我想使用基本身份验证(用户名/密码(访问v2 API,我已经完成了以下所有更改。但是当我点击 Web 服务 URL 时,我会收到一个弹出窗口,用于提供用户名/密码,该用户名/密码没有占用(验证(我的用户名/密码。我确定我输入了正确的用户名和密码。
网站.xml:
<security-role>
<description>
The role that is required to access the application
</description>
<role-name>admin</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>RestrictedWebResource</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<!-- transport-guarantee can be CONFIDENTIAL, INTEGRAL, or NONE -->
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
安全性-v2-spring.xml:
<security:http auto-config="true" use-expressions="true"> <security:intercept-url pattern="/rest/*" access="admin" />
<security:http-basic />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="ash" password="ash" authorities="admin" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
雄猫用户.xml:
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="ash" password="ash" roles="admin,manager"/>
</tomcat-users>
config/local.properties:
hybris.security.http.basic.auth.enable=true
hybris.security.http.basic.auth.username=ash
hybris.security.http.basic.auth.password=ash
Tomcat-用户.xml位置在服务器中也正确配置.xml
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
我尝试访问的端点 URL 是
https://localhost:9002/rest/v2/**/**/**
通常的管理控制台管理员/nimda也不起作用。我已经为此打破了一个多星期了。任何帮助都会很棒。提前谢谢。
从 URL 来看,您似乎正在尝试访问 OCC API。
对 OCC 的访问与常规身份验证无关。
您需要使用OAuthClientDetails模型创建 OAuth 客户端并为其授予适当的权限。
样品-
INSERT_UPDATE OAuthClientDetails;clientId[unique=true];resourceIds;scope;authorizedGrantTypes;clientSecret;authorities
;abc;hybris;basic;authorization_code,refresh_token,password,client_credentials;password;ROLE_TRUSTED_CLIENT