JDBC领域表单身份验证

 

我试图使用JDBC领域表单身份验证来为我的应用程序设置安全性,但它不起作用。 当我试图登录页面只是重新加载我没有得到错误,没有在日志中。

这里是web.xml 

<error-page>
    <error-code>403</error-code>
    <location>/faces/views/errors/403.xhtml</location>
</error-page>

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>jdbcRealm</realm-name>
    <form-login-config>
        <form-login-page>/faces/views/account/login.xhtml</form-login-page>
        <form-error-page>/faces/views/account/loginerror.xhtml</form-error-page>
    </form-login-config>
</login-config>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Admin user</web-resource-name>
        <url-pattern>/faces/views/admin/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Admin user</web-resource-name>
        <url-pattern>/faces/views/users/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
        <role-name>guest</role-name>
    </auth-constraint>
</security-constraint>

这里是glassfish-web.xml 

<security-role-mapping>
    <role-name>admin</role-name>
    <group-name>admin</group-name>
</security-role-mapping>

<security-role-mapping>
    <role-name>guest</role-name>
    <group-name>guest</group-name>
</security-role-mapping>

形成 

  <form method="POST" action="j_security_check">
                    Username: <input type="text" name="j_username" />
                    Password: <input type="password" name="j_password" />


                    <input type="submit" value="Login" />
                    <input type="reset" value="Reset" />
                </form>
  • JAAS上下文:jdbcRealm
  • JNDI:jdbc / kyrspr
  • 用户表:USER
  • 用户名列:NAME
  • 密码栏:密码
  • 组表:USERS_GROUP
  • 组名称列:GROUP_NAME
  • 密码加密算法:MD5

    • 和数据库表 

    CREATE TABLE user (
    ADDRESS VARCHAR(255),
    EMAIL VARCHAR(255),
    IMAGE VARCHAR(255),
    NAME VARCHAR(255) PRIMARY KEY NOT NULL,
    PASSWORD VARCHAR(255),
    RATING DOUBLE,
    SPECIALLITY_ID BIGINT(20) ); CREATE UNIQUE INDEX user_NAME_uindex ON user (NAME);


CREATE TABLE users_group
(
    USER_ID VARCHAR(255),
    GROUP_NAME VARCHAR(15) NOT NULL,
    group_id BIGINT(20) PRIMARY KEY NOT NULL,
    CONSTRAINT users_group_user_NAME_fk FOREIGN KEY (USER_ID) REFERENCES user (NAME)
);
CREATE UNIQUE INDEX users_group_group_id_uindex ON users_group (group_id);
CREATE INDEX users_group_user_NAME_fk ON users_group (USER_ID);

    但是你有自己的领域吗? 尝试做一些事情(例如GF + mysql)

    $ export $ DB_USER = my_user

    $ export $ DB_PASSWORD = my_password

    $ $ GLASSFISH_HOME / bin / asadmin create-auth-realm --classname com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm --property db-user = $ DB_USER:db-password = $ DB_PASSWORD:jaas-context = jdbcRealm:密码列=密码:数据源-JNDI = JDBC / myds:组表=用户:用户表=用户:组名称列=用户名:摘要算法=无:用户名栏=用户名MYREALM

    有关更多信息,请查看asadmin create-auth-realm文档。

    链接地址: http://www.djcxy.com/p/22093.html

    上一篇: JDBC Realm Form Authentication

    下一篇: Can't create jdbc realm in Glassfish 4