个人中心
文章发布
退出
作者热门文章
- android - 多次调用 OnPrimaryClipChangedListener
- android - 无法更新 RecyclerView 中的 TextView 字段
- android.database.CursorIndexOutOfBoundsException : Index 0 requested, 光标大小为 0
- android - 使用 AppCompat 时,我们是否需要明确指定其 UI 组件(Spinner、EditText)颜色
27
4
我需要配置我的 CAS 服务器 (v5.3.6) 以使用编码方法进行数据库身份验证。不幸的是,CAS 默认的哈希服务(Apache Shiro 的)deos 不能满足我的需求,所以我必须自定义密码编码器。
答案here似乎很适合我的情况。按照建议,我将文件 QueryAndEncodeDatabaseAuthenticationHandler.java 和 AbstractJdbcUsernamePasswordAuthenticationHandler.java 放在路径 src/main/java/org/apereo/cas/adaptors/jdbc 下的 Maven 覆盖中,然后尝试编译它(mvn clean package)。想法是根据我的需要自定义类QueryAndEncodeDatabaseAuthenticationHandler中的函数digestEncodedPassword。但在尝试之前,我只是尝试编译两个未修改的 java CAS 文件。在这样做的过程中,我遇到了几个编译错误:
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building cas 1.0
[INFO] ------------------------------------------------------------------------
Downloading: https://build.shibboleth.net/nexus/content/repositories/releases/com/nimbusds/lang-tag/maven-metadata.xml
[WARNING] Could not transfer metadata com.nimbusds:lang-tag/maven-metadata.xml from/to shib-release (https://build.shibboleth.net/nexus/content/repositories/releases): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ cas ---
[INFO] Deleting /opt/cas5_3_6/target
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ cas ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO]
[INFO] --- maven-compiler-plugin:2.5.1:compile (default-compile) @ cas ---
[INFO] Compiling 2 source files to /opt/cas5_3_6/target/classes
[INFO] -------------------------------------------------------------
[ERROR] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/AbstractJdbcUsernamePasswordAuthenticationHandler.java:[4,52] error: package org.apereo.cas.authentication.handler.support does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/AbstractJdbcUsernamePasswordAuthenticationHandler.java:[5,46] error: package org.apereo.cas.authentication.principal does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/AbstractJdbcUsernamePasswordAuthenticationHandler.java:[19,80] error: cannot find symbol
[ERROR] symbol: class AbstractUsernamePasswordAuthenticationHandler
/opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/AbstractJdbcUsernamePasswordAuthenticationHandler.java:[25,125] error: cannot find symbol
[ERROR] symbol: class PrincipalFactory
location: class AbstractJdbcUsernamePasswordAuthenticationHandler
/opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[10,36] error: cannot find symbol
[ERROR] symbol: class AuthenticationHandlerExecutionResult
location: package org.apereo.cas.authentication
/opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[11,36] error: cannot find symbol
[ERROR] symbol: class PreventedException
location: package org.apereo.cas.authentication
/opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[12,36] error: cannot find symbol
[ERROR] symbol: class UsernamePasswordCredential
location: package org.apereo.cas.authentication
/opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[13,47] error: package org.apereo.cas.authentication.exceptions does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[14,47] error: package org.apereo.cas.authentication.exceptions does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[15,46] error: package org.apereo.cas.authentication.principal does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[104,119] error: cannot find symbol
[ERROR] symbol: class PrincipalFactory
location: class QueryAndEncodeDatabaseAuthenticationHandler
/opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[123,94] error: cannot find symbol
[ERROR] symbol: class UsernamePasswordCredential
location: class QueryAndEncodeDatabaseAuthenticationHandler
/opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[123,14] error: cannot find symbol
[ERROR] symbol: class AuthenticationHandlerExecutionResult
location: class QueryAndEncodeDatabaseAuthenticationHandler
/opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[125,41] error: cannot find symbol
[INFO] 14 errors
[INFO] -------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 2.887 s
[INFO] Finished at: 2018-12-29T14:30:58+00:00
[INFO] Final Memory: 52M/407M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:2.5.1:compile (default-compile) on project cas: Compilation failure: Compilation failure:
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/AbstractJdbcUsernamePasswordAuthenticationHandler.java:[4,52] error: package org.apereo.cas.authentication.handler.support does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/AbstractJdbcUsernamePasswordAuthenticationHandler.java:[5,46] error: package org.apereo.cas.authentication.principal does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/AbstractJdbcUsernamePasswordAuthenticationHandler.java:[19,80] error: cannot find symbol
[ERROR] symbol: class AbstractUsernamePasswordAuthenticationHandler
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/AbstractJdbcUsernamePasswordAuthenticationHandler.java:[25,125] error: cannot find symbol
[ERROR] symbol: class PrincipalFactory
[ERROR] location: class AbstractJdbcUsernamePasswordAuthenticationHandler
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[10,36] error: cannot find symbol
[ERROR] symbol: class AuthenticationHandlerExecutionResult
[ERROR] location: package org.apereo.cas.authentication
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[11,36] error: cannot find symbol
[ERROR] symbol: class PreventedException
[ERROR] location: package org.apereo.cas.authentication
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[12,36] error: cannot find symbol
[ERROR] symbol: class UsernamePasswordCredential
[ERROR] location: package org.apereo.cas.authentication
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[13,47] error: package org.apereo.cas.authentication.exceptions does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[14,47] error: package org.apereo.cas.authentication.exceptions does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[15,46] error: package org.apereo.cas.authentication.principal does not exist
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[104,119] error: cannot find symbol
[ERROR] symbol: class PrincipalFactory
[ERROR] location: class QueryAndEncodeDatabaseAuthenticationHandler
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[123,94] error: cannot find symbol
[ERROR] symbol: class UsernamePasswordCredential
[ERROR] location: class QueryAndEncodeDatabaseAuthenticationHandler
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[123,14] error: cannot find symbol
[ERROR] symbol: class AuthenticationHandlerExecutionResult
[ERROR] location: class QueryAndEncodeDatabaseAuthenticationHandler
[ERROR] /opt/cas5_3_6/src/main/java/org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.java:[125,41] error: cannot find symbol
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
看来我的安装中缺少几个类。无论如何,我尝试在我的 po.xml 文件中包含所有需要的依赖项...
知道我缺少什么吗???非常感谢您的帮助!
我的 pom.xml 文件:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd ">
<modelVersion>4.0.0</modelVersion>
<groupId>org.mycompany</groupId>
<artifactId>cas</artifactId>
<packaging>war</packaging>
<version>1.0</version>
<build>
<plugins>
<plugin>
<artifactId>maven-war-plugin</artifactId>
<version>3.2.2</version>
<configuration>
<warName>cas</warName>
<failOnMissingWebXml>false</failOnMissingWebXml>
<source>${java.source.version}</source>
<target>${java.target.version}</target>
</configuration>
</plugin>
</plugins>
</build>
<dependencies>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-webapp</artifactId>
<version>${cas.version}</version>
<type>war</type>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-pac4j-webflow</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-json-service-registry</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc-drivers</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>0.10.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-authentication</artifactId>
<version>${cas.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-authentication-api</artifactId>
<version>${cas.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-api-authentication</artifactId>
<version>${cas.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-configuration</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-core-webflow</artifactId>
<version>${cas.version}</version>
</dependency>
</dependencies>
<properties>
<cas.version>5.3.6</cas.version>
<springboot.version>1.5.16.RELEASE</springboot.version>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<app.server>-tomcat</app.server>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
</project>
我的 QueryAndEncodeDatabaseAuthenticationHandler.java 文件(尚未修改!):
package org.apereo.cas.adaptors.jdbc;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.crypto.hash.ConfigurableHashService;
import org.apache.shiro.crypto.hash.DefaultHashService;
import org.apache.shiro.crypto.hash.HashRequest;
import org.apache.shiro.util.ByteSource;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.exceptions.AccountDisabledException;
import org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import javax.sql.DataSource;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Map;
/**
* A JDBC querying handler that will pull back the password and
* the private salt value for a user and validate the encoded
* password using the public salt value. Assumes everything
* is inside the same database table. Supports settings for
* number of iterations as well as private salt.
* <p>
* This handler uses the hashing method defined by Apache Shiro's
* {@link org.apache.shiro.crypto.hash.DefaultHashService}. Refer to the Javadocs
* to learn more about the behavior. If the hashing behavior and/or configuration
* of private and public salts does nto meet your needs, a extension can be developed
* to specify alternative methods of encoding and digestion of the encoded password.
* </p>
*
* @author Misagh Moayyed
* @author Charles Hasegawa
* @since 4.1.0
*/
@Slf4j
public class QueryAndEncodeDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {
/**
* The Algorithm name.
*/
protected String algorithmName;
/**
* The Sql statement to execute.
*/
protected String sql;
/**
* The Password field name.
*/
protected String passwordFieldName = "password";
/**
* The Salt field name.
*/
protected String saltFieldName = "salt";
/**
* The Expired field name.
*/
protected String expiredFieldName;
/**
* The Expired field name.
*/
protected String disabledFieldName;
/**
* The Number of iterations field name.
*/
protected String numberOfIterationsFieldName;
/**
* The number of iterations. Defaults to 0.
*/
protected long numberOfIterations;
/**
* Static/private salt to be combined with the dynamic salt retrieved
* from the database. Optional.
* <p>If using this implementation as part of a password hashing strategy,
* it might be desirable to configure a private salt.
* A hash and the salt used to compute it are often stored together.
* If an attacker is ever able to access the hash (e.g. during password cracking)
* and it has the full salt value, the attacker has all of the input necessary
* to try to brute-force crack the hash (source + complete salt).</p>
* <p>However, if part of the salt is not available to the attacker (because it is not stored with the hash),
* it is much harder to crack the hash value since the attacker does not have the complete inputs necessary.
* The privateSalt property exists to satisfy this private-and-not-shared part of the salt.</p>
* <p>If you configure this attribute, you can obtain this additional very important safety feature.</p>
*/
protected String staticSalt;
public QueryAndEncodeDatabaseAuthenticationHandler(final String name, final ServicesManager servicesManager, final PrincipalFactory principalFactory,
final Integer order, final DataSource dataSource,
final String algorithmName, final String sql, final String passwordFieldName,
final String saltFieldName, final String expiredFieldName, final String disabledFieldName,
final String numberOfIterationsFieldName, final long numberOfIterations,
final String staticSalt) {
super(name, servicesManager, principalFactory, order, dataSource);
this.algorithmName = algorithmName;
this.sql = sql;
this.passwordFieldName = passwordFieldName;
this.saltFieldName = saltFieldName;
this.expiredFieldName = expiredFieldName;
this.disabledFieldName = disabledFieldName;
this.numberOfIterationsFieldName = numberOfIterationsFieldName;
this.numberOfIterations = numberOfIterations;
this.staticSalt = staticSalt;
}
@Override
protected AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential transformedCredential,
final String originalPassword)
throws GeneralSecurityException, PreventedException {
if (StringUtils.isBlank(this.sql) || StringUtils.isBlank(this.algorithmName) || getJdbcTemplate() == null) {
throw new GeneralSecurityException("Authentication handler is not configured correctly");
}
final String username = transformedCredential.getUsername();
try {
final Map<String, Object> values = getJdbcTemplate().queryForMap(this.sql, username);
final String digestedPassword = digestEncodedPassword(transformedCredential.getPassword(), values);
if (!values.get(this.passwordFieldName).equals(digestedPassword)) {
throw new FailedLoginException("Password does not match value on record.");
}
if (StringUtils.isNotBlank(this.expiredFieldName) && values.containsKey(this.expiredFieldName)) {
final String dbExpired = values.get(this.expiredFieldName).toString();
if (BooleanUtils.toBoolean(dbExpired) || "1".equals(dbExpired)) {
throw new AccountPasswordMustChangeException("Password has expired");
}
}
if (StringUtils.isNotBlank(this.disabledFieldName) && values.containsKey(this.disabledFieldName)) {
final String dbDisabled = values.get(this.disabledFieldName).toString();
if (BooleanUtils.toBoolean(dbDisabled) || "1".equals(dbDisabled)) {
throw new AccountDisabledException("Account has been disabled");
}
}
return createHandlerResult(transformedCredential, this.principalFactory.createPrincipal(username), new ArrayList<>(0));
} catch (final IncorrectResultSizeDataAccessException e) {
if (e.getActualSize() == 0) {
throw new AccountNotFoundException(username + " not found with SQL query");
}
throw new FailedLoginException("Multiple records found for " + username);
} catch (final DataAccessException e) {
throw new PreventedException("SQL exception while executing query for " + username, e);
}
}
/**
* Digest encoded password.
*
* @param encodedPassword the encoded password
* @param values the values retrieved from database
* @return the digested password
*/
protected String digestEncodedPassword(final String encodedPassword, final Map<String, Object> values) {
final ConfigurableHashService hashService = new DefaultHashService();
if (StringUtils.isNotBlank(this.staticSalt)) {
hashService.setPrivateSalt(ByteSource.Util.bytes(this.staticSalt));
}
hashService.setHashAlgorithmName(this.algorithmName);
Long numOfIterations = this.numberOfIterations;
if (values.containsKey(this.numberOfIterationsFieldName)) {
final String longAsStr = values.get(this.numberOfIterationsFieldName).toString();
numOfIterations = Long.valueOf(longAsStr);
}
hashService.setHashIterations(numOfIterations.intValue());
if (!values.containsKey(this.saltFieldName)) {
throw new IllegalArgumentException("Specified field name for salt does not exist in the results");
}
final String dynaSalt = values.get(this.saltFieldName).toString();
final HashRequest request = new HashRequest.Builder()
.setSalt(dynaSalt)
.setSource(encodedPassword)
.build();
return hashService.computeHash(request).toHex();
}
}
最后是我的 AbstractJdbcUsernamePasswordAuthenticationHandler.java (也未修改):
package org.apereo.cas.adaptors.jdbc;
import lombok.extern.slf4j.Slf4j;
import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
import javax.sql.DataSource;
/**
* Abstract class for database authentication handlers.
*
* @author Scott Battaglia
* @since 3.0.0.3
*/
@Slf4j
public abstract class AbstractJdbcUsernamePasswordAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler {
private final JdbcTemplate jdbcTemplate;
private final NamedParameterJdbcTemplate namedParameterJdbcTemplate;
private final DataSource dataSource;
public AbstractJdbcUsernamePasswordAuthenticationHandler(final String name, final ServicesManager servicesManager, final PrincipalFactory principalFactory,
final Integer order, final DataSource dataSource) {
super(name, servicesManager, principalFactory, order);
this.dataSource = dataSource;
this.jdbcTemplate = new JdbcTemplate(dataSource);
this.namedParameterJdbcTemplate = new NamedParameterJdbcTemplate(this.jdbcTemplate);
}
/**
* Method to return the jdbcTemplate.
*
* @return a fully created JdbcTemplate.
*/
protected JdbcTemplate getJdbcTemplate() {
return this.jdbcTemplate;
}
protected NamedParameterJdbcTemplate getNamedJdbcTemplate() {
return this.namedParameterJdbcTemplate;
}
protected DataSource getDataSource() {
return this.dataSource;
}
}
最佳答案
最后我通过修改上面的 pom.xml 文件解决了这个问题。特别是,我刚刚将两个依赖项 cas-server-core-authentication-api 和 cas-server-core-api-authentication 移动到依赖项列表的开头(我不知道依赖项列出的顺序可以发挥作用),并且我从它们中删除了属性。通过这两个修改,maven 编译就顺利了!
在这一点上,根据我的需要自定义默认密码编码器非常容易。
关于java - CAS数据库认证: custom password encoder,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53970657/
27
4
0
我正在使用 Tornado 与 twitter 等第三方进行身份验证。 我的登录处理程序看起来像这样 class AuthLoginHandler(BaseHandler, tornado.auth.
有没有一种真正的方法可以在 Pylons 中添加身份验证?我见过很多不同的方法,但大多数方法要么过时,要么过于复杂。是否有教程可以解释如何以良好而可靠的方式添加身份验证? 最佳答案 考虑使用 repo
RESTful 身份验证是什么意思,它是如何工作的?我在谷歌上找不到很好的概述。我唯一的理解是您在 URL 中传递了 session key (记住),但这可能是非常错误的。 最佳答案 如何在 RES
我正在考虑在基于插件的系统中实现安全性的多种方式。现在,当我说“安全”时,我的意思是: a) 插件系统的开发人员如何确保插件在核心平台上的使用是安全的。b) 插件开发人员如何确保在其平台上使用的插件是
我正在使用 WCF Webhttp 服务。我创建了一堆服务,剩下的就是放入用户身份验证... 问题 与其余架构风格保持一致,我是否应该针对用户 db 验证每个服务调用。 如果是这样,我应该在每次调用服
假设我想对 Mifare Classic 进行身份验证。 我如何知道要发送到卡的确切类型的 APDU? 例子。 这段代码: bcla = 0xFF; bins = 0x86; bp1 = 0x0;
我通过在文件 xyz.php 中编写以下代码登录到网站。当我运行这个文件时,我会登录到 moodle 网站。有什么方法可以像下面的登录代码一样注销吗? $user = authenticate_use
我有一个应用程序可以匿名访问除几个之外的所有 xpages。我需要强制用户登录这些 xpages。是使用 beforepageload 事件来检查用户登录页面并将其重定向到正确的方式还是有更好的方法?
我想用 ember.js 实现身份验证。 因此,当应用程序启动时,在路由器处理请求的 url 之前,我想检查用户状态。如果用户未通过身份验证,我想保存请求的 url 并重定向到特定的 url (/lo
您如何执行 jQuery Ajax 调用并在发送请求之前对调用进行身份验证? 我还没有登录所以必须进行身份验证。安全不是任何人都可以访问的问题,只需要进行身份验证。它只是基本的 http 身份验证,您
我尝试使用找到的 swift 代码 here在网站上找到here ,但响应是带有两个错误的 html 代码:“您必须输入密码!”和“您必须输入用户名!”我是 NSURLSession 的新手,并尝试更
我正在尝试连接到 Visa Direct API,但我没有通过基本的 SSL 证书认证,这是我的代码: import requests headers = { 'Content
我正在用 tornado 在 python 中开发一个 REST API,我将实现身份验证和授权,试图避免锁定到其他大项目,即 django。我也在通过论坛和 SO 环顾四周,我喜欢一个可能适合的解决
很难说出这里要问什么。这个问题模棱两可、含糊不清、不完整、过于宽泛或夸夸其谈,无法以目前的形式得到合理的回答。如需帮助澄清此问题以便重新打开,visit the help center . 关闭10
如何在 Android 中通过 HTTP 进行身份验证? 最佳答案 我非常难以在 Android 中通过 HTTP 进行身份验证,因为在浏览器(Web 和 Android native )中它工作完美
我有一些关于登录和 session 的问题。我有这段代码: 数据库查询: login: function(req,callback) { var query = 'SELECT id FROM
我开始使用 Swift 开发 iOS 应用。现在我正处于需要创建登录系统的部分。但是,我们需要人们提供的 LinkedIn 信息。 我如何在 iOS 中使用 OAuth2 API 来实现这一点? 我已
如果没有找到用户,问题出在每个 $routeChangeStart 上,如果我只输入 url,它仍然会引导我访问页面。 现在我已经在服务器上重写了规则。 Options +FollowSymlinks
简单代码 require 'net/http' url = URI.parse('get json/other data here [link]') req = Net::HTTP::Get.new(
参考文档: https://docs.sonarqube.org/latest/instance-administration/security/ 概述 SonarQube具有
我是一名优秀的程序员,十分优秀!