Java 如何告诉HttpServletRequest使用DatabaseServerLoginModule而不是其他?
对于JBoss AS(在我的例子中是7.1.1),我没有理解的是如何告诉HttpServletRequest对象使用Java 如何告诉HttpServletRequest使用DatabaseServerLoginModule而不是其他?,java,jsf-2,jboss7.x,Java,Jsf 2,Jboss7.x,对于JBoss AS(在我的例子中是7.1.1),我没有理解的是如何告诉HttpServletRequest对象使用DatabaseServerLoginModule而不是UsernamePasswordLoginModule。这里是托管bean中执行的代码。我希望整个应用程序(每个HttpServletRequest对象)使用相同的领域、相同的登录模块 HttpServletRequest request = (HttpServletRequest) facesContext
DatabaseServerLoginModule
而不是UsernamePasswordLoginModule
。这里是托管bean中执行的代码。我希望整个应用程序(每个HttpServletRequest对象)使用相同的领域、相同的登录模块
HttpServletRequest request = (HttpServletRequest) facesContext
.getExternalContext().getRequest();
log.fine("A login request was issued from " + request.getRemoteHost()
+ ":" + request.getRemotePort());
try {
request.login(getUsername(), getPassword());
if (request.isUserInRole("admin"))
log.info("The logged in user is an administrator (admin)");
else
log.info("The logged in user is NOT an administrator (admin)");
} catch (ServletException e) {
log.warning("Failed to login with username (" + username
+ ") and password. " + e.getMessage());
facesContext.addMessage(null, new FacesMessage(
FacesMessage.SEVERITY_WARN,
"Login failed when tying to authenticate.", null));
// If this fails, return null.
return null;
}
这里是我的standalone.xml文件中的领域配置
<security-domain name="ccmsSecurityDomain">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/CcmsDS"/>
<module-option name="principalsQuery" value="SELECT password FROM user WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT role, 'Roles' FROM user JOIN user_role ON user.id = user_role.users_id JOIN role ON user_role.roles_id = role.id WHERE username=?"/>
<module-option name="hashAlgorithm" value="SHA-256"/>
<module-option name="hashEncoding" value="BASE64"/>
<module-option name="hashUserPassword" value="true"/>
<module-option name="hashStorePassword" value="false"/>
</login-module>
</authentication>
</security-domain>
我的代码正确,我的配置几乎正确 我删除了standalone.xml文件中的hasing和encoding声明。而且效果很好
<module-option name="hashAlgorithm" value="SHA-256"/>
<module-option name="hashEncoding" value="BASE64"/>
<module-option name="hashUserPassword" value="true"/>
<module-option name="hashStorePassword" value="false"/>
我需要单独重新研究散列,但很高兴知道登录代码正确连接到数据库并验证密码
<module-option name="hashAlgorithm" value="SHA-256"/>
<module-option name="hashEncoding" value="BASE64"/>
<module-option name="hashUserPassword" value="true"/>
<module-option name="hashStorePassword" value="false"/>