我还是 JasperReports Server 和 Spring 安全技术的新手。
我尝试修改jasper服务器提供的 sample-applicationContext-externalAuth-db.xml 文件,并将其部署到 jasperserver.war中的 WEB-INF 文件夹中文件,根据 jasperreportsserver-auth-cookbook 。当我尝试使用外部数据库中定义的用户登录 JR服务器时,出现以下错误:
[org.springframework.security.event.authentication.LoggerListener] (http-localhost-127.0.0.1-8080-2)
Authentication event AuthenticationFailureBadCredentialsEvent: criser;
details: org.springframework.security.ui.WebAuthenticationDetails@fffed504:
RemoteIpAddress: 127.0.0.1; SessionId: 8RGV5wfImGpJLM3NDsxx0Koc.undefined;
exception: Bad credentials.
我的外部数据库将密码存储为纯文本。这是我的 applicationContext-externalAuth-db.xml :
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd">
<!-- ########## External JDBC Auth ###########
- Sample configuration of JasperServer authentication via an external database
-->
<bean id="proxyAuthenticationProcessingFilter" class="com.jaspersoft.jasperserver.api.security.externalAuth.BaseAuthenticationProcessingFilter">
<property name="authenticationManager">
<ref local="dbAuthenticationManager"/>
</property>
<property name="externalDataSynchronizer">
<ref local="externalDataSynchronizer"/>
</property>
<property name="sessionRegistry">
<ref bean="sessionRegistry"/>
</property>
<property name="internalAuthenticationFailureUrl" value="/login.html?error=15"/>
<property name="defaultTargetUrl" value="/loginsuccess.html"/>
<property name="invalidateSessionOnSuccessfulAuthentication" value="true"/>
<property name="migrateInvalidatedSessionAttributes" value="true"/>
</bean>
<bean id="proxyAuthenticationSoapProcessingFilter"
class="com.jaspersoft.jasperserver.api.security.externalAuth.DefaultAuthenticationSoapProcessingFilter">
<property name="authenticationManager" ref="dbAuthenticationManager"/>
<property name="externalDataSynchronizer" ref="externalDataSynchronizer"/>
<property name="invalidateSessionOnSuccessfulAuthentication" value="true"/>
<property name="migrateInvalidatedSessionAttributes" value="true"/>
</bean>
<bean id="proxyBasicProcessingFilter"
class="com.jaspersoft.jasperserver.api.security.externalAuth.ExternalAuthBasicProcessingFilter">
<property name="authenticationManager" ref="dbAuthenticationManager"/>
<property name="externalDataSynchronizer" ref="externalDataSynchronizer"/>
<property name="authenticationEntryPoint">
<ref local="basicProcessingFilterEntryPoint"/>
</property>
</bean>
<bean id="proxyAuthenticationRestProcessingFilter" class="com.jaspersoft.jasperserver.api.security.externalAuth.DefaultAuthenticationRestProcessingFilter">
<property name="authenticationManager">
<ref local="dbAuthenticationManager"/>
</property>
<property name="externalDataSynchronizer">
<ref local="externalDataSynchronizer"/>
</property>
<property name="filterProcessesUrl" value="/rest/login"/>
<property name="invalidateSessionOnSuccessfulAuthentication" value="true"/>
<property name="migrateInvalidatedSessionAttributes" value="true"/>
</bean>
<bean id="dbAuthenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref bean="externalDaoAuthenticationProvider"/>
<ref bean="${bean.daoAuthenticationProvider}"/>
</list>
</property>
</bean>
<bean id="externalDaoAuthenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService"><ref bean="externalUserDetailsService"/></property>
</bean>
<bean id="externalUserDetailsService" class="com.jaspersoft.jasperserver.api.security.externalAuth.db.ExternalJDBCUserDetailsService">
<property name="dataSource" ref="externalDataSource"/>
<property name="usersByUsernameQuery" value="SELECT USERNAME as username, PASSW as password, true as enabled from DEVELOPMENT.SYS_USERS where (LOCKED=FALSE OR LOCKED IS NULL) AND USERNAME = ?"/>
<property name="authoritiesByUsernameQuery" value="SELECT DISTINCT U.username as username, F.method_name as rolename FROM DEVELOPMENT.SYS_USERS U, DEVELOPMENT.SYS_USER_GROUP UG, DEVELOPMENT.SYS_GROUP_FUNCTION GF, DEVELOPMENT.SYS_FUNCTIONS F WHERE U.ID = UG.USER_ID AND UG.GROUP_ID = GF.GROUP_ID AND GF.FUNCTION_ID = F.ID AND f.METHOD_NAME = 'REPORT' AND U.USERNAME = ?"/>
</bean>
<!-- ########## External JDBC Auth ########### -->
<!-- ############ Synchronizer ############ -->
<bean id="externalDataSynchronizer"
class="com.jaspersoft.jasperserver.api.security.externalAuth.ExternalDataSynchronizerImpl">
<property name="externalUserDetailsService">
<ref bean="externalUserDetailsService"/>
</property>
<property name="externalUserProcessors">
<list>
<ref local="externalUserSetupProcessor"/>
<!-- Example processor for creating user folder.
Other custom processors can be created and
added to the list.-->
<!--<ref local="externalUserFolderProcessor"/>-->
</list>
</property>
</bean>
<bean id="abstractExternalProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.AbstractExternalUserProcessor" abstract="true">
<property name="repositoryService" ref="${bean.repositoryService}"/>
<property name="userAuthorityService" ref="${bean.userAuthorityService}"/>
<property name="tenantService" ref="${bean.tenantService}"/>
<property name="profileAttributeService" ref="profileAttributeService"/>
<property name="objectPermissionService" ref="${bean.objectPermissionService}"/>
</bean>
<bean id="externalUserSetupProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.ExternalUserSetupProcessor" parent="abstractExternalProcessor">
<property name="userAuthorityService">
<ref bean="${bean.internalUserAuthorityService}"/>
</property>
<property name="organizationRoleMap">
<map>
<entry>
<key>
<value>ROLE_REPORT</value>
</key>
<value>ROLE_ADMIN</value>
</entry>
<!-- Mapping customers roles to JS roles Example -->
<!--<entry>-->
<!--<key>-->
<!-- Сustomer role(with adding ROLE_ prefix) which need to be mapped to root JS roles -->
<!--<value>ROLE_ADMIN</value>-->
<!--</key>-->
<!-- root JS role customer role to be mapped to -->
<!--<value>ROLE_ADMINISTRATOR</value>-->
<!--</entry>-->
</map>
</property>
<property name="defaultInternalRoles">
<list>
<value>ROLE_USER</value>
</list>
</property>
</bean>
<bean id="externalUserFolderProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.ExternalUserFolderProcessor" parent="abstractExternalProcessor">
<property name="repositoryService" ref="${bean.unsecureRepositoryService}"/>
</bean>
<!-- ############ Synchronizer ############ -->
<!-- ############## external dataSource ############### -->
<bean id="externalDataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="org.postgresql.Driver"/>
<property name="url" value="jdbc:postgresql://192.168.1.152:5432/development"/>
<property name="username" value="master"/>
<property name="password" value="password12"/>
</bean>
<!-- ############## external dataSource ############### -->
</beans>
我想知道为什么我会收到“不良凭证”的例外情况。我尝试在 WEB-INF 文件夹中配置 log4j.properties 以获取有关该问题的更多详细信息,但除了<之外我无法获得更多输出/ p>
17:01:07,153 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,152 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:228 - Custom ESAPI security configuration is used.
17:01:07,160 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,160 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:431 - Attempting to load ESAPI.properties via file I/O.
17:01:07,168 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,167 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:527 - Attempting to load ESAPI.properties as resource file via file I/O.
17:01:07,182 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,176 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:543 - Not found in 'org.owasp.esapi.resources' directory or file not readable: C:\Program Files\jboss-as-7.1.1.Final\bin\ESAPI.properties
17:01:07,185 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,184 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:563 - Not found in SystemResource Directory/resourceDirectory: .esapi\ESAPI.properties
17:01:07,198 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,192 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:587 - Not found in 'user.home' (C:\Users\daniel.cristea) directory: C:\Users\daniel.cristea\esapi\ESAPI.properties
17:01:07,209 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,201 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:436 - Loading ESAPI.properties via file I/O failed.
17:01:07,218 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,211 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:437 - Attempting to load ESAPI.properties via the classpath.
17:01:07,251 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,244 WARN JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:652 - SUCCESSFULLY LOADED ESAPI.properties via the CLASSPATH from 'esapi/' using current thread context class loader!
17:01:07,262 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,257 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:457 - Attempting to load validation.properties via file I/O.
17:01:07,271 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,264 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:527 - Attempting to load validation.properties as resource file via file I/O.
17:01:07,282 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,274 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:543 - Not found in 'org.owasp.esapi.resources' directory or file not readable: C:\Program Files\jboss-as-7.1.1.Final\bin\validation.properties
17:01:07,291 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,285 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:563 - Not found in SystemResource Directory/resourceDirectory: .esapi\validation.properties
17:01:07,301 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,294 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:587 - Not found in 'user.home' (C:\Users\daniel.cristea) directory: C:\Users\daniel.cristea\esapi\validation.properties
17:01:07,312 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,304 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:462 - Loading validation.properties via file I/O failed.
17:01:07,318 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,317 INFO JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:463 - Attempting to load validation.properties via the classpath.
17:01:07,346 INFO [stdout] (http-localhost-127.0.0.1-8080-2) 2013-08-10 17:01:07,345 WARN JSESAPISecurityConfiguration,http-localhost-127.0.0.1-8080-2:652 - SUCCESSFULLY LOADED validation.properties via the CLASSPATH from 'esapi/' using current thread context class loader!
我想知道是否有任何方法可以找出“错误凭据”错误的来源。