Insanely reinventing the wheel, Sometimes I have to make my own because the wheel standards don't match.
It may be possible to use it when creating a login screen.
It is an implementation example in the micro framework Spark Framework.
Behavior of basic authentication-Qiita
Hmmmm ...
First, the http server is in status 401
It seems that you should return the header such as WWW-Authenticate: Basic realm = \" Secret Zone \ "\ r \ n.
Then, if you enter the authentication information on the browser side ʻAuthorization: Basic <Base64 format of'ID: PASS'>` header comes from the client If it is decoded and matches, authentication is OK, and if it is NG, it seems that 401 should be returned again.
Check out the official documentation for snippets that might work.
Documentation - Spark Framework: An expressive web framework for Kotlin and Java
It seems good to perform authentication processing with a filter that runs before processing each request.
before((request, response) -> {
String reqAuth = "" + request.headers("Authorization");
String basicAuth =
Base64.getEncoder().encodeToString("user1234:password1234".getBytes(StandardCharsets.UTF_8));
if (!reqAuth.replaceAll("Basic\\s", "").equals(basicAuth)) {
System.out.println("Basic Authorization is failed!");
response.header("WWW-Authenticate", "Basic realm=\"Secret Zone\"\r\n");
halt(401, "You are not welcome here");
}
});
The standard Base64 library cannot be used unless it is Java 8. Java7 people, use the one you like ↓ BaseEncoding (Guava: Google Core Libraries for Java 16.0 API) Base64 (Apache Commons Codec 1.11 API)
Recommended Posts