首页 诗词 字典 板报 句子 名言 友答 励志 学校 网站地图
当前位置: 首页 > 教程频道 > 软件管理 > 软件架构设计 >

REST保险实践·3.DIGEST认证

2013-10-16 
REST安全实践·3.DIGEST认证3. UserDatabaseRealm + DIGEST认证Accesses authentication information store

REST安全实践·3.DIGEST认证

3. UserDatabaseRealm + DIGEST认证
    Accesses authentication information stored in an UserDatabase JNDI resource, which is typically backed by an XML document (conf/tomcat-users.xml).通过读取XML格式的JNDI资源,获取认证信息

    3.1 创建Realm所需的数据表

    mysqldump simple_service_book -uroot -p > security.sql

    3.2 配置UserDatabaseRealm

    $CATALINA_BASE/conf/server.xml

    <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> 

    Eclipse内置Tomcat配置?REST保险实践·3.DIGEST认证

    $CATALINA_BASE/conf/tomcat-users.xml

    <?xml version="1.0" encoding="UTF-8"?><tomcat-users>    <role rolename="admin" />    <role rolename="user" />    <user name="eric" password="han" roles="admin" />    <user name="caroline" password="zhang" roles="user" /></tomcat-users>

    Eclipse内置Tomcat tomcat-users配置?REST保险实践·3.DIGEST认证

    3.3 数据库驱动

    $CATALINA_HOME/lib

    M2_REPO/mysql/mysql-connector-java/5.1.25/mysql-connector-java-5.1.25.jar

    3.4 配置应用的web.xml

    /security-rest/src/main/webapp/WEB-INF/web.xml

    <security-constraint>    <web-resource-collection>        <url-pattern>/webapi/*</url-pattern>        <http-method>GET</http-method>        <http-method>POST</http-method>        <http-method>UPDATE</http-method>        <http-method>DELETE</http-method>    </web-resource-collection>    <auth-constraint>        <role-name>admin</role-name>    </auth-constraint></security-constraint><security-constraint>    <web-resource-collection>        <url-pattern>/webapi/*</url-pattern>        <http-method>GET</http-method>    </web-resource-collection>    <auth-constraint>        <role-name>user</role-name>    </auth-constraint></security-constraint><login-config>    <auth-method>DIGEST</auth-method></login-config>

    3.5 DIGEST认证

    C:\Users\hanl.m2\repository\org\apache\tomcat\tomcat-catalina\7.0.42\tomcat-catalina-7.0.42-sources.jar

    Realm.authenticate()?REST保险实践·3.DIGEST认证?组合加密、比较都是在服务器端完成的。 md5(md5(username:realm:password):nonce:nc:cnonce:qop:md5(httpmethod:uri))

    3.6 应用权限测试

    DIGEST认证与BASIC认证的算法不同,但呈现方式相同。都是弹出窗口,让用户输入用户名和口令。

热点排行