Wicket UI上的PicketBox EJB身份驗證
[英]PicketBox EJB Authentication on Wicket UI
問題描述
我正在使用EJB(在JBoss上)和Wicket作為UI層。 我向EJB添加了安全性,我的security.conf如下所示:
<application-policy name="my-security-domain">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties">META-INF/users.properties</module-option>
<module-option name="rolesProperties">META-INF/roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
在UI層中,我按照PicketBox身份驗證頁面中的說明使用PicketBox進行身份驗證: http : //community.jboss.org/wiki/PicketBoxAuthentication#PicketBox_Authentication_in_a_JBoss_Application_Server_5_environment
我的Wicket AuthenticatedWebSession子類如下所示:
private Subject subject;
private SecurityContext securityContext;
@Override
public boolean authenticate(String username,
String password)
{
boolean authenticated = false;
securityContext = null;
SecurityFactory.prepare();
try
{
String securityDomainName = "my-security-domain";
String configFile = "META-INF/security.conf";
PicketBoxConfiguration idtrustConfig = new PicketBoxConfiguration();
idtrustConfig.load(configFile);
//Note: This is the most important line where you establish a security context
securityContext = SecurityFactory.establishSecurityContext(securityDomainName);
AuthenticationManager am = securityContext.getAuthenticationManager();
subject = new Subject();
Principal principal = new SimplePrincipal(username);
Object credential = new String(password);
authenticated = am.isValid(principal, credential, subject);
securityContext.getUtil().createSubjectInfo(principal, credential, subject);
//You may make call outs to other components here*/
//DEBUG
for(Principal p : subject.getPrincipals())
{
LOGGER.debug("Principal: " + p.getName());
if(p instanceof Group)
{
Group g = (Group) p;
Enumeration<? extends Principal> members = g.members();
while(members.hasMoreElements())
{
Principal member = members.nextElement();
LOGGER.debug("Group name: " + member.getName());
}
}
}
}
catch(Exception e)
{
e.printStackTrace();
}
return authenticated;
}
到目前為止,到目前為止,我可以從UI通過服務器進行身份驗證。 但是,盡管我已經通過身份驗證,但是從UI層中其他位置對安全EJB的任何后續調用都將失敗,並顯示“無效用戶”。
我已經在獨立客戶端中測試了身份驗證,並且工作正常,以后可以調用安全的EJB。
我還嘗試了本文概述的身份驗證,並且UI仍然無法調用安全的EJB: http : //iocanel.blogspot.com/2010/09/karafs-jaas-modules-in-action.html
任何幫助將不勝感激。
親切的問候,
林氏
1 個解決方案
解決方案1
1 已采納 2011-11-07 23:19:41
mnie的一位同事建議我看一下Web層的安全配置。 我用以下配置解決了它:
jboss-web.xml:
<jboss-web>
<security-domain>java:/jaas/my-security-domain</security-domain>
</jboss-web>
web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>My Resource</web-resource-name>
<url-pattern>/app/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/login-error.html</form-error-page>
</form-login-config>
</login-config>
謝謝你們。
林氏
如何從部署到Websphere 6.1的EJB訪問身份驗證別名
[英]How to access authentication alias from EJB deployed to Websphere 6.1
使用JAX-WS for EJB 3.1的基本身份驗證的部署腳本
[英]Deployment secription of Basic Authentication with JAX-WS for EJB 3.1
如何在Wildfly 8上的Picketbox / Undertow中捕獲FailedLoginException以應用CORS
[英]How to catch FailedLoginException in Picketbox/Undertow on Wildfly 8 to apply CORS
具有基本身份驗證的EJB JAX-RPC Web服務如何獲取請求的用戶名和密碼
[英]Ejb jax-rpc web services with basic authentication how to get username and password of a request
防止在未成功驗證的情況下顯示 UI5 應用程序內部頁面
[英]Prevent showing the UI5 app internal page without successful authentication
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.