Java JAAS和DatabaseServerLoginModule出现问题
我对jaas和jboss有问题。我尝试使用基于表单的方法对数据库中的用户进行身份验证,但是jboss告诉我密码是错误的不,密码是正确的,但是如果我使用带有属性文件的UsersRolesLoginModule,则没有问题 在调试模式下的pg数据库中,JBoss执行的查询似乎正常, 目前数据库中的密码为纯文本,没有散列 这是我的login-config.xml文件Java JAAS和DatabaseServerLoginModule出现问题,java,jboss,jaas,Java,Jboss,Jaas,我对jaas和jboss有问题。我尝试使用基于表单的方法对数据库中的用户进行身份验证,但是jboss告诉我密码是错误的不,密码是正确的,但是如果我使用带有属性文件的UsersRolesLoginModule,则没有问题 在调试模式下的pg数据库中,JBoss执行的查询似乎正常, 目前数据库中的密码为纯文本,没有散列 这是我的login-config.xml文件 <application-policy name = "AP"> <authentication>
<application-policy name = "AP">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "dsJndiName">java:/authDS</module-option>
<module-option name = "principalsQuery">SELECT password FROM users WHERE login = ?</module-option>
<module-option name = "rolesQuery">SELECT roles.name AS roles FROM roles WHERE roles.id IN
(SELECT users_roles.roleid FROM users_roles WHERE users_roles.userid IN
(SELECT users.id FROM users WHERE login = ?))</module-option>
<!-- <module-option name="hashAlgorithm">MD5</module-option> -->
<!-- <module-option name="hashEncoding">base64</module-option> -->
<!-- <module-option name="hashEncoding">HEX</module-option> -->
<!-- <module-option name="hashAlgorithm">SHA-1</module-option> -->
<!-- <module-option name="digestCallback">com.myclass.MyDigestCallback</module-option>-->
</login-module>
</authentication>
</application-policy>
web.xml文件:
<security-constraint>
<web-resource-collection>
<web-resource-name>Restrict Access</web-resource-name>
<description></description>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>AdminRole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>ASM AD Authentication</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>AdminRole</role-name>
</security-role>
jboss-web.xml
<jboss-web>
<security-domain>java:/jaas/Admin</security-domain>
</jboss-web>
login.jsp
<form method="post" action="j_security_check">
<fieldset>
<legend>Login</legend>
<p>
<label for="form-username">Username</label>
<input type="text" name="j_username" id="form-username" />
</p>
<p>
<label for="form-password">Password</label>
<input type="password" name="j_password" id="form-password" />
</p>
<p>
<input type="submit" value="GO" />
</p>
</fieldset>
</form>
或
你能这样做吗
<application-policy name = "AP">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "dsJndiName">java:/authDS</module-option>
<module-option name = "principalsQuery">SELECT password FROM users WHERE login = ? and idcompania=? </module-option>
<module-option name = "rolesQuery">SELECT roles.name AS roles FROM roles WHERE roles.id IN
(SELECT users_roles.roleid FROM users_roles WHERE users_roles.userid IN
(SELECT users.id FROM users WHERE login = ? and idcompania=? ))</module-option>
<!-- <module-option name="hashAlgorithm">MD5</module-option> -->
<!-- <module-option name="hashEncoding">base64</module-option> -->
<!-- <module-option name="hashEncoding">HEX</module-option> -->
<!-- <module-option name="hashAlgorithm">SHA-1</module-option> -->
<!-- <module-option name="digestCallback">com.myclass.MyDigestCallback</module-option>-->
</login-module>
</authentication>
</application-policy>
从您的示例中,您需要使用DatabaseServerLoginModule实现进行身份验证: 在web.xml中,不需要使用领域标记。 您必须在jboss-web.xml中定义您常用的安全域。 您不需要使用[digestCallback]选项模块。 注意web.xml中定义的角色和一般的安全约束。
我希望这会对您有所帮助。您解决了这个问题吗?如果您有兴趣了解您的解决方案:
<security-domain>java:/jaas/Admin</security-domain> change to
<security-domain>java:/jaas/AP</security-domain>
<application-policy name = "AP">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "dsJndiName">java:/authDS</module-option>
<module-option name = "principalsQuery">SELECT password FROM users WHERE login = ? and idcompania=? </module-option>
<module-option name = "rolesQuery">SELECT roles.name AS roles FROM roles WHERE roles.id IN
(SELECT users_roles.roleid FROM users_roles WHERE users_roles.userid IN
(SELECT users.id FROM users WHERE login = ? and idcompania=? ))</module-option>
<!-- <module-option name="hashAlgorithm">MD5</module-option> -->
<!-- <module-option name="hashEncoding">base64</module-option> -->
<!-- <module-option name="hashEncoding">HEX</module-option> -->
<!-- <module-option name="hashAlgorithm">SHA-1</module-option> -->
<!-- <module-option name="digestCallback">com.myclass.MyDigestCallback</module-option>-->
</login-module>
</authentication>
</application-policy>