CachingAuthenticator在Dropwizard中的应用

Question

我想从下拉向导中丢弃旧的身份验证，这就是为什么我要使用CachingAuthenticator的blow配置。

@Override 
public void run(WebConfiguration configuration, Environment environment) {
   environment.jersey().register(new ActivityResource());
    
   CachingAuthenticator<BasicCredentials, AuthUser> cachingAuthenticator =
        new CachingAuthenticator<>(environment.metrics(), new WebAuthenticator(), 
                configuration.getAuthenticationCachePolicy());
}

策略在yml文件中为

authenticationCachePolicy: maximumSize=10, expireAfterAccess=1m

我的问题是：

1. 如何注册(使其正常工作) cachingAuthenticator，以便每个请求都经过身份验证？
2. 如何在秒内设置expireAfterAccess？
3. 如果密码有问题，请建议.

Answer 1

工作溶液

/** authentication config */
CachingAuthenticator<BasicCredentials, AuthUser> cachingAuthenticator = new CachingAuthenticator<>(
    environment.metrics(), new MyAuthenticator(), configuration.getAuthenticationCachePolicy());

environment.jersey().register(new AuthDynamicFeature(new BasicCredentialAuthFilter.Builder<AuthUser>()
    .setAuthenticator(cachingAuthenticator).setRealm("kedar.javalkar.realm").buildAuthFilter()));

environment.jersey().register(new AuthValueFactoryProvider.Binder<>(AuthUser.class));

yml可以

# Caching authenticator.
authenticationCachePolicy: maximumSize=10000, expireAfterAccess=10m

或

# Caching authenticator.
authenticationCachePolicy: maximumSize=10000, expireAfterAccess=1s

Answer 2

我不知道“2”，但对于“1”，您只需将身份验证器连接到基本的auth提供程序。

CachingAuthenticator<BasicCredentials, AuthUser> cachingAuthenticator =
        new CachingAuthenticator<>(environment.metrics(), new WebAuthenticator(), 
                configuration.getAuthenticationCachePolicy());

environment.jersey().register(AuthFactory.binder(
            new BasicAuthFactory<>(cachingAuthenticator,
                     "Example Realm", AuthUser.class)));