JDBC Realm Form Authentication

2018-06-07 04:42:49

I'm trying to use JDBC Realm Form Authentication to set security for my application, but it doesn't work. When i'm trying to login the page just reloads I don't get errors, there is nothing in logs.

Here is web.xml

<error-page>
    <error-code>403</error-code>
    <location>/faces/views/errors/403.xhtml</location>
</error-page>

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>jdbcRealm</realm-name>
    <form-login-config>
        <form-login-page>/faces/views/account/login.xhtml</form-login-page>
        <form-error-page>/faces/views/account/loginerror.xhtml</form-error-page>
    </form-login-config>
</login-config>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Admin user</web-resource-name>
        <url-pattern>/faces/views/admin/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Admin user</web-resource-name>
        <url-pattern>/faces/views/users/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
        <role-name>guest</role-name>
    </auth-constraint>
</security-constraint>

Here is glassfish-web.xml

<security-role-mapping>
    <role-name>admin</role-name>
    <group-name>admin</group-name>
</security-role-mapping>

<security-role-mapping>
    <role-name>guest</role-name>
    <group-name>guest</group-name>
</security-role-mapping>

Form

  <form method="POST" action="j_security_check">
                    Username: <input type="text" name="j_username" />
                    Password: <input type="password" name="j_password" />


                    <input type="submit" value="Login" />
                    <input type="reset" value="Reset" />
                </form>

JAAS Context: jdbcRealm

JNDI: jdbc/kyrspr

User Table: USER

User Name Column: NAME

Password Column: PASSWORD

Group Table: USERS_GROUP

Group Name Column: GROUP_NAME

Password Encryption Algorithm: MD5

And database tables

CREATE TABLE user (
    ADDRESS VARCHAR(255),
    EMAIL VARCHAR(255),
    IMAGE VARCHAR(255),
    NAME VARCHAR(255) PRIMARY KEY NOT NULL,
    PASSWORD VARCHAR(255),
    RATING DOUBLE,
    SPECIALLITY_ID BIGINT(20) ); CREATE UNIQUE INDEX user_NAME_uindex ON user (NAME);


CREATE TABLE users_group
(
    USER_ID VARCHAR(255),
    GROUP_NAME VARCHAR(15) NOT NULL,
    group_id BIGINT(20) PRIMARY KEY NOT NULL,
    CONSTRAINT users_group_user_NAME_fk FOREIGN KEY (USER_ID) REFERENCES user (NAME)
);
CREATE UNIQUE INDEX users_group_group_id_uindex ON users_group (group_id);
CREATE INDEX users_group_user_NAME_fk ON users_group (USER_ID);

But do you have realm itself? Try to do something like (this example for GF + mysql)

$ export $DB_USER=my_user

$ export $DB_PASSWORD=my_password

$ $GLASSFISH_HOME/bin/asadmin create-auth-realm --classname com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm --property db-user=$DB_USER:db-password=$DB_PASSWORD:jaas-context=jdbcRealm:password-column=password:datasource-jndi=jdbc/myds:group-table=users:user-table=users:group-name-column=username:digest-algorithm=none:user-name-column=username myRealm

For more information check asadmin create-auth-realm documentation.

链接地址: http://www.djcxy.com/p/22094.html

上一篇: 使用单个表进行JDBC领域验证

下一篇: JDBC领域表单身份验证