如何使用 Glassfish 实现基本身份验证?
我尝试过这个配置,但它对我不起作用。 Glassfish 中的基本身份验证 我也尝试过这个指南 http://maksim.sorokin.dk /it/2010/10/13/basic-authentication-in-glassfish-3/ 但我也无法获得用户通行证询问。
这些是我已采取的步骤:
1. 以管理员身份登录管理界面。
2. 转到安全性->领域->文件
3. 将组名称(用户)添加到分配组字段。
4. 打开页面顶部的管理用户。
5. 单击“新建”并添加用户 (testuser) 并指定密码。
6. 将(用户)添加到组列表。
7. 将此行放入 web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Application</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>file</realm-name>
</login-config>
<security-role>
<role-name>User</role-name>
</security-role>
8. 并将此行放入 sun-web.xml
<sun-web-app error-url="">
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
</sun-web-app>
9. 毕竟我启用了 Configurations->server-config->Security->Security Manager
我的配置是 Glassfish 3.1,sun java6 jdk、Debian lenny 和一个简单的“Hello World”页面用于测试。
这里缺少什么?
更新:
我发现它需要 xml 标头。添加它们后,它就开始工作了。我的最终配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Application</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Users</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>file</realm-name>
</login-config>
<security-role>
<role-name>Users</role-name>
</security-role>
</web-app>
和
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="">
<security-role-mapping>
<role-name>Users</role-name>
<group-name>Users</group-name>
</security-role-mapping>
</sun-web-app>
I'm tried this configuration but it didn't work for me.
Basic Authentication in Glassfish
I also tried this guide
http://maksim.sorokin.dk/it/2010/10/13/basic-authentication-in-glassfish-3/ but I couldn't get user-pass asking with it too.
These are steps I've taken:
1. Login as admin to Admin interface.
2. Go to Security->Realms->File
3. Add a group name (Users) to Assign Groups field.
4. Open manage users at the top of the page.
5. Click New and add an user (testuser) and give a password.
6. Add (Users) to Group List.
7. put this lines to web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Application</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>file</realm-name>
</login-config>
<security-role>
<role-name>User</role-name>
</security-role>
8. and put this lines to sun-web.xml
<sun-web-app error-url="">
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
</sun-web-app>
9. After all I enabled Configurations->server-config->Security->Security Manager
My configuration is Glassfish 3.1, sun java6 jdk, Debian lenny and a simple "Hello World" page for testing.
What is missing here?
UPDATE:
I figured out it needs xml headers. After I've added them it started to work. My final configuration is below:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Application</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Users</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>file</realm-name>
</login-config>
<security-role>
<role-name>Users</role-name>
</security-role>
</web-app>
and
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="">
<security-role-mapping>
<role-name>Users</role-name>
<group-name>Users</group-name>
</security-role-mapping>
</sun-web-app>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以尝试以下指南: http:// download.oracle.com/docs/cd/E19798-01/821-1750/beaxw/index.html 我听说web.xml有时无法正常工作。我有同样的问题,但现在无法测试。
You may try this guide: http://download.oracle.com/docs/cd/E19798-01/821-1750/beaxw/index.html I heard that web.xml sometimes not work properly. I had same problem but cannot test it now.