-1

不仅仅是一个问题,我需要使用 jsf 执行身份验证。我开发了一个登录,它接收存储在 MySQL 中的用户名和密码。从 Active Directory 登录后,这应该使用 AD 的用户名和密码,我想应该与 MySQL 的用户名和密码相同。

然后,进入系统,您不再看到登录,而是直接看到主页或主页。

我希望你的帮助和提前感谢。

问候。

4

1 回答 1

0

这是我的解决方案,它对我有用:编辑 faces-config.xml:

<lifecycle>
        <phase-listener>
            com.xxx.admin.security.Login
        </phase-listener>
    </lifecycle>

班级登录:

    public class Login implements PhaseListener {
    private static final String USER_LOGIN_OUTCOME = "login";
     @Override
        public void afterPhase(PhaseEvent event) {
            FacesContext context = event.getFacesContext();
            if (userExists(context)) {
                // 1. Update last login
                // 2. may be expired ???
                ExternalContext extContext = context.getExternalContext();
                try {
                    ETT_UserDTL tmpUser = (ETT_UserDTL) extContext.getSessionMap().get(User.USER_SESSION_KEY);
                    if (!Authenticator.authenticateUser(tmpUser, context)) {
                        // send the user to the login view
                        reLogin(context);
                    } else {
                        ;
                    }
                    // allow processing of the requested view
                } catch (Exception ex) {
                    SystemLogger.getLogger().error(ex);
                    ClientMessage.logErr(ex.toString());
                    reLogin(context);
                }
            } else {
                // send the user to the login view
                reLogin(context);
            }
        }
    private boolean userExists(FacesContext context) {
    // Need re-check authenticator here.
    // Check user exist
    ExternalContext extContext = context.getExternalContext();
    return (extContext.getSessionMap().containsKey(User.USER_SESSION_KEY));
}
private void reLogin(FacesContext context) {
        // send the user to the login view
        if (requestingSecureView(context)) {
            context.responseComplete();
            context.getApplication().
                    getNavigationHandler().handleNavigation(context,
                    null,
                    USER_LOGIN_OUTCOME);
        } else {
            ;
        }
    }
    }

LDAP认证:

public class LDAPAuthentication {

    static String ATTRIBUTE_FOR_USER = "sAMAccountName";

    @SuppressWarnings("unchecked")
    public Attributes authenticateUser(String username, String password, String strDomain, String strHost, String dn) throws NamingException {

        String searchFilter = "(&(objectClass=user)(" + ATTRIBUTE_FOR_USER + "=" + username + "))";
        // Create the search controls

        SearchControls searchCtls = new SearchControls();
        // searchCtls.setReturningAttributes(returnedAtts);
        // Specify the search scope
        searchCtls.setSearchScope(SearchControls.OBJECT_SCOPE);
        String searchBase = dn;
        Hashtable environment = new Hashtable();
        environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        // Using starndard Port, check your instalation
        environment.put(Context.PROVIDER_URL, "ldap://" + strHost);
        environment.put(Context.SECURITY_AUTHENTICATION, "simple");

        environment.put(Context.SECURITY_PRINCIPAL, username + "@" + strDomain);
        environment.put(Context.SECURITY_CREDENTIALS, password);

        LdapContext ctxGC = null;
        try {
            ctxGC = new InitialLdapContext(environment, null);
            // Search for objects in the GC using the filter
            NamingEnumeration answer = ctxGC.search(searchBase, searchFilter, searchCtls);
            while (answer.hasMoreElements()) {
                SearchResult sr = (SearchResult) answer.next();
                Attributes attrs = sr.getAttributes();
                if (attrs != null) {
                    return attrs;
                }
            }
        } catch (Exception e) {
            SystemLogger.getLogger().error(e);
        }
        return null;
    }
}

验证:

public static boolean authenticateLDAPUser(String strUser, String strPass, String strDomain, String strHost) throws NamingException, Exception {
        LDAPAuthentication ldap = new LDAPAuthentication();
        Attributes att = ldap.authenticateUser(strUser, strPass, strDomain, strHost, "");
        if (att != null) {
            try {
                ETT_UserDTL tmpUser = (ETT_UserDTL) DataUtil.performAction(DATA_UserGUI.class, "getInfByUserName", strUser);
                tmpUser.setPassword(strPass);
                if (!otherAuthenticate(tmpUser)) {
                    Authenticator.removeUser();
                    return false;
                } else {
                    ;
                }
                pushUser(tmpUser);
                return true;
            } catch (TelsoftException ex) {
                SystemLogger.getLogger().error(ex);
                return false;
            }
        } else {
            updateLoginFail();
            return false;
        }
    }
于 2013-03-27T04:55:30.573 回答