Jboss 中的 JAAS 表单身份验证总是失败
我根据 Jboss 教程示例开发了 Web 应用程序。结果登录页面将我发送到登录错误页面。我使用数据库服务器登录模块。如果替换为 UsersRolesLoginModule 那么登录就可以了。
Google 建议我发布 http://community.jboss.org/message/141999#141999但还没有回答。
Jboss 日志:
我认为问题出在 11:37:09,128 DEBUG [[jsp]:debug] 禁用进一步输出的响应
11:37:08,902 DEBUG [CoyoteAdapter:debug] Requested cookie session id is 3793E0F8FF02F043D9DCF5D98A85AFC6
11:37:08,903 DEBUG [AuthenticatorBase:debug] Security checking request GET /example2/
11:37:08,903 DEBUG [RealmBase:debug] Checking constraint 'SecurityConstraint[All resources]' against GET /index.jsp --> true
11:37:08,904 DEBUG [RealmBase:debug] Checking constraint 'SecurityConstraint[All resources]' against GET /index.jsp --> true
11:37:08,904 DEBUG [AuthenticatorBase:debug] Calling hasUserDataPermission()
11:37:08,904 DEBUG [RealmBase:debug] User data constraint has no restrictions
11:37:08,956 DEBUG [JNDIBasedSecurityManagement:debug] Creating SDC for domain=JaasDbRealm
11:37:08,957 DEBUG [JaasDbRealm:debug] CallbackHandler: org.jboss.security.auth.callback.JBossCallbackHandler@4437d3
11:37:08,958 DEBUG [JaasDbRealm:debug] CachePolicy set to: org.jboss.util.TimedCachePolicy@254fb0
11:37:08,959 DEBUG [JNDIBasedSecurityManagement:debug] setCachePolicy, c=org.jboss.util.TimedCachePolicy@254fb0
11:37:09,037 DEBUG [AuthenticatorBase:debug] Calling authenticate()
11:37:09,039 DEBUG [FormAuthenticator:debug] Save request in session '81BC14FA6517824ADDE56EDAEC9EA0C6'
11:37:09,128 DEBUG [[jsp]:debug] Disabling the response for futher output
11:37:09,134 DEBUG [AuthenticatorBase:debug] Failed authenticate() test
11:37:12,885 DEBUG [CoyoteAdapter:debug] Requested cookie session id is 81BC14FA6517824ADDE56EDAEC9EA0C6
11:37:12,886 DEBUG [AuthenticatorBase:debug] Security checking request POST /example2/j_security_check
11:37:12,887 DEBUG [FormAuthenticator:debug] Authenticating username 'admin'
11:37:13,035 DEBUG [[jsp]:debug] Disabling the response for futher output
11:37:13,036 DEBUG [AuthenticatorBase:debug] Failed authenticate() test ??/example2/j_security_check
我的conf:
login-config.xml
<application-policy name = "JaasDbRealm">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name="dsJndiName">jdbc/MysqlDS</module-option>
<module-option name="principalsQuery">select passwd from Users username where username=?</module-option>
<module-option name="rolesQuery">select userRoles, 'Roles' from UserRoles where username=?</module-option>
</login-module>
</authentication>
</application-policy>
jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/JaasDbRealm</security-domain>
</jboss-web>
web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<description>Protects all resources</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
login.jsp
<form name="loginForm" method="post" action="j_security_check">
<table>
<tr>
<td>User Name:</td>
<td><input type="text" name="j_username"></td>
</tr>
<tr>
<td>User Password:</td>
<td><input type="text" name="j_password"></td>
</tr>
<tr colspan="2">
<td><input type="submit" value="login"></td>
</tr>
</table>
</form>
I have developed web app based on Jboss tutorial examples. In result login page sending me to login-error page. I use DatabaseServerLoginModule. If replace to UsersRolesLoginModule then login is fine.
Google suggest me post http://community.jboss.org/message/141999#141999 but have not answer there.
Jboss log:
I think problem in 11:37:09,128 DEBUG [[jsp]:debug] Disabling the response for futher output
11:37:08,902 DEBUG [CoyoteAdapter:debug] Requested cookie session id is 3793E0F8FF02F043D9DCF5D98A85AFC6
11:37:08,903 DEBUG [AuthenticatorBase:debug] Security checking request GET /example2/
11:37:08,903 DEBUG [RealmBase:debug] Checking constraint 'SecurityConstraint[All resources]' against GET /index.jsp --> true
11:37:08,904 DEBUG [RealmBase:debug] Checking constraint 'SecurityConstraint[All resources]' against GET /index.jsp --> true
11:37:08,904 DEBUG [AuthenticatorBase:debug] Calling hasUserDataPermission()
11:37:08,904 DEBUG [RealmBase:debug] User data constraint has no restrictions
11:37:08,956 DEBUG [JNDIBasedSecurityManagement:debug] Creating SDC for domain=JaasDbRealm
11:37:08,957 DEBUG [JaasDbRealm:debug] CallbackHandler: org.jboss.security.auth.callback.JBossCallbackHandler@4437d3
11:37:08,958 DEBUG [JaasDbRealm:debug] CachePolicy set to: org.jboss.util.TimedCachePolicy@254fb0
11:37:08,959 DEBUG [JNDIBasedSecurityManagement:debug] setCachePolicy, c=org.jboss.util.TimedCachePolicy@254fb0
11:37:09,037 DEBUG [AuthenticatorBase:debug] Calling authenticate()
11:37:09,039 DEBUG [FormAuthenticator:debug] Save request in session '81BC14FA6517824ADDE56EDAEC9EA0C6'
11:37:09,128 DEBUG [[jsp]:debug] Disabling the response for futher output
11:37:09,134 DEBUG [AuthenticatorBase:debug] Failed authenticate() test
11:37:12,885 DEBUG [CoyoteAdapter:debug] Requested cookie session id is 81BC14FA6517824ADDE56EDAEC9EA0C6
11:37:12,886 DEBUG [AuthenticatorBase:debug] Security checking request POST /example2/j_security_check
11:37:12,887 DEBUG [FormAuthenticator:debug] Authenticating username 'admin'
11:37:13,035 DEBUG [[jsp]:debug] Disabling the response for futher output
11:37:13,036 DEBUG [AuthenticatorBase:debug] Failed authenticate() test ??/example2/j_security_check
My conf:
login-config.xml
<application-policy name = "JaasDbRealm">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name="dsJndiName">jdbc/MysqlDS</module-option>
<module-option name="principalsQuery">select passwd from Users username where username=?</module-option>
<module-option name="rolesQuery">select userRoles, 'Roles' from UserRoles where username=?</module-option>
</login-module>
</authentication>
</application-policy>
jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/JaasDbRealm</security-domain>
</jboss-web>
web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<description>Protects all resources</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
login.jsp
<form name="loginForm" method="post" action="j_security_check">
<table>
<tr>
<td>User Name:</td>
<td><input type="text" name="j_username"></td>
</tr>
<tr>
<td>User Password:</td>
<td><input type="text" name="j_password"></td>
</tr>
<tr colspan="2">
<td><input type="submit" value="login"></td>
</tr>
</table>
</form>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
问题已经找到了。数据源 JNDI 名称 jdbc/MysqlDS 失败
已替换为 java:jdbc/MysqlDS 并且工作正常。
Problem has been found. Fail datasource JNDI name jdbc/MysqlDS
Repaced to java:jdbc/MysqlDS and working OK.