JAAS - isUserInRole 对 Tomcat 中的所有角色返回 false

发布于 2024-08-09 08:09:15 字数 1570 浏览 3 评论 0原文

问题是，

JAAS 领域连接到数据库正常，用户名和密码匹配，会话经过身份验证。然而，这些角色似乎都没有进入校长的范围。 Tomcat 的 isInUserRole 对每个角色都返回 false，并且 tomcat 安全性也看不到它们。

这是 Server.xml 中的领域配置

<Realm  className="org.apache.catalina.realm.JAASRealm"
        appName="TomcatTimedLogin"
        userClassName="com.tagish.auth.TypedPrincipal"
        roleClassNames="org.ovasp.java.jaas.RolePrincipal" />

这是 login.config

TomcatTimedLogin
{
    org.owasp.java.jaas.TomcatTimedLogin required
    useDS=true
    dsJNDI="jdbc/resourceName"
        dbDriver="com.microsoft.sqlserver.jdbc.SQLServerDriver" 
        dbURL="jdbc:sqlserver://server\\DBSERVER;databaseName=DBName"
        dbUser="username"
        dbPassword="password"
        debug=true 
        loginTable="loginTable" 
        clippingLevel="3" 
        interval="10"
        loginQuery="SELECT UserID,Password FROM Users WHERE LogonUserName=? AND RetirementDate is null"
        rolesQuery="SELECT Role.RoleDescription FROM User_Role,Role WHERE User_Role.UserID=? AND User_Role.RoleID=Role.RoleID";
};

在 catalina.properties 中我引用这样的配置

java.security.auth.login.config=file:///C:/config/login.config

当启动应用程序时，我确实在调试输出中收到以下消息，不知道为什么，因为所有类都应该可由服务器访问

SEVERE: Class org.ovasp.java.jaas.RolePrincipal not found! Class not added.

任何帮助将不胜感激。我已经阅读了一篇又一篇的文章和一个又一个的教程，而那些确实遇到此问题的人，没有发布解决方案。

顺便说一句，我使用的是 Tomcat 5.5，不是我的选择，遗留代码，你知道它是怎么回事！我还使用 OWASP 登录模块 (OWASPJaasLoginModule.jar)。该 jar 文件位于 server/lib 目录中。

原文

Here is the issue,

The JAAS realm connects to the database fine, the user name and password match, the session is authenticated. HOWEVER, none of the roles seem to be getting into the Principal. Tomcat's isInUserRole returns false for every role, and tomcat security doesn't see them either.

Here is the realm configuration in the Server.xml

<Realm  className="org.apache.catalina.realm.JAASRealm"
        appName="TomcatTimedLogin"
        userClassName="com.tagish.auth.TypedPrincipal"
        roleClassNames="org.ovasp.java.jaas.RolePrincipal" />

Here is the login.config

TomcatTimedLogin
{
    org.owasp.java.jaas.TomcatTimedLogin required
    useDS=true
    dsJNDI="jdbc/resourceName"
        dbDriver="com.microsoft.sqlserver.jdbc.SQLServerDriver" 
        dbURL="jdbc:sqlserver://server\\DBSERVER;databaseName=DBName"
        dbUser="username"
        dbPassword="password"
        debug=true 
        loginTable="loginTable" 
        clippingLevel="3" 
        interval="10"
        loginQuery="SELECT UserID,Password FROM Users WHERE LogonUserName=? AND RetirementDate is null"
        rolesQuery="SELECT Role.RoleDescription FROM User_Role,Role WHERE User_Role.UserID=? AND User_Role.RoleID=Role.RoleID";
};

And in catalina.properties I refer to the configuration like this

java.security.auth.login.config=file:///C:/config/login.config

When start the application I do get the following message in the Debug output, not sure why as all classes should be accessible by the server

SEVERE: Class org.ovasp.java.jaas.RolePrincipal not found! Class not added.

Any help would be appreciated. I have already read post after post and tutorial after tutorial, and those who do have this problem, don't have solution posted.

Btw, I am using Tomcat 5.5, not my choice, legacy code, you know how it is! I also using the OWASP login module (OWASPJaasLoginModule.jar). This jar file is located in the server/lib directory.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

北方。的韩爷 2024-08-16 08:09:15

好吧...我自己解决了...再次，非常愚蠢！如果这是我的代码，我会对自己生气，但事实并非如此，在使用这个应用程序 4 天后，我几乎厌倦了。问题是这个班级并不

org.ovasp.java.jaas.RolePrincipal

愚蠢

org.owasp.java.jaas.RolePrincipal

！

Okay... I solved it myself... again, VERY STUPID! If this was my code I would be mad at myself, but it is not, and after 4 days of screwing around with this app, I am close to fed up. The problem was that the CLASS is not