gpt4 book ai didi

java - Jboss7.1如何配置简单认证

转载 作者:塔克拉玛干 更新时间:2023-11-03 03:42:02 36 4
gpt4 key购买 nike

我正在处理由纯 jsps(scriptlets) 编写的项目,不使用任何框架。

jboss 版本:jboss-as-7.1.0.Final

我现在正尝试在其上添加简单的身份验证。因此,当用户尝试浏览 jsps 时,例如 http://localhost/myContextPath/hello.jsp,它需要先登录。

web.xml

<security-constraint>
<web-resource-collection>
<web-resource-name>All Access</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>PUT</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>

jboss-web.xml

<jboss-web>
<security-domain>other</security-domain>
</jboss-web>

standalone.xml([jboss_home]\standalone\configuration 文件夹)

<subsystem xmlns="urn:jboss:domain:security:1.1">
<security-domains>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="UsersRoles" flag="required">
<module-option name="usersProperties" value="users.properties"/>
<module-option name="rolesProperties" value="roles.properties"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="form-auth">
<authentication>
<login-module code="UsersRoles" flag="required">
<module-option name="usersProperties" value="users.properties"/>
<module-option name="rolesProperties" value="roles.properties"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>

users.properties(放在webapp classes文件夹下)

user1=jboss7

roles.properties(放在webapp classes文件夹下)

user1=Admin

在所有这些修改之后,我尝试浏览我的 hello jsp。我像往常一样工作。没有身份验证,也没有异常(exception)。

我不确定我的方向是否正确,或者安全约束是完全不同的事情。请帮忙,谢谢!!!

最佳答案

只需按照此 article 中的步骤为 7.1 设置 BASIC 身份验证.

试试这个。

配置

Web.xml

<security-constraint>
<web-resource-collection>
<web-resource-name>All Access</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>PUT</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>ApplicationRealm</realm-name>
</login-config>

<security-role>
<role-name>user</role-name>
</security-role>

jboss-web.xml

<jboss-web>
<security-domain>java:/jaas/other</security-domain>
</jboss-web>

独立.xml

如果您正在使用 ApplicationRealm,则无需执行任何操作。

添加用户

您可以使用 jboss 提供的工具将用户添加到 ApplicationRealm

%JBOSS_HOME%/bin 中。使用 add-user.bat(或)add-user.sh 工具。

C:\dev\jboss-eap-6.2\bin>add-user

What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): b

Enter the details of the new user to add.
Using realm 'ApplicationRealm' as discovered from the existing property files.
Username : johngalt
Password :
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[ ]: user
About to add user 'johngalt' for realm 'ApplicationRealm'
Is this correct yes/no? yes
Added user 'johngalt' to file 'C:\dev\jboss-eap-6.2\standalone\configuration\application-users.properties'
Added user 'johngalt' to file 'C:\dev\jboss-eap-6.2\domain\configuration\application-users.properties'
Added user 'johngalt' with groups user to file 'C:\dev\jboss-eap-6.2\standalone\configuration\application-roles.properties'
Added user 'johngalt' with groups user to file 'C:\dev\jboss-eap-6.2\domain\configuration\application-roles.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? no
Press any key to continue . . .

C:\dev\jboss-eap-6.2\bin>

这对我有用

关于java - Jboss7.1如何配置简单认证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/15541189/

36 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com