10

Dropwizard管理ポータルを認証して、通常のユーザーがアクセスできないようにする方法は?助けてください

4

3 に答える 3

16

あなたの設定では、次のように設定adminUsernameしてadminPassword下に置くことができます:http

http:
  adminUsername: user1234
  adminPassword: pass5678
于 2012-10-20T21:09:51.740 に答える
15

DW 0.7の場合、私のアプローチは次のようになります。

public class AdminConstraintSecurityHandler extends ConstraintSecurityHandler {

    private static final String ADMIN_ROLE = "admin";

    public AdminConstraintSecurityHandler(final String userName, final String password) {
        final Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, ADMIN_ROLE);
        constraint.setAuthenticate(true);
        constraint.setRoles(new String[]{ADMIN_ROLE});
        final ConstraintMapping cm = new ConstraintMapping();
        cm.setConstraint(constraint);
        cm.setPathSpec("/*");
        setAuthenticator(new BasicAuthenticator());
        addConstraintMapping(cm);
        setLoginService(new AdminMappedLoginService(userName, password, ADMIN_ROLE));
    }
}

public class AdminMappedLoginService extends MappedLoginService {

    public AdminMappedLoginService(final String userName, final String password, final String role) {
        putUser(userName, new Password(password), new String[]{role});
    }

    @Override
    public String getName() {
        return "Hello";
    }

    @Override
    protected UserIdentity loadUser(final String username) {
        return null;
    }

    @Override
    protected void loadUsers() throws IOException {
    }
}

そしてそれらを次のように使用します:

environment.admin().setSecurityHandler(new AdminConstraintSecurityHandler(...))
于 2014-05-23T12:01:46.020 に答える
4

新しいJettyバージョンにはがないMappedLoginServiceため、@Kamilの回答は機能しなくなります。Dropwizard 1.2.2の時点で機能するように、回答を変更しました。

public class AdminConstraintSecurityHandler extends ConstraintSecurityHandler {

    private static final String ADMIN_ROLE = "admin";

    public AdminConstraintSecurityHandler(final String userName, final String password) {
        final Constraint constraint = new Constraint(Constraint.__BASIC_AUTH, ADMIN_ROLE);
        constraint.setAuthenticate(true);
        constraint.setRoles(new String[]{ADMIN_ROLE});
        final ConstraintMapping cm = new ConstraintMapping();
        cm.setConstraint(constraint);
        cm.setPathSpec("/*");
        setAuthenticator(new BasicAuthenticator());
        addConstraintMapping(cm);
        setLoginService(new AdminLoginService(userName, password));
    }

    public class AdminLoginService extends AbstractLoginService {

        private final UserPrincipal adminPrincipal;
        private final String adminUserName;

        public AdminLoginService(final String userName, final String password) {
            this.adminUserName = Objects.requireNonNull(userName);
            this.adminPrincipal = new UserPrincipal(userName, new Password(Objects.requireNonNull(password)));
        }


        @Override
        protected String[] loadRoleInfo(final UserPrincipal principal) {
            if (adminUserName.equals(principal.getName())) {
                return new String[]{ADMIN_ROLE};
            }
            return new String[0];
        }

        @Override
        protected UserPrincipal loadUserInfo(final String userName) {
            return adminUserName.equals(userName) ? adminPrincipal : null;
        }
    }
}
于 2018-02-12T23:12:42.837 に答える