<security-domain name="aisRealm" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:/jdbc/ais"/>
<module-option name="principalsQuery" value="select password from users where email='subsoil_user'"/>
<module-option name="rolesQuery" value="select ug.group_name, 'Roles' from user_in_group uig, users u, user_group ug where uig.user_id = u.id and uig.user_group_id = ug.id and u.email = 'subsoil_user'"/>
<module-option name="hashAlgorithm" value="SHA-256"/>
<module-option name="hashEncoding" value="BASE64"/>
<module-option name="unauthenticatedIdentity" value="guest"/>
</login-module>
<login-module code="RoleMapping" flag="required">
<module-option name="rolesProperties" value="file:${jboss.server.config.dir}/ais.properties"/>
<module-option name="replaceRole" value="false"/>
</login-module>
</authentication>
</security-domain>
在这里,我已经设置了默认的安全域
<default-security-domain value="aisRealm"/>
以下是我在web.xml中的配置:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>aisRealm</realm-name>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/login_error.xhtml</form-error-page>
</form-login-config>
</login-config>
以下是AIS.Properties中的配置:
ADMIN=ADMIN
SUBSOIL_USER=SUBSOIL_USER
SUPPLIER=SUPPLIER
<security-domain>aisRealm</security-domain>
<h:form>
<h:panelGrid columns="3" columnClasses="login, pass, login_btn">
<h:inputText id="loginName" value="#{userBean.loginName}" />
<h:inputSecret id="password" value="#{userBean.password}" />
<p:commandButton id="loginButton" value="#{dictionary['login']}" action="#{userBean.login}" ajax="false"/>
<ui:remove>
<p:commandButton id="loginButton" value="#{dictionary['login']}" action="#{userBean.login}" process="@this"/>
</ui:remove>
</h:panelGrid>
</h:form>
UserBean登录功能:
public void login() {
FacesContext facesContext = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest) facesContext.getExternalContext().getRequest();
try {
request.login(loginName, password);
} catch (ServletException e) {
Logger.getLogger(UserBean.class.getName()).log(Level.SEVERE, null, e);
try {
facesContext.getExternalContext().redirect(facesContext.getExternalContext().getRequestContextPath() + "/error?statusCode=login_failed");
return;
} catch (IOException ex) {
Logger.getLogger(UserBean.class.getName()).log(Level.SEVERE, null, ex);
}
} }
它给了我以下例外:
SEVERE [kz.ais.user.UserBean] (default task-32) null: javax.servlet.ServletException: UT010031: Login failed
at io.undertow.servlet.spec.HttpServletRequestImpl.login(HttpServletRequestImpl.java:426) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at kz.ais.user.UserBean.login(UserBean.java:66) [classes:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_20]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_20]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_20]
at java.lang.reflect.Method.invoke(Method.java:483) [rt.jar:1.8.0_20]
at com.sun.el.parser.AstValue.invoke(AstValue.java:275) [javax.el-3.0.0.jar:]
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:304) [javax.el-3.0.0.jar:]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) [weld-core-impl-2.1.2.Final.jar:2014-01-09 09:23]
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [jsf-impl-2.2.6-jbossorg-4.jar:]
at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87) [jboss-jsf-api_2.2_spec-2.2.6.jar:2.2.6]
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) [jsf-impl-2.2.6-jbossorg-4.jar:]
at javax.faces.component.UICommand.broadcast(UICommand.java:315) [jboss-jsf-api_2.2_spec-2.2.6.jar:2.2.6]
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790) [jboss-jsf-api_2.2_spec-2.2.6.jar:2.2.6]
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282) [jboss-jsf-api_2.2_spec-2.2.6.jar:2.2.6]
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) [jsf-impl-2.2.6-jbossorg-4.jar:]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.2.6-jbossorg-4.jar:]
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:198) [jsf-impl-2.2.6-jbossorg-4.jar:]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:646) [jboss-jsf-api_2.2_spec-2.2.6.jar:2.2.6]
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at org.primefaces.webapp.filter.FileUploadFilter.doFilter(FileUploadFilter.java:70) [primefaces-5.0.jar:5.0]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:113) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146) [undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:177) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727) [undertow-core-1.0.15.Final.jar:1.0.15.Final]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_20]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_20]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_20]
<exclude-unlisted-classes>false</exclude-unlisted-classes>
<class>kz.ais.entities.Users</class>
WildFly中安全域和安全域的主要区别是什么? 独立的。xml 和
Im有一个war项目,在wildfly上部署了JAX-RS接口,并配置了一个安全域,从db加载用户密码和角色。安全域使用缓存类型=默认值。安全域无法识别经过身份验证的用户的更新,因为旧数据会被缓存。我用jboss cli验证了这一点。sh.那么如何从缓存中删除特定用户呢?我希望在部署的应用程序中执行此操作,而不是通过jboss cli。嘘。
我正在将一个JBoss5.1.0应用程序迁移到Wildfly8.1.0。在我的中,我有以下元素: 但是,schma不支持该元素,导致:
验证用户凭据时遇到问题。当我第一次给出正确的凭据时,一切正常,但首先给出无效的凭据,然后再给出正确的凭据,我会得到无效的凭据错误。我使用邮递员基本身份验证。 我的配置类: 和我的控制器类
我目前正在使用React在一个网站上工作,我希望能够有用户登录。现在,我的策略是在提交时将表单数据发送到服务器(express),如果信息与我的数据库中的用户匹配,服务器将发回一个签名的JWT,其中没有敏感信息(只有用户名)。 一旦客户机接收到JWT,我就将它添加到localStorage中,并将它的解码数据添加到redux存储中。我计划让我的redux存储当前登录的用户。
直到现在(遗留),身份验证工作所需的全部工作就是在subsystems->Security中创建一个具有正确名称的安全域(“referencesapplicationdomain”)。 我的web.xml: 我的jboss-web.xml: 我遵循Wildfly Elytron文档使用JBoss-CLI创建了安全域和http工厂。 当我签入jboss-cli时,我看到安全域已经创建。 然而,当我尝