我用 glassfish 和 netbeans 创建了一个 Java EE 应用程序。我从这里安装了自定义的灵活 jdbc 领域。我按照所有说明操作并使用了如下所示的属性(默认和服务器配置)
datasource.jndi = jdbc/e-health
sql.seed = select salt from users where username = ?
sql.groups = select groupname from groups where username = ?
sql.password = select password from users where username = ?
password.encoding = BASE64
password.digest = SHA-256
jaas.context = myRealm
我的第一个问题是我应该在哪里创建领域,在默认配置或服务器配置中?
我还使用表创建了数据库(电子健康):用户、组
users: username, password, salt
groups: groupname, username(fk->users.username)
我想使用这个领域的原因是我想用盐和 jdbc 领域加密密码我没有这个选项!
我的问题是我无法登录。
我使用 net beans IDE 并创建了 login 和 loginError 页面:
登录.JSP:
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Login Page</title>
</head>
<body>
<form action="j_security_check" method="POST">
Username:<input type="text" name="j_username"><br>
Password:<input type="password" name="j_password">
<input type="submit" value="Login">
</form>
</body>
</html>
我在 servlet 中使用此代码创建了一个用户:
if(userPath.equals("/createUser"))
{
String Type = request.getParameter("user_type");
String Id = request.getParameter("amka");
String Name = request.getParameter("name");
String Surname = request.getParameter("surname");
String Nickname = request.getParameter("nickname");
String Pass = request.getParameter("password");
String Email = request.getParameter("e-mail");
String City = request.getParameter("city");
String Street = request.getParameter("street");
String Phone = request.getParameter("phone");
String At = request.getParameter("at");
String Spec = request.getParameter("spec");
//byte[] b_pass = Pass.getBytes("UTF-8"); //Κρυπτογράφηση password
String salt = null;
String hash=null;
if ("doctor".equals(Type))
{
// ID = Integer.parseInt(Id);
MessageDigest md;
try {
Random r = SecureRandom.getInstance("SHA1PRNG");
salt=new BigInteger(130, r).toString(32);
md = MessageDigest.getInstance("SHA-256");
md.update(salt.getBytes("UTF-8"));
byte[] digest = md.digest();
salt=Base64.encodeBase64String(digest);
md.update(Pass.concat(salt).getBytes("UTF-8"));
digest = md.digest();
hash=Base64.encodeBase64String(digest); // μετατροπή σε Base64
}
catch (NoSuchAlgorithmException ex) {
Logger.getLogger(Servlet.class.getName()).log(Level.SEVERE, null, ex);
}
currentUser.setPassword(hash);
currentUser.setUsername(Nickname);
currentUser.setSalt(salt);
UsersFacade.create(currentUser);
currentGroup.setUsername(currentUser);
currentGroup.setGroupname(Type);
GroupsFacade.create(currentGroup);
/*
currentDoc.setIddoctors(ID);
currentDoc.setName(Name);
currentDoc.setSurname(Surname);
currentDoc.setNickname(Nickname);
currentDoc.setEmail(Email);
currentDoc.setCity(City);
currentDoc.setStreet(Street);
currentDoc.setPhone(Phone);
currentDoc.setSpec(Spec);
DoctorsFacade.create(currentDoc);
*/
}
我创建的组和角色是医生、药剂师、微型医生、患者、管理员。
我在 web.xml 和 glassfish-web.xml 中创建了角色:
WEB.XML
<session-config>
<session-timeout>
1
</session-timeout>
</session-config>
<error-page>
<error-code>500</error-code>
<location>/WEB-INF/view/error.jsp</location>
</error-page>
<security-constraint>
<display-name>AdminOnly</display-name>
<web-resource-collection>
<web-resource-name>admin</web-resource-name>
<description/>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admins</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>DocOnly</display-name>
<web-resource-collection>
<web-resource-name>doctor1</web-resource-name>
<url-pattern>/view/doc_index.jsp</url-pattern>
</web-resource-collection>
<web-resource-collection>
<web-resource-name>doctor2</web-resource-name>
<description/>
<url-pattern>/view/doctor.jsp</url-pattern>
</web-resource-collection>
<web-resource-collection>
<web-resource-name>doctor3</web-resource-name>
<description/>
<url-pattern>/view/history.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>doctors</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>PharmOnly</display-name>
<web-resource-collection>
<web-resource-name>pharm</web-resource-name>
<description/>
<url-pattern>/view/pharm.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>pharms</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>MicroOnly</display-name>
<web-resource-collection>
<web-resource-name>micro</web-resource-name>
<description/>
<url-pattern>/view/micro.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>micros</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>PatOnly</display-name>
<web-resource-collection>
<web-resource-name>patient</web-resource-name>
<description/>
<url-pattern>/view/patient.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>patients</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>myRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>admins</role-name>
</security-role>
<security-role>
<description/>
<role-name>doctors</role-name>
</security-role>
<security-role>
<description/>
<role-name>pharms</role-name>
</security-role>
<security-role>
<description/>
<role-name>micros</role-name>
</security-role>
<security-role>
<description/>
<role-name>patients</role-name>
</security-role>
<resource-ref>
<res-ref-name>jdbc/e-health</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
</web-app>
GLASSFISH-WEB.XML
<glassfish-web-app error-url="">
<security-role-mapping>
<role-name>doctors</role-name>
<group-name>doctors</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>micros</role-name>
<group-name>micros</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>pharms</role-name>
<group-name>pharms</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>patients</role-name>
<group-name>patients</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>admins</role-name>
<group-name>admins</group-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
</jsp-config>
</glassfish-web-app>
首先,我在 servlet 中创建了这个注释:
@ServletSecurity(
@HttpConstraint(rolesAllowed = {"doctors"})
)
这是凭据:
用户名:John 密码(含盐):kwkBo2sKjPHPvqFTQReMGS8Cbj8PbAoFxvuk 盐:4b8mHanRWrI9HitaES4s8x5F05WWFz3IN3+Hjp7XtRg=
和
用户名:John 组名:医生
加密密码为:12345
我做错了什么?
我在表单中输入了凭据:John/12345 并显示了错误页面。
我必须以某种方式解密密码吗?这不是由领域本身起作用吗?