我正在尝试使用 GlassFish v3.1.2 和 JSF 2.1 和 primeFaces 3.4.2 设置容器管理的安全性
HexValue 值与数据库匹配,但得到以下异常
我尝试了 Base64 编码器,但结果相同。计算出的值和密码都很好,我错过了其他一些东西......还有其他我错过的设置,尤其是 glassfish 或 login.xhtml 文件
用户名:admin1 通过:admin
使用以下 SHAConverter.java
Used org.apache.commons.codec.digest.DigestUtils; for calculating HEX
final MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
final byte bin[] = messageDigest.digest((value.getBytes("UTF-8")));
final String hash = DigestUtils.sha256Hex(bin);
System.out.println("hex : " + hash);
FINE: [Web-Security] Setting Policy Context ID: old = null ctxID = PrimeJSF-EJB-JPA-2/PrimeJSF-EJB-JPA-2
FINE: [Web-Security] hasUserDataPermission perm: ("javax.security.jacc.WebUserDataPermission" "/Login.xhtml" "POST")
FINE: [Web-Security] hasUserDataPermission isGranted: true
INFO: VALUE ------------- admin
INFO: hex : dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO: request.isRequestedSessionIdValid() true
INFO: user : admin1 >> dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO: false
FINEST: Processing login with credentials of type: class com.sun.enterprise.security.auth.login.common.PasswordCredential
FINE: Logging in user [admin1] into realm: myRealm using JAAS module: jdbcRealm
FINE: Login module initialized: class com.sun.enterprise.security.auth.login.JDBCLoginModule
FINE: JAAS authentication aborted.
FINEST: doPasswordLogin fails
javax.security.auth.login.LoginException: Security Exception
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:870)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:382)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:240)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:153)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:514)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:455)
at org.apache.catalina.connector.Request.login(Request.java:1938)
at org.apache.catalina.connector.Request.login(Request.java:1901)
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
at javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
Caused by: java.lang.SecurityException
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:871)
... 64 more
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
SEVERE: IOException, Login Controller: The username or password you provided does not match our records.
SEVERE: javax.servlet.ServletException: Exception thrown while attempting to authenticate for user: admin1
at org.apache.catalina.connector.Request.login(Request.java:1970)
at org.apache.catalina.connector.Request.login(Request.java:1901)
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
at javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1
at org.apache.catalina.connector.Request.login(Request.java:1941)
... 52 more
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1970)
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1901)
SEVERE: at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
SEVERE: at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
SEVERE: at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
SEVERE: at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
SEVERE: at java.lang.reflect.Method.invoke(Method.java:601)
SEVERE: at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
SEVERE: at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
SEVERE: at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
SEVERE: at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
SEVERE: at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
SEVERE: at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
SEVERE: at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
SEVERE: at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
SEVERE: at javax.faces.component.UICommand.broadcast(UICommand.java:300)
SEVERE: at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
SEVERE: at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
SEVERE: at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
SEVERE: at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
SEVERE: at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
SEVERE: at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
SEVERE: at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
SEVERE: at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
SEVERE: at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
SEVERE: at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
SEVERE: at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
SEVERE: at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
SEVERE: at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
SEVERE: at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
SEVERE: at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
SEVERE: at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
SEVERE: at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
SEVERE: at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
SEVERE: at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
SEVERE: at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
SEVERE: at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
SEVERE: at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
SEVERE: at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
SEVERE: at java.lang.Thread.run(Thread.java:722)
SEVERE: Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1941)
SEVERE: ... 52 more
这是 Glassfish 领域设置
Configuration Name: server-config
Realm Name: myRealm
Class Name: com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm
JAAS Context: jdbcRealm
JNDI: jdbc/myDatasource
User Table: user_role_view
User Name Column: username
Password Column: password
Group Table: user_role_view
Group Table User Name Column:---
Group Name Column: rolename
Assign Groups:---
Database User:---
Database Password:---
Digest Algorithm: SHA-256
Password Encryption Algorithm:---
Encoding:Hex
Charset:UTF-8
我的 login.xhtml
<ui:define name="content">
<h:form styleClass="loginPanelStyle">
<p:growl id="msgs" showDetail="true" sticky="false" />
<p:panelGrid columns="2">
<f:facet name="header">
Login Panel
</f:facet>
<h:outputText value="Username : "></h:outputText>
<p:inputText id="username" value="#{loginController.username}" required="true" requiredMessage="Please Enter Username!">
<f:validateLength minimum="1" />
</p:inputText>
<h:outputText value="Password : "></h:outputText>
<p:password id="password" value="#{loginController.password}" required="true" requiredMessage="Please Enter password!">
<f:validateLength minimum="1" />
<f:converter converterId="com.nz.util.SHAConverter"></f:converter>
</p:password>
<f:facet name="footer">
<p:commandButton value="Submit" update="msgs" actionListener="#{loginController.login}" type="submit" icon="ui-icon-check" style="margin:0"></p:commandButton>
</f:facet>
</p:panelGrid>
我的 web.xml
<security-constraint>
<display-name>Administrator</display-name>
<web-resource-collection>
<web-resource-name>Admin Area</web-resource-name>
<description/>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Administrator</description>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>Manager</display-name>
<web-resource-collection>
<web-resource-name>Manager Area</web-resource-name>
<description/>
<url-pattern>/manager/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Manager</description>
<role-name>Manager</role-name>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>User</display-name>
<web-resource-collection>
<web-resource-name>User Operations</web-resource-name>
<description/>
<url-pattern>/user/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>User</description>
<role-name>Manager</role-name>
<role-name>Administrator</role-name>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>myRealm</realm-name>
<form-login-config>
<form-login-page>/Login.xhtml</form-login-page>
<form-error-page>/Login.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>Administrator</role-name>
</security-role>
<security-role>
<role-name>Manager</role-name>
</security-role>
<security-role>
<role-name>User</role-name>
</security-role>
我的 glassfish-web.xml
<security-role-mapping>
<role-name>Administrator</role-name>
<group-name>Administrators</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>Manager</role-name>
<group-name>Managers</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
我使用了这个帖子表格,但是这个表格的计算不匹配,但我的问题似乎与计算不同