有人在愤怒时使用Glassfish 3.1.2进行HTTP DIGEST身份验证吗?
我让它工作得很好,或者我认为......直到我发现它的行为不稳定...... 它的工作量可能是10次中的9次,但未能在第10次验证。
当我使用wget作为客户端在具有相同凭据和相同Java EE应用程序的同一台机器上进行测试时(事实上,这是一个REST Web服务,但我也遇到了其他应用程序的问题。) 我在本地跑了wget。
我的Glassfish机器只为那些wget请求提供服务,它没有做太多其他事情!
我没有理由相信wget偶尔会行为不端。我在其中一次失败的情况下手工计算了请求摘要(来自wget HTTP调试),只是为了确定。看起来很好。
当我使用debug运行wget时,我可以看到它在没有凭据的情况下第一次失败 凭借凭证取得成功。然而,在10次或其中的一次,它第二次失败 也是(这里显示调试。)
[writing POST file request.xml ... done]
HTTP request sent, awaiting response...
---response begin---
HTTP/1.1 401 Unauthorized
X-Powered-By: Servlet/3.0 JSP/2.2 (GlassFish Server Open Source Edition
3.1.2 Java/Sun Microsystems Inc./1.6)
Server: GlassFish Server Open Source Edition 3.1.2
WWW-Authenticate: Digest realm="jdbc-realm",qop="auth",nonce="1377101691098:d07adb4a1421a265f3aa36bd99df7f6ef8c7a6e7887eb7d876e6b5ce079d1126",
opaque="C26EED99B0A8C0BCA16900215CCD241F"
Content-Type: text/html
Content-Length: 1069
Date: Wed, 21 Aug 2013 16:14:50 GMT
---response end---
401 Unauthorized
Skipping 1069 bytes of body: [<!DOCTYPE html P...
我为javax.enterprise.system.core.security.level = FINE设置了调试
我没有看到任何错误消息......但我确实注意到,对于“好”的wget,“hasResourcePermission”被调用3次,2次返回false,1次返回true。
然而,对于“坏”的wget调用,它只被调用2次返回false。
| FINE | glassfish3.1.2 | javax.enterprise.system.core.security | _ThreadID = 36; _ThreadName = Thread-大于2; 类名= com.sun.enterprise.security.web.integration.WebSecurityManager; MethodName = hasResourcePermission; | [Web-Security] hasResource isGranted:false |#]
| FINE | glassfish3.1.2 | javax.enterprise.system.core.security | _ThreadID = 36; _ThreadName = Thread- 2;类名= com.sun.enterprise.security.web.integration.WebSecurityManager; MethodName = hasResourcePermission; | [Web-Security] hasResource isGranted:false |#]
只有好的案例
| FINE | glassfish3.1.2 | javax.enterprise.system.core.security | _ThreadID = 36; _ThreadName = Thread- 2;类名= com.sun.enterprise.security.web.integration.WebSecurityManager; MethodName = hasResourcePermission; | [Web-Security] hasResource isGranted:true |#]
任何想法?我可以启用更多调试吗?
感谢
的 的 ** * ** * ** * 的** * ** * *** GLASSFISH DIGEST INSTRUCTIONS * ** * ****
Install a mysql database with yum.
Follow these instructions (with some changes, this blog is for FORM authentication so stop at step 4)
http://jugojava.blogspot.ie/2011/02/jdbc-security-realm-with-glassfish-and.html
Create the mysql database "realm_db" with the tables in the above blog
Using the Glassfish console UI, I created a JDBC Connection Pool and JDBC Resource for mysql database.
In the Pool Additional Properties, add in your mysql database properties as shown in the blog
On the server-config, Security page, I set "Default Realm" to jdbc-realm
IMPORTANT: When creating the JDBC security realm, use JAAS context of "jdbcDigestRealm" and JNDI of "jdbc/realm_db".
I left these fields blank, Digest Algorithm, Encoding, Charset, Password, Encryption Algormithm etc. and I put the passwords in the mysql database in clear text.
By the way, I used an up-to-date version of wget for testing because I read somewhere that older versions don't have proper RFC2617 DIGEST support. The version is 1.14 from Aug 12.
you need a driver file in $GLASSFISH_HOME/domains/domain1/lib. The file is called mysql-connector-java-3.1.13-bin.jar