车间能级提升-智能设备管理系统
blame | 历史 | 原始文档
朱桂飞
2025-01-09 3e8f7f239bedae0b4f04a1ac6bd443ba6298f73c 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

package com.aizuda.snailjob.server.starter.filter;


 


import jakarta.servlet.*;


import jakarta.servlet.http.HttpServletRequest;


import jakarta.servlet.http.HttpServletResponse;


 


import java.io.IOException;


import java.nio.charset.StandardCharsets;


import java.util.Base64;


 


public class ActuatorAuthFilter implements Filter {


 


    private final String username;


    private final String password;


 


    public ActuatorAuthFilter(String username, String password) {


        this.username = username;


        this.password = password;


    }


 


    @Override


    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {


        HttpServletRequest request = (HttpServletRequest) servletRequest;


        HttpServletResponse response = (HttpServletResponse) servletResponse;


 


        // 获取 Authorization 头


        String authHeader = request.getHeader("Authorization");


 


        if (authHeader == null || !authHeader.startsWith("Basic ")) {


            // 如果没有提供 Authorization 或者格式不对,则返回 401


            response.setHeader("WWW-Authenticate", "Basic realm=\"realm\"");


            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");


            return;


        }


 


        // 解码 Base64 编码的用户名和密码


        String base64Credentials = authHeader.substring("Basic ".length());


        byte[] credDecoded = Base64.getDecoder().decode(base64Credentials);


        String credentials = new String(credDecoded, StandardCharsets.UTF_8);


        String[] split = credentials.split(":");


        if (split.length != 2) {


            response.setHeader("WWW-Authenticate", "Basic realm=\"realm\"");


            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");


            return;


        }


        // 验证用户名和密码


        if (!username.equals(split[0]) && password.equals(split[1])) {


            response.setHeader("WWW-Authenticate", "Basic realm=\"realm\"");


            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");


            return;


        }


        // 如果认证成功,继续处理请求


        filterChain.doFilter(request, response);


    }


 


    @Override


    public void init(FilterConfig filterConfig) {


    }


 


    @Override


    public void destroy() {


    }


 


}