英文:
authentication for restapi which shared by multiple webapps
问题
我有3个应用:a.war、b.war和restful.war,它们都在同一个Tomcat中。
restful.war是一个Spring Boot、Spring MVC项目,为a.war和b.war提供RESTful调用。
a.war和b.war是独立的Web应用,它们都有自己的登录系统,用户存储在不同的数据库表中,例如a.war的用户存储在tableA中,b.war的用户存储在tableB中。
对于a.war和b.war,有两种调用restful.war的方式:
- 通过
org.apache.http.impl.client.DefaultHttpClient.execute()在a.war、b.war的Java代码中调用restful.war的代码。 - 通过ajax在
a.war、b.war的HTML/JSP页面中调用restful.war。
我的目标是:只有登录到a.war或b.war的用户才能调用restful.war,我该如何做到这一点?
英文:
I have 3 wars: a.war, b.war and restful.war, they are in the same tomcat.
restful.war is a spring boot, spring mvc project, it provides restful call for a.war and b.war.
a.war and b.war are independent webapps, they all have their own login system, their users are stored in different database tables, e.g. the users of a.war are stored in tableA, the users of b.war are stored in tableB.
for a.war and b.war, there are two places to call restful.war:
- call code of
restful.warfrom java code ina.war,b.warviaorg.apache.http.impl.client.DefaultHttpClient.execute() - call
restful.warfrom html/jsp page ofa.war,b.warvia ajax
what I want is : only the user who login a.war or b.war can call restful.war, how can I do that?
答案1
得分: 1
在“restful”应用程序中实现基本身份验证,并从“a”和“b”调用其端点,使用适当的“Authorization”标头。<b> 这将解决以下问题,即如果“restful”从“a”或“b”收到调用,则会做出响应,否则将抛出403禁止错误。</b>
英文:
Implement basic authentication in 'restful' application and call its endpoint from 'a' and 'b' with proper "Authorization" header. <b> So this will solve problem where if 'restful' gets a call from 'a' or 'b' it will respond or else it will throw 403 forbidden error.</b>
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论