Restlet中的HTTP身份验证，验证子网址

Question

我在服务器端使用HTTP摘要身份验证机制，客户端是Firefox。

这是服务器端代码

Application application = new Vehicle(); 

component.getDefaultHost().attachDefault(application); 
component.getDefaultHost().attach("/home",new Home()); 

DigestAuthenticator guard = new DigestAuthenticator(null, "TestRealm","mySecretServerKey"); 
Instantiates a Verifier of identifier/secret couples based on a simple Map. 
MapVerifier mapVerifier = new MapVerifier(); 

负载，单一的静态登录/秘密对。

mapVerifier.getLocalSecrets().put("login", "secret".toCharArray()); 
guard.setWrappedVerifier(mapVerifier); 

卫队的Restlet

guard.setNext(application); 
component.getDefaultHost().attachDefault(guard); 
component.start(); 

在家庭类

Router router = new Router(getContext()); 
router.attach("/People", People.class); 
router.attach("/categories/",Categories.class); 

return router; 

，如果我要求http://localhost:8182/ HTTP验证工作，但http://localhost:8182/home/categories/不要求任何http authentication如果我们首先尝试/home/categories/代替http://localhost:8182/它会给出结果与任何身份验证机制SM。如何解决这个问题？

Answer 1

您只将防护装置附加到默认路线，以便与其他路线不匹配的路线。查看javadoc了解attachDefault：

* Attaches a Resource class to this router as the default target to invoke 
* when no route matches. It actually sets a default route that scores all 
* calls to 1.0. 

你的其他途径都没有缺省路由，所以他们没有守卫

router.attach("/People", People.class); 
router.attach("/categories/",Categories.class); 

必须连接要保护像这样每个路由之间的保护：

DigestAuthenticator peopleGuard = new DigestAuthenticator(null, "TestRealm","mySecretServerKey"); 
peopleGuard.setNext(People.class); 
router.attach("/People", peopleGuard);