1

我想在 JBoss 7.1 上部署一个工作的 JSF 应用程序(Tomcat 7.0.34)到目前为止我已经配置了数据源,它正在工作。但是我在设置容器管理的身份验证时遇到了麻烦。通过调用 index.xhtml,所有项目都从 DB 中正确加载。但是当我登录时,用户没有任何角色。因此,不允许他访问他的客户详细信息页面。因此,我想问一下,我是否忘记了要配置的内容。

我的配置:

独立的.xml

安全域似乎工作正常。如果我将选定的列 'role' 更改为 'r',则会在登录期间引发异常。

...
<datasource jndi-name="java:jboss/datasources/MySqlDS" pool-name="MySqlDS" enabled="true" use-java-context="true" use-ccm="true">
    <connection-url>jdbc:mysql://localhost:3306/bookstore</connection-url>
    <driver>mysql</driver>
        <security>
            <user-name>bookstore</user-name>
            <password>book$tore</password>
        </security>
</datasource>
...
<security-domain name="SgpRealm" cache-type="default">
    <authentication>
        <login-module code="Database" flag="required">
            <module-option name="dsJndiName" value="java:jboss/datasources/MySqlDS"/>
            <module-option name="principalsQuery" value="SELECT pwd FROM customer where eMail=?"/>
            <module-option name="rolesQuery" value="SELECT role, role FROM roles WHERE eMail=?"/>
            <module-option name="unauthenticatedIdentity" value="anonymous"/>
            <module-option name="password-stacking" value="useFirstPass"/>
        </login-module>
    </authentication>
</security-domain>

jboss-web.xml

<?xml version="1.0" encoding="UTF-8"?>
<jboss>
    <security-domain>SgpRealm</security-domain>
</jboss>

web.xml

<security-constraint>
    <web-resource-collection>
    <web-resource-name>Authenticated admins only</web-resource-name>
    <url-pattern>/faces/sections/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
    <role-name>ADMIN</role-name>
    </auth-constraint>
</security-constraint>

<login-config>
    <auth-method>FORM</auth-method>
<form-login-config>
    <form-login-page>/faces/sections/authentication/login.xhtml</form-login-page>
    <form-error-page>/faces/sections/authentication/loginFailed.xhtml</form-error-page>
</form-login-config>
</login-config>

<security-role>
    <role-name>ADMIN</role-name>
</security-role>

login.xhtml

<h:form prependId="false">
<table id="loginTable" >
    <tr>
        <td><h:outputLabel for="email" value="#{msgs.username}" />
        </td>
        <td><h:inputText id="email" value="#{login.eMail}"
                            required="true" style="width:100%" /></td>
    </tr>
    <tr>
        <td><h:outputLabel for="password" value="#{msgs.password}" />
        </td>
        <td><h:inputSecret id="password" value="#{login.password}"
                            required="true" style="width:100%" /></td>
    </tr>
    <tr height="50px">
        <td colspan="2"><h:commandButton value="#{msgs.login}"
                            actionListener="#{login.doLogin}" style="width:104%" /></td>
    </tr>

</table>    
</h:form>

Login.java#doLogin(...) 方法

public void doLogin(ActionEvent e) throws IOException {
FacesContext context = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest) context
    .getExternalContext().getRequest();

try {
    // Try to login customer via container management
    request.login(eMail, password);

            /*
             * Prints out the username (eMail) of the logged in user !!!
             */                
            System.out.println(request.getUserPrincipal());

            if(request.isUserInRole("ADMIN")){

                    /*
                     * This part of source is never reached!!!!
                     */  

                    System.out.println("Role: ADMIN");
            }
            ...

通过使用 Tomcat 实例,在 META-INF 目录中有一个名为 context.xml 的文件。(对于 JBoss 我删除了它)

<Context>

    <Resource name="jdbc/bookstore" 
    auth="Container" 
    type="javax.sql.DataSource"
        username="bookstore"
        password="book$tore"
        driverClassName="com.mysql.jdbc.Driver"
        url="jdbc:mysql://localhost/bookstore"/>

</Context>

我需要什么吗?JBoss 类似,还是需要其他配置文件?

非常感谢!

4

1 回答 1

0

所以,我的应用程序现在在 JBoss 上运行。我刚刚将安全域从

<security-domain name="SgpRealm" cache-type="default">
<authentication>
    <login-module code="Database" flag="required">
        <module-option name="dsJndiName" value="java:jboss/datasources/MySqlDS"/>
        <module-option name="principalsQuery" value="SELECT pwd FROM customer where eMail=?"/>
        <module-option name="rolesQuery" value="SELECT role, role FROM roles WHERE eMail=?"/>
        <module-option name="unauthenticatedIdentity" value="anonymous"/>
        <module-option name="password-stacking" value="useFirstPass"/>
    </login-module>
</authentication>

<security-domain name="SgpRealm" cache-type="default">
<authentication>
    <login-module code="Database" flag="required">
        <module-option name="dsJndiName" value="java:jboss/datasources/MySqlDS"/>
        <module-option name="principalsQuery" value="SELECT pwd FROM customer where eMail=?"/>
        <module-option name="rolesQuery" value="SELECT role, role FROM roles WHERE eMail=?"/>
    </login-module>
</authentication>

文件 context.xml 仍然被删除。

于 2013-04-28T17:06:24.583 回答