Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/security/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Security Wicket UI上的PicketBox EJB身份验证_Security_Authentication_Jboss_Ejb_Wicket - Fatal编程技术网
Fatal编程技术网
  • security/
  • Security Wicket UI上的PicketBox EJB身份验证

Security Wicket UI上的PicketBox EJB身份验证

security authentication jboss wicket

Security Wicket UI上的PicketBox EJB身份验证,security,authentication,jboss,ejb,wicket,Security,Authentication,Jboss,Ejb,Wicket,我使用EJB(在JBoss上)和Wicket作为UI层。我在EJB中添加了安全性,我的security.conf如下所示: <application-policy name="my-security-domain"> <authentication> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">

我使用EJB(在JBoss上)和Wicket作为UI层。我在EJB中添加了安全性,我的security.conf如下所示:

<application-policy name="my-security-domain">
    <authentication>
        <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
            <module-option name="usersProperties">META-INF/users.properties</module-option>
            <module-option name="rolesProperties">META-INF/roles.properties</module-option>
        </login-module>
    </authentication>
</application-policy>

private Subject subject;
private SecurityContext securityContext;

@Override
public boolean authenticate(String username,
                            String password)
{
    boolean authenticated = false;
    securityContext = null;
    SecurityFactory.prepare();

    try
    {
        String                 securityDomainName = "my-security-domain";
        String                 configFile         = "META-INF/security.conf";
        PicketBoxConfiguration idtrustConfig      = new PicketBoxConfiguration();
        idtrustConfig.load(configFile);

        //Note: This is the most important line where you establish a security context
        securityContext = SecurityFactory.establishSecurityContext(securityDomainName);
        AuthenticationManager am = securityContext.getAuthenticationManager();
        subject = new Subject();

        Principal principal  = new SimplePrincipal(username);
        Object    credential = new String(password);
        authenticated = am.isValid(principal, credential, subject);

        securityContext.getUtil().createSubjectInfo(principal, credential, subject);
        //You may make call outs to other components here*/

        //DEBUG
        for(Principal p : subject.getPrincipals())
        {
            LOGGER.debug("Principal: " + p.getName());
            if(p instanceof Group)
            {
                Group                            g       = (Group) p;
                Enumeration<? extends Principal> members = g.members();
                while(members.hasMoreElements())
                {
                    Principal member = members.nextElement();
                    LOGGER.debug("Group name: " + member.getName());
                }
            }
        }
    }
    catch(Exception e)
    {
        e.printStackTrace();
    }

    return authenticated;
}


我的Wicket AuthenticatedWebSession子类如下所示:


<application-policy name="my-security-domain">
    <authentication>
        <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
            <module-option name="usersProperties">META-INF/users.properties</module-option>
            <module-option name="rolesProperties">META-INF/roles.properties</module-option>
        </login-module>
    </authentication>
</application-policy>



private Subject subject;
private SecurityContext securityContext;

@Override
public boolean authenticate(String username,
                            String password)
{
    boolean authenticated = false;
    securityContext = null;
    SecurityFactory.prepare();

    try
    {
        String                 securityDomainName = "my-security-domain";
        String                 configFile         = "META-INF/security.conf";
        PicketBoxConfiguration idtrustConfig      = new PicketBoxConfiguration();
        idtrustConfig.load(configFile);

        //Note: This is the most important line where you establish a security context
        securityContext = SecurityFactory.establishSecurityContext(securityDomainName);
        AuthenticationManager am = securityContext.getAuthenticationManager();
        subject = new Subject();

        Principal principal  = new SimplePrincipal(username);
        Object    credential = new String(password);
        authenticated = am.isValid(principal, credential, subject);

        securityContext.getUtil().createSubjectInfo(principal, credential, subject);
        //You may make call outs to other components here*/

        //DEBUG
        for(Principal p : subject.getPrincipals())
        {
            LOGGER.debug("Principal: " + p.getName());
            if(p instanceof Group)
            {
                Group                            g       = (Group) p;
                Enumeration<? extends Principal> members = g.members();
                while(members.hasMoreElements())
                {
                    Principal member = members.nextElement();
                    LOGGER.debug("Group name: " + member.getName());
                }
            }
        }
    }
    catch(Exception e)
    {
        e.printStackTrace();
    }

    return authenticated;
}



私人科目;
私有SecurityContext SecurityContext;
@凌驾
公共布尔认证(字符串用户名,
字符串(密码)
{
布尔值=假;
securityContext=null;
SecurityFactory.prepare();
尝试
{
String securityDomainName=“我的安全域”;
字符串conffile=“META-INF/security.conf”;
PicketBoxConfiguration idtrustConfig=新的PicketBoxConfiguration();
idtrustConfig.load(配置文件);
//注意:这是建立安全上下文最重要的一行
securityContext=SecurityFactory.establishSecurityContext(securityDomainName);
AuthenticationManager am=securityContext.getAuthenticationManager();
主题=新主题();
主体=新的SimplePrincipal(用户名);
对象凭证=新字符串(密码);
authenticated=am.isValid(主体、凭证、主体);
securityContext.getUtil().createSubjectInfo(主体、凭证、主体);
//您可以在此处调用其他组件*/
//调试
for(主体p:subject.getPrincipals())
{
debug(“主体:+p.getName());
if(组的p实例)
{
g组=(组)p;

枚举mnie的一位同事建议我查看web层的安全配置。我通过以下配置解决了这个问题:

jboss-web.xml:


<jboss-web>
    <security-domain>java:/jaas/my-security-domain</security-domain>
</jboss-web>




java:/jaas/my安全域


web.xml:


<security-constraint>
    <web-resource-collection>
        <web-resource-name>My Resource</web-resource-name>
        <url-pattern>/app/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>*</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
        <form-login-page>/login.html</form-login-page>
        <form-error-page>/login-error.html</form-error-page>
    </form-login-config>
</login-config>




我的资源
/应用程序/*
得到
邮递
*
形式
/login.html
/login-error.html


谢谢大家


Linh
mnie的一位同事建议我查看web层的安全配置。我通过以下配置解决了这个问题:

jboss-web.xml:


<jboss-web>
    <security-domain>java:/jaas/my-security-domain</security-domain>
</jboss-web>




java:/jaas/my安全域


web.xml:


<security-constraint>
    <web-resource-collection>
        <web-resource-name>My Resource</web-resource-name>
        <url-pattern>/app/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>*</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
        <form-login-page>/login.html</form-login-page>
        <form-error-page>/login-error.html</form-error-page>
    </form-login-config>
</login-config>




我的资源
/应用程序/*
得到
邮递
*
形式
/login.html
/login-error.html


谢谢大家