如何追踪剩余请求认证参数(用户名/密码)
我已经构建了一个带有 spring 安全性的 rest api.我在 nginx 日志中收到 401 错误.现在,当我通过rest客户端发送发布请求时,我想在身份验证之前拦截和跟踪用户名、密码、请求正文和URL.我可以将 URL 设为 String url = httpRequest.getRequestURL().toString();任何人都可以让我知道如何从 HttpServletRequest 获取用户名、密码和请求正文.
I have build a rest api with spring security. I'm getting the 401 errors in the nginx logs. Now I want to intercept and trace the username, password, request body and URL before the authentication when i send a post request via rest client. I'm able to get the url as String url = httpRequest.getRequestURL().toString(); Could any one please let me know how can i get the username, password and request body from HttpServletRequest.
下面的代码对我有用,可以从 httpRequest 获取用户名和密码,以获取从其余客户端发送的信息.
Below code worked for me to get the username and password from the httpRequest for the information sent from the rest client.
String header = httpRequest.getHeader("Authorization");
if ((header != null) && (header.startsWith("Basic "))) {
String base64Token = header.substring(6);
String token = new String(Base64.decodeBase64(base64Token.getBytes()));
String username = "";
String password = "";
int delim = token.indexOf(":");
if (delim != -1) {
username = token.substring(0, delim);
password = token.substring(delim + 1);
}
}