Fatal编程技术网
  • security/
  • Security 使用自定义登录模块独立连接到JBoss EJB

Security 使用自定义登录模块独立连接到JBoss EJB

security jboss

Security 使用自定义登录模块独立连接到JBoss EJB,security,jboss,java-ee-6,ejb-3.1,Security,Jboss,Java Ee 6,Ejb 3.1,我在JBoss EAP 6.4.0.GA(AS 7.5.0.Final-redhat-21)中定义了一个自定义登录模块 打开JBoss日志后,我看到它失败了,因为密码不正确,即: TRACE [org.jboss.security] (EJB default - 2) PBOX000236: Begin initialize method DEBUG [org.jboss.security] (EJB default - 2) PBOX000281: Password hashing activ

我在JBoss EAP 6.4.0.GA(AS 7.5.0.Final-redhat-21)中定义了一个自定义登录模块

打开JBoss日志后,我看到它失败了,因为密码不正确,即:

TRACE [org.jboss.security] (EJB default - 2) PBOX000236: Begin initialize method
DEBUG [org.jboss.security] (EJB default - 2) PBOX000281: Password hashing activated, algorithm: SHA-256, encoding: hex, charset: null, callback: null, storeCallBack: null
TRACE [org.jboss.security] (EJB default - 2) PBOX000262: Module options [dsJndiName: java:jboss/datasources/MySQLDS, principalsQuery: SELECT password FROM xxx.User WHERE name=?, rolesQuery: SELECT r.name, 'Roles' FROM xxx.Role r JOIN xxx.User_Roles ur ON r.id=ur.role_id JOIN xxx.User u ON ur.user_id=u.id WHERE u.name=?, suspendResume: true]
TRACE [org.jboss.security] (EJB default - 2) PBOX000240: Begin login method
TRACE [org.jboss.security] (EJB default - 2) PBOX000263: Executing query SELECT password FROM xxx.User WHERE name=? with username <username>
DEBUG [org.jboss.security] (EJB default - 2) PBOX000283: Bad password for username <username>
TRACE [org.jboss.security] (EJB default - 2) PBOX000244: Begin abort method
DEBUG [org.jboss.security] (EJB default - 2) PBOX000206: Login failure: javax.security.auth.login.FailedLoginException: PBOX000070: Password invalid/Password required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:286) [picketbox-4.1.1.Final-redhat-1.jar:4.1.1.Final-redhat-1]
我还尝试将jboss远程命名的版本从2.0.3.Final升级到2.0.4.Final,xnio nio的版本从3.3.0.Final升级到3.3.2.Final,jboss ejb客户端的版本从1.0.28.Final升级到1.0.31.Final,但我得到了相同的结果,“密码无效/需要密码”

我会很高兴有任何想法,因为我已经尝试了互联网上关于这个主题的所有内容。

好的,它现在起作用了。缺失的部分是:

remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
注意:用“remote.connections”中配置的内容替换上面的“default”

在“standalone.xml”或同等文件的“安全领域”部分输入以下内容:

<security-realm name="xxxRealm">
    <authentication>
        <jaas name="xxx"/>
    </authentication>
</security-realm>

<subsystem xmlns="urn:jboss:domain:remoting:1.2">
    <connector name="remoting-connector" socket-binding="remoting" security-realm="xxxRealm"/>
</subsystem>



我怀疑我的问题与以下事实有关:我没有为JBoss“远程处理”配置域,并且用户名/密码被检查到了错误的域,即:我现在遇到了另一个问题。当我有一个解决方案,我会张贴它。

TRACE [org.jboss.security] (EJB default - 2) PBOX000236: Begin initialize method
DEBUG [org.jboss.security] (EJB default - 2) PBOX000281: Password hashing activated, algorithm: SHA-256, encoding: hex, charset: null, callback: null, storeCallBack: null
TRACE [org.jboss.security] (EJB default - 2) PBOX000262: Module options [dsJndiName: java:jboss/datasources/MySQLDS, principalsQuery: SELECT password FROM xxx.User WHERE name=?, rolesQuery: SELECT r.name, 'Roles' FROM xxx.Role r JOIN xxx.User_Roles ur ON r.id=ur.role_id JOIN xxx.User u ON ur.user_id=u.id WHERE u.name=?, suspendResume: true]
TRACE [org.jboss.security] (EJB default - 2) PBOX000240: Begin login method
TRACE [org.jboss.security] (EJB default - 2) PBOX000263: Executing query SELECT password FROM xxx.User WHERE name=? with username <username>
DEBUG [org.jboss.security] (EJB default - 2) PBOX000283: Bad password for username <username>
TRACE [org.jboss.security] (EJB default - 2) PBOX000244: Begin abort method
DEBUG [org.jboss.security] (EJB default - 2) PBOX000206: Login failure: javax.security.auth.login.FailedLoginException: PBOX000070: Password invalid/Password required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:286) [picketbox-4.1.1.Final-redhat-1.jar:4.1.1.Final-redhat-1]



DEBUG [org.jboss.security] (EJB default - 1) PBOX000206: Login failure: javax.security.auth.login.FailedLoginException: PBOX000062: No matching username found found in principals



remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false



<security-realm name="xxxRealm">
    <authentication>
        <jaas name="xxx"/>
    </authentication>
</security-realm>



<subsystem xmlns="urn:jboss:domain:remoting:1.2">
    <connector name="remoting-connector" socket-binding="remoting" security-realm="xxxRealm"/>
</subsystem>



<login-module code="Remoting" flag="optional">
    <module-option name="password-stacking" value="useFirstPass"/>
</login-module>