身份验证失败:JBoss EAP 6.1中的JDBC领域

时间:2013-09-08 17:42:46

标签: mysql jdbc jboss

我在JBoss中设置了一个JDBC领域来处理Web应用程序中的用户身份验证/授权。我没有收到任何错误消息,但是两个测试用户的授权都失败了,我很难理解为什么。

该项目是将JBoss和Tomcat上的JDBC安全领域的论坛帖子结合在一起的结果,所以我完全有可能错过了一些东西,但我再也看不到树木了。

Standalone.xml的相关部分(JBoss管理控制台显示数据库连接和池正常,所以我知道驱动程序安装正确):

<datasource jndi-name="java:jboss/datasources/MySqlDS" pool-name="MySqlDS">
    <connection-url>jdbc:mysql://localhost:3306/securitytest</connection-url>
    <driver-class>com.mysql.jdbc.Driver</driver-class>
    <driver>com.mysql</driver>
    <transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation>
    <pool>
        <min-pool-size>10</min-pool-size>
        <max-pool-size>100</max-pool-size>
        <prefill>true</prefill>
    </pool>
    <security>
        <user-name>jboss_as</user-name>
        <password>test</password>
    </security>
    <statement>
        <prepared-statement-cache-size>32</prepared-statement-cache-size>
        <share-prepared-statements>true</share-prepared-statements>
    </statement>
</datasource>
<drivers>
    <driver name="h2" module="com.h2database.h2">
        <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
    </driver>
    <driver name="com.mysql" module="com.mysql">
        <xa-datasource-class>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</xa-datasource-class>
    </driver>
</drivers>
....
<security-domain name="JDBCRealm" cache-type="default">
    <authentication>
        <login-module code="Database" flag="required">
            <module-option name="dsJndiName" value="java:jboss/datasources/MysqlDS"/>
            <module-option name="principalsQuery" value="select user_password from USERS where user_name=?"/>
            <module-option name="rolesQuery" value="select role_name, 'Roles' from  ROLES where user_name=?"/>
        </login-module>
    </authentication>
</security-domain>

MySQL测试数据库(securitytest)包含两个表(用户 - 三列ID,用户名,密码和角色 - 三列:ID,user_name,role_name,group_name)我用“user”和“admin”两者填充了这些表用“密码”作为密码。 Role_name和group_name设置为相应用户的名称。参赛作品是明文(目前)

的web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="WebApp_ID" version="2.5">

<!-- Roles -->
<security-role>
    <description>Administrators</description>
    <role-name>admin</role-name>
</security-role>
<security-role>
    <description>Management</description>
    <role-name>mgmt</role-name>
</security-role>

<!--  Resource/role mapping -->
<security-constraint>
    <display-name>Admin Pages</display-name>
    <web-resource-collection>
        <web-resource-name>Protected Admin Area</web-resource-name>
        <description />
        <url-pattern>/admin/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
        <http-method>HEAD</http-method>
        <http-method>PUT</http-method>
        <http-method>OPTIONS</http-method>
        <http-method>TRACE</http-method>
        <http-method>DELETE</http-method>
    </web-resource-collection>
    <auth-constraint>
        <description>For administrators only</description>
        <role-name>admin</role-name>
    </auth-constraint>
    <user-data-constraint>
        <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
</security-constraint>
<security-constraint>
    <display-name>All Access</display-name>
    <web-resource-collection>
        <web-resource-name>Unprotected User Area</web-resource-name>
        <description>Open access for all users</description>
        <url-pattern>/users/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
        <http-method>HEAD</http-method>
        <http-method>PUT</http-method>
        <http-method>OPTIONS</http-method>
        <http-method>TRACE</http-method>
        <http-method>DELETE</http-method>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
</security-constraint>

<!-- Login prompt -->
<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>JDBCRealm</realm-name>
    <form-login-config>
        <form-login-page>/login.xhtml</form-login-page>
        <form-error-page>/loginerror.xhtml</form-error-page>
    </form-login-config>
</login-config>
</web-app>

jboss.xml(在WEB-INF目录中):

<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
    <security-domain>java:/jaas/JDBCRealm</security-domain>
</jboss-web>

最后,login.xhtml:

<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:p="http://primefaces.prime.com.tr/ui"
xmlns:h="http://java.sun.com/jsf/html">
<h:head>
<title>Login Form</title>
</h:head>
<h:body>
<p:panel header="Login From">
<form method="post" action="j_security_check">
Username: <input type="text" name="j_username" />
Password: <input type="password" name="j_password" />
<br />
<input type="submit" value="Login" />
<input type="reset" value="Reset" />
</form> 

</p:panel>
</h:body>
</html>

如果有人有任何想法,我会非常感激,因为我正在撕裂我的头发。我确定我做了一些愚蠢的事情,我只是看不到它。

干杯!

1 个答案:

答案 0 :(得分:0)

这可能有助于您以正确的方式进行配置。

http://middlewaremagic.com/jboss/?p=2187

相关问题
最新问题