有没有人愤怒地使用带有 HTTP DIGEST 身份验证的 Glassfish 3.1.2?
我让它工作正常,或者我认为......直到我发现它的行为不稳定......它可能工作 10 次中的 9 次,但第 10 次无法验证。
这是当我在具有相同凭据和相同 Java EE 应用程序的同一台机器上使用 wget 作为客户端对其进行测试时(碰巧是一个 REST Web 服务,但我在其他应用程序上也遇到了问题。)我运行了 wget本地。
我的 Glassfish 机器只为那些 wget 请求提供服务,它并没有做太多其他事情!
我没有理由相信 wget 偶尔行为不端。为了确定,我在其中一次失败的情况下手动计算了请求摘要(来自 wget HTTP 调试)。看起来不错。
当我使用调试运行 wget 时,我可以看到它第一次在没有凭据的情况下失败,然后在使用凭据时成功。但是,10 次或大约 1 次也失败了第二次(此处显示调试。)
[writing POST file request.xml ... done]
HTTP request sent, awaiting response...
---response begin---
HTTP/1.1 401 Unauthorized
X-Powered-By: Servlet/3.0 JSP/2.2 (GlassFish Server Open Source Edition
3.1.2 Java/Sun Microsystems Inc./1.6)
Server: GlassFish Server Open Source Edition 3.1.2
WWW-Authenticate: Digest realm="jdbc-realm",qop="auth",nonce="1377101691098:d07adb4a1421a265f3aa36bd99df7f6ef8c7a6e7887eb7d876e6b5ce079d1126",
opaque="C26EED99B0A8C0BCA16900215CCD241F"
Content-Type: text/html
Content-Length: 1069
Date: Wed, 21 Aug 2013 16:14:50 GMT
---response end---
401 Unauthorized
Skipping 1069 bytes of body: [<!DOCTYPE html P...
我为 javax.enterprise.system.core.security.level=FINE 设置了调试
我没有看到任何错误消息......但我确实注意到,对于一个“好”的 wget,“hasResourcePermission”被调用了 3 次,2 次返回 false,一次返回 true。
但是,对于“坏”的 wget 调用,它只被调用 2 次,返回 false。
|FINE|glassfish3.1.2|javax.enterprise.system.core.security|_ThreadID=36;_ThreadName=Thread->2; 类名=com.sun.enterprise.security.web.integration.WebSecurityManager;MethodName=hasResourcePermission;|[Web-Security] hasResource isGranted: false|#]
|FINE|glassfish3.1.2|javax.enterprise.system.core.security|_ThreadID=36;_ThreadName=Thread-2;ClassName=com.sun.enterprise.security.web.integration.WebSecurityManager; MethodName=hasResourcePermission;|[Web-Security] hasResource isGranted: false|#]
好案例
|FINE|glassfish3.1.2|javax.enterprise.system.core.security|_ThreadID=36;_ThreadName=Thread-2;ClassName=com.sun.enterprise.security.web.integration.WebSecurityManager; MethodName=hasResourcePermission;|[Web-Security] hasResource isGranted: true|#]
有什么想法吗?我可以启用更多调试吗?
谢谢
** * ** * ** * ** * ** * ***玻璃鱼文摘说明* ** * ****
Install a mysql database with yum.
Follow these instructions (with some changes, this blog is for FORM authentication so stop at step 4)
http://jugojava.blogspot.ie/2011/02/jdbc-security-realm-with-glassfish-and.html
Create the mysql database "realm_db" with the tables in the above blog
Using the Glassfish console UI, I created a JDBC Connection Pool and JDBC Resource for mysql database.
In the Pool Additional Properties, add in your mysql database properties as shown in the blog
On the server-config, Security page, I set "Default Realm" to jdbc-realm
IMPORTANT: When creating the JDBC security realm, use JAAS context of "jdbcDigestRealm" and JNDI of "jdbc/realm_db".
I left these fields blank, Digest Algorithm, Encoding, Charset, Password, Encryption Algormithm etc. and I put the passwords in the mysql database in clear text.
By the way, I used an up-to-date version of wget for testing because I read somewhere that older versions don't have proper RFC2617 DIGEST support. The version is 1.14 from Aug 12.
you need a driver file in $GLASSFISH_HOME/domains/domain1/lib. The file is called mysql-connector-java-3.1.13-bin.jar