Milton.io身份驗證

Question

我寫了一個小的grails webapp。我正在使用milton.io通過webdav訪問一些內容。 因此，webdav仍然在工作，我可以放置，獲取，刪除文件 - 等等。 但現在我想添加身份驗證和授權。這裏的問題是：

Resource接口給了我2種方法：

Object authenticate(String user, String password); 
boolean authorise(Request request, Request.Method method, Auth auth); 

所以我的資源類實現了資源的接口，但該方法身份驗證時不會被框架調用。我是否必須自己實施Auth Basic？

我對米爾頓的認識很差。可能我忘記了一些東西，導致我的webdav客戶端（例如屍體）從不要求輸入用戶名/密碼。

感謝所有幫助 彼得Waver的

我的資源類的簽名：

class SResource implements GetableResource, PropFindableResource, Resource, DeletableResource, MoveableResource, ReportableResource, CopyableResource 

class SFileResource extends SResource implements ReplaceableResource 

class SFolderResource extends SResource implements PutableResource, MakeCollectionableResource, CollectionResource 

這裏是製造商，以獲得HttpManager

class SMiltonConfig implements MiltonConfigurator { 


protected HttpManagerBuilder builder; 
protected List<Initable> initables; 
protected HttpManager httpManager; 

public SMiltonConfig(){ 
    try { 
     // Attempt to use Enterprise edition build if available 
     Class builderClass = Class.forName("io.milton.ent.config.HttpManagerBuilderEnt"); 
     builder = (HttpManagerBuilder) builderClass.newInstance(); 
     println ("load Ent. HTTP Manager") 
    } catch (InstantiationException ex) { 
     builder = new HttpManagerBuilder(); 
     println ("load Std. HTTP Manager") 
    } catch (IllegalAccessException ex) { 
     println ("load Std. HTTP Manager") 
     builder = new HttpManagerBuilder(); 
    } catch (ClassNotFoundException ex) { 
     println ("load Std. HTTP Manager") 
     builder = new HttpManagerBuilder(); 
    } 
} 

@Override 
public HttpManager configure(Config arg0) throws ServletException { 
    ResourceFactory rf = new SResourceFactory(); 
    builder.setMainResourceFactory(rf); 
    checkAddInitable(initables, builder.getMainResourceFactory()); 
    httpManager = builder.buildHttpManager(); 
    for(Initable i : initables) { 
     i.init(config, httpManager); 
    } 
    return httpManager; 
} 

@Override 
public void shutdown() { 
    httpManager.shutdown() 
    for(Initable i : initables) { 
     i.destroy(httpManager); 
    }   
} 

private void checkAddInitable(List<Initable> initables, Object o) { 
    if(o instanceof Initable) { 
     initables.add((Initable)o); 
    } else if(o instanceof List) { 
     for(Object o2 : (List)o) { 
      checkAddInitable(initables, o2); 
     } 
    } 
} 
} 

而這裏ResourceFactory

class SResourceFactory implements ResourceFactory { 

def fileSystemService 

public SResourceFactory(){ 
    println "loading resource Factory" 
    def ctx = ServletContextHolder.servletContext.getAttribute(GrailsApplicationAttributes.APPLICATION_CONTEXT) 
    fileSystemService = ctx.fileSystemService 
} 

@Override 
public Resource getResource(String host, String strPath) 
throws NotAuthorizedException, BadRequestException { 
    SResource sfr 
    sfr = fileSystemService.getFolderByPath(strPath) 
    return sfr 
} 
} 

Answer 1

如果您需要基本身份驗證 - 您必須啓用它。因此，將以下行添加到SMiltonConfig類的配置方法中。

builder.setEnableOptionsAuth(true); // enables auth 
builder.setEnableBasicAuth(true); // optional 

這裏的資源的一個例子授權法

@Override 
    public boolean authorise(Request r, Method m, Auth a) { 
     return a != null; 
    } 

希望它可以幫助

弗洛裏安Pfann