无法使用 jdbc 领域和 Glassfish 设置基本身份验证
我正在使用 Glassfish v3 和一个非常简单的 JAX-RS 服务(取自http ://www.vogella.de/articles/REST/article.html
我想要实现的是,如果用户请求 http://localhost:8080/de.vogella.jersey.first/rest/hello< /a>,浏览器弹出一个警报,提示输入用户名+密码。
我决定使用 PostgreSQL 8.4 和正确的 JDBC 驱动程序
。似乎没有处于活动状态(HTTP 标头非常简单:
Request URL:http://localhost:8080/de.vogella.jersey.first/rest/hello
Request Method:GET
Status Code:200 OK
Request Headers
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Cache-Control:max-age=0
Connection:keep-alive
Cookie:JSESSIONID=ec48541dc7654806fcf022d79e66; treeForm:tree-hi=treeForm:tree:configuration:loggerSetting
Host:localhost:8080
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.187 Safari/535.1
Response Headers
Content-Type:text/html
Date:Fri, 07 Oct 2011 14:26:26 GMT
Server:GlassFish Server Open Source Edition 3.0.1
Transfer-Encoding:chunked
X-Powered-By:Servlet/3.0
身份验证已设置但似乎处于非活动状态。此时,我需要您的技能来分析我做错了什么。
到目前为止我所做的事情:
1 / 部署了 JAX-RS 服务(这可以正常工作,请参阅前面的 URL) 2/创建一个数据库,创建两个表:
CREATE TABLE groups
(
username character varying(16) NOT NULL,
id character varying(20) NOT NULL,
CONSTRAINT groups_pkey PRIMARY KEY (username, id),
CONSTRAINT fk_username FOREIGN KEY (username)
REFERENCES users (username) MATCH SIMPLE
ON UPDATE NO ACTION ON DELETE NO ACTION
);
CREATE TABLE users
(
username character varying(16) NOT NULL,
"password" character varying(32) NOT NULL,
CONSTRAINT users_pkey PRIMARY KEY (username)
);
并按如下方式填充它们:
表“groups”-> “webuser”;“员工”
表“用户”-> "webuser";"webuser"
3/ 在 Glassfish 管理 GUI 中,我添加了一个名为“postgres”的连接池,如下所示: 
附加属性如下所示: 
4/ 然后我创建了一个名为“postgres”的 JDVC 资源,如下所示: 
5/ 在 Glassfish 管理 GUI 中,我添加了一个安全领域,名为“postgres” ”,如下图: 
6/ 我还将 javax.enterprise 的日志级别设置为“FINEST”。 “记录器设置”中的system.core.security。 从浏览器请求 Web 服务后,我在 server.log 文件中得到以下内容:
[#|2011-10-07T16:26:26.410+0200|FINE|glassfish3.0.1|javax.enterprise.system.core.security|_ThreadID=67;_ThreadName=Thread-1;ClassName=com.sun.enterprise.security.web.integration.WebSecurityManager;MethodName=setPolicyContext;|[Web-Security] Policy Context ID was: de.vogella.jersey.first/de_vogella_jersey_first|#]
[#|2011-10-07T16:26:26.412+0200|FINE|glassfish3.0.1|javax.enterprise.system.core.security.com.sun.enterprise.security|_ThreadID=67;_ThreadName=Thread-1;ClassName=com.sun.enterprise.security.SecurityContext;MethodName=setCurrentSecurityContext;|SecurityContext: setCurrentSecurityContext method called|#]
7/ 关于代码,我没有添加任何注释,但我更新了 web.xml,如下所示:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">
<display-name>de.vogella.jersey.first</display-name>
<servlet>
<description>JAX-RS Tools Generated - Do not modify</description>
<servlet-name>JAX-RS Servlet</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>de.vogella.jersey.first</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>JAX-RS Servlet</servlet-name>
<url-pattern>/rest/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>customer creation</web-resource-name>
<url-pattern>/rest/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>webusers</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>postgres</realm-name>
</login-config>
<security-role>
<role-name>webusers</role-name>
</security-role>
</web-app>
以及 sun-web.xml如下:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="">
<context-root>/de.vogella.jersey.first</context-root>
<security-role-mapping>
<role-name>webusers</role-name>
<group-name>webusers</group-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class java code.</description>
</property>
</jsp-config>
</sun-web-app>
这是什么问题?我是不是忘记了什么?
谢谢您的宝贵时间!
I'm fighting with a Glassfish v3 and a very simple JAX-RS service (taken athttp://www.vogella.de/articles/REST/article.html
What I want to achieve is setup basic http authentication for all the resources. If wish when a user request http://localhost:8080/de.vogella.jersey.first/rest/hello, the browser popups an alert prompting for username+password.
I've decided to go for a JDBCRealm authentication. I use PostgreSQL 8.4 and the correct JDBC driver.
My problem is that the authentication doesn't seem to be active (the HTTP headers are very simple ones :
Request URL:http://localhost:8080/de.vogella.jersey.first/rest/hello
Request Method:GET
Status Code:200 OK
Request Headers
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Cache-Control:max-age=0
Connection:keep-alive
Cookie:JSESSIONID=ec48541dc7654806fcf022d79e66; treeForm:tree-hi=treeForm:tree:configuration:loggerSetting
Host:localhost:8080
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.187 Safari/535.1
Response Headers
Content-Type:text/html
Date:Fri, 07 Oct 2011 14:26:26 GMT
Server:GlassFish Server Open Source Edition 3.0.1
Transfer-Encoding:chunked
X-Powered-By:Servlet/3.0
The authentication is setup but seems inactive. At that point, I need your skills for analyzing what I've done wrong.
What I've done so far :
1/ Deployed the JAX-RS service (this works ok, see previous URL)
2/ Created a database, created two tables :
CREATE TABLE groups
(
username character varying(16) NOT NULL,
id character varying(20) NOT NULL,
CONSTRAINT groups_pkey PRIMARY KEY (username, id),
CONSTRAINT fk_username FOREIGN KEY (username)
REFERENCES users (username) MATCH SIMPLE
ON UPDATE NO ACTION ON DELETE NO ACTION
);
CREATE TABLE users
(
username character varying(16) NOT NULL,
"password" character varying(32) NOT NULL,
CONSTRAINT users_pkey PRIMARY KEY (username)
);
and populated them as follow :
table "groups" -> "webuser";"employees"
table "users" -> "webuser";"webuser"
3/ In the Glassfish admin GUI,I added a Connect Pool called "postgres" as follow :
The additional properties are shown here :
4/ I then created a JDVC Resource called "postgres" as shown below :
5/ In the Glassfish admin GUI, I added a Security Realm, called "postgres", as shown below :
6/ I also set to "FINEST" the log level for javax.enterprise.system.core.security in the "Logger Settings".
After requesting the webservice from a browser, I get the following in the server.log file :
[#|2011-10-07T16:26:26.410+0200|FINE|glassfish3.0.1|javax.enterprise.system.core.security|_ThreadID=67;_ThreadName=Thread-1;ClassName=com.sun.enterprise.security.web.integration.WebSecurityManager;MethodName=setPolicyContext;|[Web-Security] Policy Context ID was: de.vogella.jersey.first/de_vogella_jersey_first|#]
[#|2011-10-07T16:26:26.412+0200|FINE|glassfish3.0.1|javax.enterprise.system.core.security.com.sun.enterprise.security|_ThreadID=67;_ThreadName=Thread-1;ClassName=com.sun.enterprise.security.SecurityContext;MethodName=setCurrentSecurityContext;|SecurityContext: setCurrentSecurityContext method called|#]
7/ Regarding the code, I didn't add any annotation, but I updated my web.xml as follow :
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">
<display-name>de.vogella.jersey.first</display-name>
<servlet>
<description>JAX-RS Tools Generated - Do not modify</description>
<servlet-name>JAX-RS Servlet</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>de.vogella.jersey.first</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>JAX-RS Servlet</servlet-name>
<url-pattern>/rest/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>customer creation</web-resource-name>
<url-pattern>/rest/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>webusers</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>postgres</realm-name>
</login-config>
<security-role>
<role-name>webusers</role-name>
</security-role>
</web-app>
And the sun-web.xml as follow :
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="">
<context-root>/de.vogella.jersey.first</context-root>
<security-role-mapping>
<role-name>webusers</role-name>
<group-name>webusers</group-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class java code.</description>
</property>
</jsp-config>
</sun-web-app>
What is wrong with this ? Did I forgot anything ?
Thank you for your time !
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我发现我必须禁用“在部署之间保持会话”。通过双击部署服务器并取消选中该框,可以在服务器中找到此选项。
I found out that I had to disable the "Keep session between deployments". This option can be found in the server, by double-clicking on the deployment server and unchecking the box.