javaee IsUserInRole总是返回false jsf

时间:2014-01-18 17:24:26

标签: java jsf java-ee servlets

我在很多帖子中发现了这个问题,但我找不到解决方案。我基于领域进行了身份验证,并且映射了USERS和ADMINS两个角色。 登录正常,但如果我尝试使用

FacesContext context = FacesContext.getCurrentInstance();
    ExternalContext externalContext = context.getExternalContext();
    if(externalContext.getRemoteUser() != null && externalContext.isUserInRole("USERS")){
        return true;
    }
即使我已登录,

isUserInRole也始终返回false。我该如何解决这个问题?

这是web.xml文件

 <?xml version="1.0" encoding="UTF-8"?>
 <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1">
 <display-name>TravelDreamWeb</display-name>
  <welcome-file-list>
   <welcome-file>index.xhtml</welcome-file>
  </welcome-file-list>
  <servlet>
   <servlet-name>Faces Servlet</servlet-name>
   <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
   <load-on-startup>1</load-on-startup>
  </servlet>
<servlet-mapping>
  <servlet-name>Faces Servlet</servlet-name>
  <url-pattern>/faces/*</url-pattern>
  <url-pattern>*.jsf</url-pattern>
  <url-pattern>*.xhtml</url-pattern>
</servlet-mapping>

<login-config>
 <auth-method>FORM</auth-method>
 <realm-name>authJdbcRealm</realm-name>
    <form-login-config>
        <form-login-page>/index.xhtml</form-login-page>     
        <form-error-page>/loginError.xhtml</form-error-page>
    </form-login-config>
</login-config>
<security-constraint>
    <web-resource-collection>
        <web-resource-name>Admins Pages</web-resource-name>
        <description />
        <url-pattern>/admins/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>ADMINS</role-name>
    </auth-constraint>
</security-constraint>
<security-constraint>
    <web-resource-collection>
        <web-resource-name>Users Pages</web-resource-name>
        <description />
        <url-pattern>/users/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>USERS</role-name>
    </auth-constraint>

</security-constraint>


</web-app>

这是glassfish-application.xml 

  <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE glassfish-application PUBLIC "-//GlassFish.org//DTD
  GlassFish Application Server 3.1 Java EE Application 6.0//EN"
  "http://glassfish.org/dtds/glassfish-application_6_0-1.dtd">
 <glassfish-application>
<security-role-mapping>
    <role-name>USERS</role-name>
    <group-name>USERS</group-name>
</security-role-mapping>

<security-role-mapping>
    <role-name>ADMINS</role-name>
    <group-name>ADMINS</group-name>
</security-role-mapping>

<realm>authJdbcRealm</realm>


 </glassfish-application>

1 个答案:

答案 0 :(得分:4)

将以下内容添加到您的web.xml文件中:

<security-role>
    <role-name>USERS</role-name>
</security-role>
<security-role>
    <role-name>ADMINS</role-name>
</security-role>

如以下文档中所述: http://docs.oracle.com/javaee/6/tutorial/doc/gkbaa.html#bncav

相关问题
最新问题