JAAS真的需要身份验证吗?
[英]Is JAAS really required for authentication?
问题描述
If this is one of the best ways to authenticate a user in Java EE 6. 
如果这是在Java EE 6中验证用户身份的最佳方法之一。
Are there any good reasons to use JAAS in authentication/user login? 有没有充分的理由在身份验证/用户登录中使用JAAS? Talking about package: 谈论包装:
javax.security.auth
JAAS application to a simple webapp isn't trivial so that's why I'm asking. JAAS应用于一个简单的webapp并不是一件容易的事情,所以这就是我要问的原因。 Here is an example. 这是一个例子。
It might be needed for authorization anyways. 无论如何,可能需要授权。
1 个解决方案
解决方案1
3 已采纳 2012-11-15 16:28:06
If you're going to rely on the container to enforce authorization through the use of @RolesAllowed annotations, then the answer is yes, you will need JAAS. 如果您将依靠容器通过使用@RolesAllowed注释来强制执行授权,那么答案是肯定的,您将需要JAAS。
As to whether it is complex or not, it really depends on the LoginModule implementation that you'll be using. 至于它是否复杂,它实际上取决于您将使用的LoginModule实现。 Containers do come with LoginModule implementations out of the box, especially to authenticate against identity stores like files, LDAP servers or databases. 容器确实带有开箱即用的LoginModule实现,尤其是对文件,LDAP服务器或数据库等身份存储进行身份验证。 If that is all you require, you could be using those instead of wiring up your own implementation. 如果这就是您所需要的,那么您可以使用它们而不是连接您自己的实现。
If you really want to write a LoginModule like Antonio Goncalves has done, you'll need to understand the role of a LoginModule and JAAS. 如果你真的想写一个类似Antonio Goncalves的LoginModule ,你需要了解LoginModule和JAAS的作用。 His module uses the CustomerService built into his app during the authentication process. 他的模块在身份验证过程中使用内置于其应用程序中的CustomerService 。 The module simply looks up the CustomerService bean through the CDI BeanManager and delegates all authentication requests to the findCustomer(username, password) method. 该模块只是通过CDI BeanManager查找CustomerService bean,并将所有身份验证请求委托给findCustomer(username, password)方法。 A LoginException is thrown if no customer is found for the provided credentials. 如果找不到提供的凭据的客户,则抛出LoginException 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.