1

我们有需要在 websphere 6.1 中部署的应用程序。在 websphere 中,配置了 LDAP 身份验证。我们托管的应用程序还应该启用身份验证以启用单点登录。我们需要验证特定用户是否输入了正确的用户 ID/密码。不需要检查任何角色和组。没有特定于应用程序的角色。那么我如何配置我的appplication.xml,ibm。

ibm-application-bnd.xmi

 <authorizationTable xmi:id="AuthorizationTable_1298129835914">
     <authorizations xmi:id="RoleAssignment_1298129835811">      
      <users xmi:id="User_1310175154371" name="Jothi_Nadesan"/>
      <role href="META-INF/application.xml#SecurityRole_1310175154371"/>
      <groups xmi:id="Group_1305717519721" name="USSA.App_IP"/>
    </authorizations>
  </authorizationTable>
  <application href="META-INF/application.xml#Application_ID"/>

application.xml
<module id="WebModule_1340958487989">
        <web>
            <web-uri>CotyIPMasterDataWeb.war</web-uri>
            <context-root>IPMasterData</context-root>
        </web>
    </module>
    <security-role id="SecurityRole_1310175154371">
        <description>IP_AUTHENTICATION</description>
        <role-name>IP_AUTHENTICATION</role-name>
    </security-role>    

web.xml
<security-constraint>

        <web-resource-collection>
            <web-resource-name>IPMasterData</web-resource-name>
            <description></description>
            <url-pattern>/</url-pattern>
            <url-pattern>*.action</url-pattern>
            <url-pattern>*.jsp</url-pattern>
            <url-pattern>*.html</url-pattern>
            <http-method>GET</http-method>
            <http-method>PUT</http-method>
            <http-method>POST</http-method>
            <http-method>DELETE</http-method>
        </web-resource-collection>

    </security-constraint>
    <login-config>
        <auth-method>BASIC</auth-method>
    </login-config>
4

1 回答 1

2

为此,您必须在其中<security-role>定义web.xml<security-constraint>引用它(*表示存在的任何角色):

<security-role>
    <role-name>IP_AUTHENTICATION</role-name>
</security-role>

<security-constraint>
    <auth-constraint>
        <role-name>*</role-name>
    </auth-constraint>
</security-constraint>

然后ibm-application-bnd.xmi必须将此角色绑定到特殊主题AllAuthenticatedUsers

<authorizations xmi:id="RoleAssignment_1298129835811">
    <specialSubjects xmi:type="applicationbnd:AllAuthenticatedUsers" 
name="AllAuthenticatedUsers"/>
    <role href="META-INF/application.xml#SecurityRole_1310175154371"/>
</authorizations>
于 2013-07-14T16:01:47.230 回答