2
Я имею вопросы создания дайджеста аутентификации с пружинным безопасности:Digest Auth в Spring Security с REST и Javaconfig
Мой SecurityConfig:
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter
{
@Autowired
private UserService userService;
@Override
@Bean
public UserDetailsService userDetailsServiceBean() {
return userService;
}
@Override
protected void configure(AuthenticationManagerBuilder registry) throws Exception {
registry.userDetailsService(userDetailsServiceBean());
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.exceptionHandling()
.authenticationEntryPoint(digestEntryPoint())
.and()
.addFilterAfter(digestAuthenticationFilter(digestEntryPoint()), BasicAuthenticationFilter.class)
.antMatcher("/**")
.csrf()
.disable()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.formLogin()
.permitAll()
.and()
.logout()
.deleteCookies("remove")
.invalidateHttpSession(true)
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/login")
.permitAll();
}
@Bean
public DigestAuthenticationEntryPoint digestEntryPoint() {
DigestAuthenticationEntryPoint digestAuthenticationEntryPoint = new DigestAuthenticationEntryPoint();
digestAuthenticationEntryPoint.setKey("acegi");
digestAuthenticationEntryPoint.setRealmName("Digest Realm");
digestAuthenticationEntryPoint.setNonceValiditySeconds(10);
return digestAuthenticationEntryPoint;
}
@Bean
public DigestAuthenticationFilter digestAuthenticationFilter(
DigestAuthenticationEntryPoint digestAuthenticationEntryPoint) {
DigestAuthenticationFilter digestAuthenticationFilter = new DigestAuthenticationFilter();
digestAuthenticationFilter.setAuthenticationEntryPoint(digestEntryPoint());
digestAuthenticationFilter.setUserDetailsService(userDetailsServiceBean());
return digestAuthenticationFilter;
}
}
С UserService из:
@Component
public class UserService implements UserDetailsService {
@Autowired
UserRepository userRepository;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userRepository.findByUsername(username);
if (user == null) {
throw new UsernameNotFoundException("UserName " + username + " not found");
} else {
return user;
}
}
}
При попытке получить доступ к API с помощью Digest я получаю его после возвращения:
{
"timestamp": "2015-11-25T13:51:01.874+0000",
"status": 401,
"error": "Unauthorized",
"message": "Nonce should have yielded two tokens but was ",
"path": "/api/"
}
Работает базовый auth. Что не так с дайджестом?
разослал запрос с Почтальон:
Digest username="admin", realm="Digest Realm", nonce="", uri="/api/", response="762b17f23b0e1a2d56cd159805732d7b", opaque=""
Спасибо. Забыл добавить nonce, который был возвращен с сервера! – user1601401