[英]Setup JSF application on JBoss 7.1
I want to deploy a working JSF appliction (Tomcat 7.0.34) on JBoss 7.1 I have configured the datasource so far, which is working. 我想在JBoss 7.1上部署有效的JSF应用程序(Tomcat 7.0.34),到目前为止,我已经配置了数据源,并且该数据源正在运行。 But I have troubles by setting up the container managed authentication. 但是我通过设置容器管理的身份验证遇到了麻烦。 By calling the index.xhtml, all items are properly loaded from DB. 通过调用index.xhtml,可以从数据库正确加载所有项目。 But when I do a login, the user doesn't get any role. 但是,当我登录时,用户没有任何作用。 So he isn't allowed to access his customer details page. 因此,不允许他访问他的客户详细信息页面。 Thus I want to ask whether, I forgot something to configure. 因此,我想问一问,是否忘记了要配置的内容。
My configuration: 我的配置:
standalone.xml standalone.xml
The security-domain seems to be working properly. 安全域似乎工作正常。 If I change the selected column 'role' to 'r' an exception is thrown during the login. 如果我将选定的列“ role”更改为“ r”,则在登录过程中会引发异常。
...
<datasource jndi-name="java:jboss/datasources/MySqlDS" pool-name="MySqlDS" enabled="true" use-java-context="true" use-ccm="true">
<connection-url>jdbc:mysql://localhost:3306/bookstore</connection-url>
<driver>mysql</driver>
<security>
<user-name>bookstore</user-name>
<password>book$tore</password>
</security>
</datasource>
...
<security-domain name="SgpRealm" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/MySqlDS"/>
<module-option name="principalsQuery" value="SELECT pwd FROM customer where eMail=?"/>
<module-option name="rolesQuery" value="SELECT role, role FROM roles WHERE eMail=?"/>
<module-option name="unauthenticatedIdentity" value="anonymous"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
The jboss-web.xml jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss>
<security-domain>SgpRealm</security-domain>
</jboss>
The web.xml web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Authenticated admins only</web-resource-name>
<url-pattern>/faces/sections/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ADMIN</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/faces/sections/authentication/login.xhtml</form-login-page>
<form-error-page>/faces/sections/authentication/loginFailed.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>ADMIN</role-name>
</security-role>
The login.xhtml login.xhtml
<h:form prependId="false">
<table id="loginTable" >
<tr>
<td><h:outputLabel for="email" value="#{msgs.username}" />
</td>
<td><h:inputText id="email" value="#{login.eMail}"
required="true" style="width:100%" /></td>
</tr>
<tr>
<td><h:outputLabel for="password" value="#{msgs.password}" />
</td>
<td><h:inputSecret id="password" value="#{login.password}"
required="true" style="width:100%" /></td>
</tr>
<tr height="50px">
<td colspan="2"><h:commandButton value="#{msgs.login}"
actionListener="#{login.doLogin}" style="width:104%" /></td>
</tr>
</table>
</h:form>
The Login.java#doLogin(...) method Login.java#doLogin(...)方法
public void doLogin(ActionEvent e) throws IOException {
FacesContext context = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest) context
.getExternalContext().getRequest();
try {
// Try to login customer via container management
request.login(eMail, password);
/*
* Prints out the username (eMail) of the logged in user !!!
*/
System.out.println(request.getUserPrincipal());
if(request.isUserInRole("ADMIN")){
/*
* This part of source is never reached!!!!
*/
System.out.println("Role: ADMIN");
}
...
By using the Tomcat instance there was a file called context.xml within the META-INF dir. 通过使用Tomcat实例,在META-INF目录中有一个名为context.xml的文件。 (For JBoss I deleted it) (对于JBoss,我删除了它)
<Context>
<Resource name="jdbc/bookstore"
auth="Container"
type="javax.sql.DataSource"
username="bookstore"
password="book$tore"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost/bookstore"/>
</Context>
Do I need sth. 我需要……吗? similar for JBoss, or is there any additional configuration file neeeded? 与JBoss类似,还是需要其他配置文件?
Thanks a bunch! 谢谢一群!
So, my Application is now running on JBoss. 因此,我的应用程序现在正在JBoss上运行。 I just changed the security-domain from 我只是将安全域从
<security-domain name="SgpRealm" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/MySqlDS"/>
<module-option name="principalsQuery" value="SELECT pwd FROM customer where eMail=?"/>
<module-option name="rolesQuery" value="SELECT role, role FROM roles WHERE eMail=?"/>
<module-option name="unauthenticatedIdentity" value="anonymous"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
to 至
<security-domain name="SgpRealm" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/MySqlDS"/>
<module-option name="principalsQuery" value="SELECT pwd FROM customer where eMail=?"/>
<module-option name="rolesQuery" value="SELECT role, role FROM roles WHERE eMail=?"/>
</login-module>
</authentication>
The file context.xml is still deleted. 文件context.xml仍被删除。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.