JAAS LoginModule 登录()和提交()成功,但用户未登录
我已经实现了一个 LoginModule 来执行一些自定义身份验证,并使用 LoginContext 类的 login() 方法调用身份验证。登录模块的 login() 和 commit() 方法已成功调用,但我无法使用 Web 应用程序,而是立即被发送回登录页面。 request.getUserPrincipal() 为 null,request.getRemoteUser() 也是如此。
任何想法将不胜感激。谢谢!
附加信息
另外,在我在前端调用 loginContext.login()
之后,调用 loginContext.getSubject().getPrincipals()
给出我刚刚登录的用户的主体和角色的正确列表。
我使用 Tomcat 6.0.29 作为我的服务器。
I've implemented a LoginModule to perform some custom authentication, and call the authentication using the login() method of the LoginContext class. The login module's login() and commit() methods are called successfully, but instead of being able to use the web app I am being sent back to the login page immediately. request.getUserPrincipal() is null, as well as request.getRemoteUser().
Any ideas would be greatly appreciated. Thanks!
ADDITIONAL INFO
Also, right after I call loginContext.login()
on the front end, calling loginContext.getSubject().getPrincipals()
gives me the proper list of principals and roles for the user that just logged in.
I'm using Tomcat 6.0.29 as my server.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
嗯,
你是否尝试过在策略文件中授予许可,就像这样
umm a shot in the dark
have you tried giving permission in the policy file like so
我试图在 Tomcat 中进行编程登录,即使登录模块正在运行,容器也没有收到身份验证。我的解决方案是使用带有“j_security_check”的 HTML 表单进行身份验证。
I was trying to do programmatic login in Tomcat, and even though the login module was running, the container wasn't receiving the authentication. My solution was to do authentication using an HTML form with "j_security_check" as it's action.