Glassfish Web服务授权
[英]Glassfish web service authorization
问题描述
I've set up a web service using JAX-WS deployed to Glassfish 3.1.1. 
我已经使用部署到Glassfish 3.1.1的JAX-WS设置了Web服务。 I've managed to set up SSL with client certificates (mutual authentication), but I can't figure out how to do proper authorization. 我设法通过客户端证书(相互身份验证)设置了SSL,但是我不知道如何进行适当的授权。 I like to setup roles for read only access, for updating and deleting data. 我喜欢设置角色以进行只读访问,更新和删除数据。
The Java EE 6 Tutorial and the glassfish security guide state, that one cannot add users to certificate realm Java EE Tutorial . Java EE 6教程和Glassfish安全指南指出,不能将用户添加到证书领域Java EE教程 。 So what is the proper way to authorize users while using mutual authentication? 那么在使用相互身份验证时授权用户的正确方法是什么? Do I have to use usernames and passwords on top? 我必须在顶部使用用户名和密码吗?
1 个解决方案
解决方案1
1 已采纳 2012-04-23 11:08:39
Take a look at http://docs.oracle.com/cd/E18930_01/html/821-2435/ggktf.html#gksdc 看看http://docs.oracle.com/cd/E18930_01/html/821-2435/ggktf.html#gksdc
public class CertificateLM extends AppservCertificateLoginModule
{
protected void authenticateUser() throws LoginException
{
// get the DN from the X500Principal.
String dname = getX500Principal().getName();
// retrieve the groups of the DN from an external source, e.g. from LDAP
String[] groups = getGroupsFromLDAP( dname );
if( groups != null ) {
commitUserAuthentication( groups );
}
else {
throw new LoginException( "DN is unknown." );
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.