我在 JBoss 中设置了一个 JDBC 领域来处理 Web 应用程序中的用户身份验证/授权。我没有收到任何错误消息,但两个测试用户的授权都失败了,我很难理解为什么。
该项目是在 JBoss 和 Tomcat 上将 JDBC 安全领域上的论坛帖子汇总在一起的结果,所以我完全有可能错过了一些东西,但我再也看不到树木了。
Standalone.xml 中的相关部分(JBoss 管理控制台显示数据库连接和池正常,所以我知道驱动程序安装正确):
<datasource jndi-name="java:jboss/datasources/MySqlDS" pool-name="MySqlDS">
<connection-url>jdbc:mysql://localhost:3306/securitytest</connection-url>
<driver-class>com.mysql.jdbc.Driver</driver-class>
<driver>com.mysql</driver>
<transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation>
<pool>
<min-pool-size>10</min-pool-size>
<max-pool-size>100</max-pool-size>
<prefill>true</prefill>
</pool>
<security>
<user-name>jboss_as</user-name>
<password>test</password>
</security>
<statement>
<prepared-statement-cache-size>32</prepared-statement-cache-size>
<share-prepared-statements>true</share-prepared-statements>
</statement>
</datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
<driver name="com.mysql" module="com.mysql">
<xa-datasource-class>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</xa-datasource-class>
</driver>
</drivers>
....
<security-domain name="JDBCRealm" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/MysqlDS"/>
<module-option name="principalsQuery" value="select user_password from USERS where user_name=?"/>
<module-option name="rolesQuery" value="select role_name, 'Roles' from ROLES where user_name=?"/>
</login-module>
</authentication>
</security-domain>
MySQL 测试数据库 (securitytest) 包含两个表(用户 - 三列 ID、用户名、密码和角色 - 三列:ID、用户名、角色名、组名),我用“用户”和“管理员”填充了这些“密码” "作为密码。Role_name 和 group_name 设置为各自用户的名称。条目是明文(当前)
网页.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="WebApp_ID" version="2.5">
<!-- Roles -->
<security-role>
<description>Administrators</description>
<role-name>admin</role-name>
</security-role>
<security-role>
<description>Management</description>
<role-name>mgmt</role-name>
</security-role>
<!-- Resource/role mapping -->
<security-constraint>
<display-name>Admin Pages</display-name>
<web-resource-collection>
<web-resource-name>Protected Admin Area</web-resource-name>
<description />
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description>For administrators only</description>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>All Access</display-name>
<web-resource-collection>
<web-resource-name>Unprotected User Area</web-resource-name>
<description>Open access for all users</description>
<url-pattern>/users/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<!-- Login prompt -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>JDBCRealm</realm-name>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/loginerror.xhtml</form-error-page>
</form-login-config>
</login-config>
</web-app>
jboss.xml(在 WEB-INF 目录中):
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/JDBCRealm</security-domain>
</jboss-web>
最后,login.xhtml:
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:p="http://primefaces.prime.com.tr/ui"
xmlns:h="http://java.sun.com/jsf/html">
<h:head>
<title>Login Form</title>
</h:head>
<h:body>
<p:panel header="Login From">
<form method="post" action="j_security_check">
Username: <input type="text" name="j_username" />
Password: <input type="password" name="j_password" />
<br />
<input type="submit" value="Login" />
<input type="reset" value="Reset" />
</form>
</p:panel>
</h:body>
</html>
如果有人有任何想法,我会非常感激,因为我正在撕扯我的头发。我确定我做了一些愚蠢的事情,我只是看不到它。
干杯!