2
我已經開發了基於Jboss教程示例的Web應用程序。在結果登錄頁面將我發送到登錄錯誤頁面。我使用DatabaseServerLoginModule。如果替換爲UsersRolesLoginModule,則登錄無誤。JAAS表單身份驗證在Jboss中始終失敗
谷歌建議我發帖http://community.jboss.org/message/141999#141999,但沒有在那裏回答。
Jboss的日誌:
我覺得問題在11:37:09128 DEBUG [JSP]:調試]禁用獲得進一步的輸出響應
11:37:08,902 DEBUG [CoyoteAdapter:debug] Requested cookie session id is 3793E0F8FF02F043D9DCF5D98A85AFC6
11:37:08,903 DEBUG [AuthenticatorBase:debug] Security checking request GET /example2/
11:37:08,903 DEBUG [RealmBase:debug] Checking constraint 'SecurityConstraint[All resources]' against GET /index.jsp --> true
11:37:08,904 DEBUG [RealmBase:debug] Checking constraint 'SecurityConstraint[All resources]' against GET /index.jsp --> true
11:37:08,904 DEBUG [AuthenticatorBase:debug] Calling hasUserDataPermission()
11:37:08,904 DEBUG [RealmBase:debug] User data constraint has no restrictions
11:37:08,956 DEBUG [JNDIBasedSecurityManagement:debug] Creating SDC for domain=JaasDbRealm
11:37:08,957 DEBUG [JaasDbRealm:debug] CallbackHandler: [email protected]
11:37:08,958 DEBUG [JaasDbRealm:debug] CachePolicy set to: [email protected]
11:37:08,959 DEBUG [JNDIBasedSecurityManagement:debug] setCachePolicy, [email protected]
11:37:09,037 DEBUG [AuthenticatorBase:debug] Calling authenticate()
11:37:09,039 DEBUG [FormAuthenticator:debug] Save request in session '81BC14FA6517824ADDE56EDAEC9EA0C6'
11:37:09,128 DEBUG [[jsp]:debug] Disabling the response for futher output
11:37:09,134 DEBUG [AuthenticatorBase:debug] Failed authenticate() test
11:37:12,885 DEBUG [CoyoteAdapter:debug] Requested cookie session id is 81BC14FA6517824ADDE56EDAEC9EA0C6
11:37:12,886 DEBUG [AuthenticatorBase:debug] Security checking request POST /example2/j_security_check
11:37:12,887 DEBUG [FormAuthenticator:debug] Authenticating username 'admin'
11:37:13,035 DEBUG [[jsp]:debug] Disabling the response for futher output
11:37:13,036 DEBUG [AuthenticatorBase:debug] Failed authenticate() test ??/example2/j_security_check
我的conf:
login-config.xml
<application-policy name = "JaasDbRealm">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<module-option name="dsJndiName">jdbc/MysqlDS</module-option>
<module-option name="principalsQuery">select passwd from Users username where username=?</module-option>
<module-option name="rolesQuery">select userRoles, 'Roles' from UserRoles where username=?</module-option>
</login-module>
</authentication>
</application-policy>
的JBoss-web.xml中
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/JaasDbRealm</security-domain>
</jboss-web>
的web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<description>Protects all resources</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
的login.jsp
<form name="loginForm" method="post" action="j_security_check">
<table>
<tr>
<td>User Name:</td>
<td><input type="text" name="j_username"></td>
</tr>
<tr>
<td>User Password:</td>
<td><input type="text" name="j_password"></td>
</tr>
<tr colspan="2">
<td><input type="submit" value="login"></td>
</tr>
</table>
</form>