我想在 JBoss 7.1 上部署一个工作的 JSF 应用程序(Tomcat 7.0.34)到目前为止我已经配置了数据源,它正在工作。但是我在设置容器管理的身份验证时遇到了麻烦。通过调用 index.xhtml,所有项目都从 DB 中正确加载。但是当我登录时,用户没有任何角色。因此,不允许他访问他的客户详细信息页面。因此,我想问一下,我是否忘记了要配置的内容。
我的配置:
独立的.xml
安全域似乎工作正常。如果我将选定的列 'role' 更改为 'r',则会在登录期间引发异常。
...
<datasource jndi-name="java:jboss/datasources/MySqlDS" pool-name="MySqlDS" enabled="true" use-java-context="true" use-ccm="true">
<connection-url>jdbc:mysql://localhost:3306/bookstore</connection-url>
<driver>mysql</driver>
<security>
<user-name>bookstore</user-name>
<password>book$tore</password>
</security>
</datasource>
...
<security-domain name="SgpRealm" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/MySqlDS"/>
<module-option name="principalsQuery" value="SELECT pwd FROM customer where eMail=?"/>
<module-option name="rolesQuery" value="SELECT role, role FROM roles WHERE eMail=?"/>
<module-option name="unauthenticatedIdentity" value="anonymous"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss>
<security-domain>SgpRealm</security-domain>
</jboss>
web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Authenticated admins only</web-resource-name>
<url-pattern>/faces/sections/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ADMIN</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/faces/sections/authentication/login.xhtml</form-login-page>
<form-error-page>/faces/sections/authentication/loginFailed.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>ADMIN</role-name>
</security-role>
login.xhtml
<h:form prependId="false">
<table id="loginTable" >
<tr>
<td><h:outputLabel for="email" value="#{msgs.username}" />
</td>
<td><h:inputText id="email" value="#{login.eMail}"
required="true" style="width:100%" /></td>
</tr>
<tr>
<td><h:outputLabel for="password" value="#{msgs.password}" />
</td>
<td><h:inputSecret id="password" value="#{login.password}"
required="true" style="width:100%" /></td>
</tr>
<tr height="50px">
<td colspan="2"><h:commandButton value="#{msgs.login}"
actionListener="#{login.doLogin}" style="width:104%" /></td>
</tr>
</table>
</h:form>
Login.java#doLogin(...) 方法
public void doLogin(ActionEvent e) throws IOException {
FacesContext context = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest) context
.getExternalContext().getRequest();
try {
// Try to login customer via container management
request.login(eMail, password);
/*
* Prints out the username (eMail) of the logged in user !!!
*/
System.out.println(request.getUserPrincipal());
if(request.isUserInRole("ADMIN")){
/*
* This part of source is never reached!!!!
*/
System.out.println("Role: ADMIN");
}
...
通过使用 Tomcat 实例,在 META-INF 目录中有一个名为 context.xml 的文件。(对于 JBoss 我删除了它)
<Context>
<Resource name="jdbc/bookstore"
auth="Container"
type="javax.sql.DataSource"
username="bookstore"
password="book$tore"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost/bookstore"/>
</Context>
我需要什么吗?JBoss 类似,还是需要其他配置文件?
非常感谢!