验证用户时出现Apache Shiro SQL错误

时间:2016-11-30 14:49:51

标签: java sql-server web-services security shiro

我正在尝试连接数据库,以便使用Apache Shiro对用户进行身份验证。我有一个servlet调用java类来执行此任务。现在它只是在成功进行身份验证后更改字符串。我尝试了许多不同的连接方法:数据池,jtds,Microsoft Sql Server JDBC,并且都给我错误:

  

验证用户[user1]

时出现SQL错误

我的日志文件也显示此错误:

  

警告:RAR5058:调整池SQLS1-TestBilling时出错。例外:无法分配连接,因为:与主机SQLS1,端口1433的TCP / IP连接失败。错误:“null。验证连接属性。确保在主机上运行SQL Server实例并接受端口上的TCP / IP连接。确保防火墙不阻止与端口的TCP连接。”

我能够在servlet中使用TestBilling连接池,所以我不认为它是池的问题,但似乎无法使用ini文件声明来使用SQL。有什么我想念,忘记做或做错了吗?

以下是相关文件:

GetAuthServlet.java: 

package com.phmc.shiro5web;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class GetAuthServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        out.println("<!DOCTYPE html>");
        out.println("<html>");
        out.println("<head>");
        out.println("<title>Auth</title>");            
        out.println("</head>");
        out.println("<body>");
        AuthenticationClass au = new AuthenticationClass();

        String b = ""; 
        b = au.isAuthenticated("mmarino", "test");
        out.println(b);
        out.println("</body>");
        out.println("</html>");
}

AuthenticationClass.java: 

package com.phmc.shiro5web;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class AuthenticationClass {
    private static final transient Logger log = LoggerFactory.getLogger(Authentication.class);



    String isAuthenticated(String username, String password){
        Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager securityManager = factory.getInstance();
        SecurityUtils.setSecurityManager(securityManager);
        Subject currentUser = SecurityUtils.getSubject();
        String  b = "fail";
        log.info("Test");
        try{
            if (!currentUser.isAuthenticated()) {

                UsernamePasswordToken token = new UsernamePasswordToken("mmarino", "test")   ;
                token.setRememberMe(true);
                try {
                    currentUser.login(token); 
                    b = "Success";
                }catch (UnknownAccountException uae) {
                    log.info("There is no user with username of " + token.getPrincipal());
                } 
            }
        }catch(Exception e){
            b = e.toString();
        }
        )
        return b;
    }

}

Shiro.ini: 

[main]
ds = org.apache.shiro.jndi.JndiObjectFactory
ds.resourceName = jdbc/TestBilling


jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $ds
jdbcRealm.permissionsLookupEnabled = true
jdbcRealm.authenticationQuery = SELECT theuser FROM UserList
securityManager.realm = $jdbcRealm

我也尝试过:     jdbcRealm.authenticationQuery =选择用户FROM UserList,其中passwordList =?

在第二行到最后一行的Shiro.ini文件中。

2 个答案:

答案 0 :(得分:0)

# DataSource config 
ds = org.apache.shiro.jndi.JndiObjectFactory 
ds.requiredType = javax.sql.DataSource
ds.resourceName = jdbc/TestBilling

答案 1 :(得分:0)

似乎还有一个额外的错误,我没有抓住导致log4j中断,这样可以防止看到其他错误显示基本的SQL错误。

相关问题
最新问题