = client.resource("http://localhost:8080/api/example");
但我得到一個所以我錯過了什麼?
這裏我.yo-rc.json文件:
{
"generator-jhipster": {
"jhipsterVersion": "3.0.0",
"baseName": "tinybotsWeb",
"packageName": "nl.tinybots.web",
"packageFolder": "nl/tinybots/web",
"serverPort": "8080",
"authenticationType": "session",
"hibernateCache": "ehcache",
"clusteredHttpSession": "no",
"websocket": "no",
"databaseType": "sql",
"devDatabaseType": "mysql",
"prodDatabaseType": "mysql",
"searchEngine": "elasticsearch",
"buildTool": "maven",
"enableSocialSignIn": true,
"rememberMeKey": "6799bca03613c99e29cd3c1bb7ac878157250d87",
"useSass": false,
"applicationType": "monolith",
"testFrameworks": [
"gatling",
"cucumber",
"protractor"
],
"enableTranslation": true,
"nativeLanguage": "nl",
"languages": [
"nl",
"en",
"de"
]
}
}
添加以下到SecuryConfiguration:
http
.csrf()
.ignoringAntMatchers("/basicAuthApi/**")
...
.and()
.authorizeRequests()
.antMatchers("/basicAuthApi/**")
.hasAuthority(AuthoritiesConstants.BASIC_AUTH).and().httpBasic()
...
,現在我可以提出請求。
我現在的問題是: 是我應該怎麼做的? 安全嗎? 這是什麼?:做
security:
basic:
enabled: true
這可能是因爲我首先要對像一個URL驗證來生成REST客戶端:API /認證獲得令牌。但我沒有得到這個工作。 – tibi