如何创建受保护的 Restlet 资源？

Question

我正在尝试基于此示例创建受保护的 Restlet 资源 http://bipinkunjumon.blogspot.com/2013/05/restlet-application-for-accessing.html:

public class PartApp extends Application {
public  static  final  String  ROOT_URI="localhost:8151/accounts/{accountId}";
public static void main(String[] args) throws Exception
{
    // Create a component
    Component component = new Component();
    component.getServers().add(Protocol.HTTP, 8151);
    component.getClients().add(Protocol.FILE);

    // Create an application
    Application application = new PartApp();

    // Attach the application to the component and start it
    component.getDefaultHost().attachDefault(application);
    component.start();
}

@Override
public Restlet createInboundRoot()
{
    // Create a simple password verifier
    MapVerifier verifier = new MapVerifier();
    verifier.getLocalSecrets().put("scott", "tiger".toCharArray());



    // Create a Guard
    ChallengeAuthenticator authenticator = new ChallengeAuthenticator(
            getContext(), ChallengeScheme.HTTP_BASIC, "Tutorial");
    authenticator.setVerifier(verifier);

    // Create a Directory able to return a deep hierarchy of files
    Directory directory = new Directory(getContext(), ROOT_URI);

    directory.setListingAllowed(true);
    authenticator.setNext(directory);
    return authenticator;
}
}

但它适用于所有服务器资源。例如，如果没有登录名和密码，我无法输入 localhost:8111。但我只需要保护一个资源：localhost:8151/accounts/{accountId} 并为其他资源提供免费访问权限。我怎样才能做到这一点？

Answer 1

根据我在这里找到的代码：，我使用 Java 7 和 Restlet SE 2.3.9:

制作了这个小项目

本项目的2个包中有6个java个文件（都是服务器端代码）：

套餐
```
com.blogspot.javarestlet.httpbasicauth.server.app
```
1. AdminAppStart.java（授权客户端的应用扩展）
2. ClientAppStart.java（未授权客户端的应用程序扩展）[注意：这不是客户端代码。]
3. Main.java（运行服务器的）
套餐
```
com.blogspot.javarestlet.httpbasicauth.server.resources
```
1. HelloWorldAdminServerResource.java（与 AdminAppStart 附加）
2. HelloWorldClientServerResource.java（与ClientAppStart一起使用）
3. HelloWorldDefaultServerResource.java（有点不必要的class文件）

这是每个文件的代码：

AdminAppStart.java

package com.blogspot.javarestlet.httpbasicauth.server.app;

import org.restlet.Application;
import org.restlet.Context;
import org.restlet.Restlet;
import org.restlet.data.ChallengeScheme;
import org.restlet.routing.Router;
import org.restlet.security.ChallengeAuthenticator;
import org.restlet.security.MapVerifier;

import com.blogspot.javarestlet.httpbasicauth.server.resources.HelloWorldAdminServerResource;
import com.blogspot.javarestlet.httpbasicauth.server.resources.HelloWorldDefaultServerResource;

public class AdminAppStart extends Application {
    private ChallengeAuthenticator authenticator;

    private ChallengeAuthenticator createAuthenticator() {
        Context context = getContext();
        final boolean optional = false;
        ChallengeScheme challengeScheme = ChallengeScheme.HTTP_BASIC;
        String realm = "Example site";

        MapVerifier verifier = new MapVerifier();
        verifier.getLocalSecrets().put("scott", "tiger".toCharArray());

        ChallengeAuthenticator auth = new ChallengeAuthenticator(context, optional, challengeScheme, realm, verifier);
        return auth;
    }

    @Override
    public Restlet createInboundRoot() {
        this.authenticator = createAuthenticator();

        Router router = new Router();
        router.attach("/user", HelloWorldAdminServerResource.class);
        router.attach("", HelloWorldDefaultServerResource.class);

        authenticator.setNext(router);
        return authenticator;
    }

}

ClientAppStart.java

package com.blogspot.javarestlet.httpbasicauth.server.app;

import org.restlet.Application;
import org.restlet.Restlet;
import org.restlet.routing.Router;

import com.blogspot.javarestlet.httpbasicauth.server.resources.HelloWorldClientServerResource;

public class ClientAppStart extends Application {
@Override
public Restlet createInboundRoot() {
    Router router = new Router();
    router.attach("/clientres/hello", HelloWorldClientServerResource.class);
    return router;
}
}

Main.java

package com.blogspot.javarestlet.httpbasicauth.server.app;

import org.restlet.Application;
import org.restlet.Component;
import org.restlet.data.Protocol;

public class Main {
    public static void main(String[] args) throws Exception
    {
        // Create a component
        Component component = new Component();
        component.getServers().add(Protocol.HTTP, 8151);
        component.getClients().add(Protocol.HTTP);

        // Create an application
        Application application = new ClientAppStart();

        // Attach the application to the component and start it
        component.getDefaultHost().attach("/userx",application);
        component.getDefaultHost().attach("/admin/accounts/abc123",new AdminAppStart());
        component.start();
    }
}

HelloWorldAdminServerResource.java

package com.blogspot.javarestlet.httpbasicauth.server.resources;

import org.restlet.resource.Get;
import org.restlet.resource.ServerResource;

public class HelloWorldAdminServerResource  extends ServerResource {
    @Get
    public String $get()
    {
        return "Hello Admin";
    }
}

HelloWorldClientServerResource.java

package com.blogspot.javarestlet.httpbasicauth.server.resources;

import org.restlet.resource.Get;
import org.restlet.resource.ServerResource;

public class HelloWorldClientServerResource extends ServerResource {
@Get
public String $get()
{
    return "Hello Client";
}
}

HelloWorldDefaultServerResource.java

package com.blogspot.javarestlet.httpbasicauth.server.resources;

import org.restlet.resource.Get;
import org.restlet.resource.ServerResource;

public class HelloWorldDefaultServerResource extends ServerResource{
@Get
public String $get()
{
    return "please enter a sub-url after abc123";
}
}

这是 cURL request-response 日志：

C:\Users\abhishek>curl -i "http://localhost:8151/userx/clientres/hello"
HTTP/1.1 200 OK
Content-type: text/plain; charset=UTF-8
Content-length: 12
Server: Restlet-Framework/2.3.9
Accept-ranges: bytes
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
Date: Mon, 23 Jan 2017 11:37:01 GMT

Hello Client

======================================================================

C:\Users\abhishek>curl -i -H "Authorization: Basic c2NvdHQ6dGlnZXI=" "http://localhost:8151/admin/accounts/abc123"
HTTP/1.1 200 OK
Content-type: text/plain; charset=UTF-8
Content-length: 35
Server: Restlet-Framework/2.3.9
Accept-ranges: bytes
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
Date: Mon, 23 Jan 2017 11:35:07 GMT

please enter a sub-url after abc123

======================================================================

C:\Users\abhishek>curl -i -H "Authorization: Basic c2NvdHQ6dGlnZXI=" "http://localhost:8151/admin/accounts/abc123/user"
HTTP/1.1 200 OK
Content-type: text/plain; charset=UTF-8
Content-length: 11
Server: Restlet-Framework/2.3.9
Accept-ranges: bytes
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
Date: Mon, 23 Jan 2017 11:35:04 GMT

Hello Admin

======================================================================

C:\Users\abhishek>curl -i "http://localhost:8151/admin/accounts/abc123/user"
HTTP/1.1 401 Unauthorized
Content-type: text/html; charset=UTF-8
Content-length: 424
Www-authenticate: Basic realm="Example site"
Server: Restlet-Framework/2.3.9
Accept-ranges: bytes
Date: Mon, 23 Jan 2017 12:48:08 GMT

<html>
<head>
   <title>Status page</title>
</head>
<body style="font-family: sans-serif;">
<p style="font-size: 1.2em;font-weight: bold;margin: 1em 0px;">Unauthorized</p>
<p>The request requires user authentication</p>
<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">here</a>.<br>
Please continue your visit at our <a href="/">home page</a>.
</p>
</body>
</html>

试试这个，如果您遇到任何问题，请告诉我们。

添加于 2017-01-24 1524：

因为提问者问“..通过创建单独的应用程序..来做这样的事情是常见的规则吗？”

以下是该问题的最简单的答案：

Application.createInboundRoot() 应该是 return Restlet，这里是从这里获得的 Restlet class 的子classes：https://restlet.com/technical-resources/restlet-framework/javadocs/2.3/jee/api/

org.restlet.Restlet
^
|
|--org.restlet.Application
|
|--org.restlet.Component
|
|--org.restlet.Connector
|  ^
|  |--org.restlet.Client
|  |
|  |--org.restlet.Server
|
|--org.restlet.routing.Filter
|  ^
|  |
|  |--org.restlet.security.Authenticator
|  |  ^
|  |  |
|  |  |--org.restlet.security.CertificateAuthenticator
|  |  |
|  |  |--org.restlet.security.ChallengeAuthenticator
|  |
|  |--org.restlet.security.Authorizer
|  |  ^
|  |  |
|  |  |--org.restlet.security.ConfidentialAuthorizer
|  |  |
|  |  |--org.restlet.security.MethodAuthorizer
|  |  |
|  |  |--org.restlet.security.RoleAuthorizer
|  |
|  |--org.restlet.routing.Extractor
|  |
|  |--org.restlet.routing.Route
|  |  ^
|  |  |
|  |  |--org.restlet.routing.TemplateRoute
|  |
|  |--org.restlet.routing.Validator
|
|--org.restlet.resource.Finder
|  ^
|  |
|  |--org.restlet.resource.Directory
|
|--org.restlet.routing.Redirector
|
|--org.restlet.routing.Router
|
|--org.restlet.util.WrapperRestlet

如果您查看每个 class 的文档和示例（每个都会使这个答案太长），您会发现还有其他方法可以做到这一点，但是创建单独的 Application 对于每个都是所有方法中最简单的。

如何创建受保护的 Restlet 资源？

How to create protected Restlet resource?

java

web-services

restlet