个人中心
gpt4 book ai didi

java - 无法配置 JAAS 身份验证

转载 作者:行者123 更新时间:2023-11-29 15:57:12 25 4
gpt4 key购买 nike

我想对我的 Web 应用程序使用 JAAS 身份验证。我无法弄清楚错误出在哪里。我没有收到任何错误消息,但登录部分不起作用。

我有一个 Html 页面 (index.html) 作为首页。登录时获取用户名和密码并将其带到 servlet。

index.html

    <html>
    <head>
    <title>Login
    </title>
    </head>
    <body>
    <br><br>
    <center>
    <h1>Railway Reservation</h1>
    <br><br>
    <form action="Authentication" method="post">
        User Name:<input type="text" name="user"><br><br>
        Password:<input type="password" name="pass"><br><br>
        <input type="submit" value="Login">
    </form>
    </center>
    </body>
    </html>

身份验证.java

import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.WebServlet;
import javax.security.auth.login.*;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;


public class Authentication extends HttpServlet
{
    public Authentication()
    {
        super();
    }

    protected void doPost(HttpServletRequest request,HttpServletResponse response) throws ServletException,IOException
    {
        response.setContentType("text/html");
        PrintWriter pw = response.getWriter();
        pw.println("hiii");
        String user = request.getParameter("user");
        String password = request.getParameter("pass");
        pw.println(user + " " + password );
        if((user!=null)&&(password!=null))
        {
            pw.println("if");
            CBHandler cbhandler = new CBHandler(user,password);
            boolean authFlag = true;
            try
            {
                HttpSession session = request.getSession();
                session.setAttribute("username",user);
                pw.println("inside try block");
                System.setProperty("java.security.auth.login.config","jaas.config");
                LoginContext loginContext = new LoginContext("Railway",cbhandler);
                loginContext.login();
                pw.println("try ");
            }
            catch(LoginException e)
            {
                pw.println(e);
                e.printStackTrace();
                authFlag = false;
                pw.println("hello");
            }
            if(authFlag)
            {
                pw.println(user + " " + password);
                pw.println("Authentication success...");
                Connection con = DB.getDBconnection();
                if(con!=null)
                {
                    String sql = "select role from login where uname=?";
                    try
                    {
                        PreparedStatement pst = con.prepareStatement(sql);
                        pst.setString(1,user);
                        ResultSet rs = pst.executeQuery();
                        rs.next();
                        String role = rs.getString("role");
                        if(role.equals("user"))
                            response.sendRedirect("user.jsp");
                        else
                            response.sendRedirect("admin.jsp");
                    }
                    catch(Exception e)
                    {
                        pw.println(e);
                    }
                }
            }
            else
                pw.println("Authentication failed...");
        }
        else
        {
            pw.println("Invalid authentication...");
        }
    }
}

CBHandler.java

import java.io.*;
import javax.security.auth.callback.*;


public class CBHandler implements CallbackHandler
{
    private String user = null;
    private String password = null;

    public CBHandler(String user,String password)
    {
        this.user = user;
        this.password = password;
    }

    @Override
    public void handle(Callback[] callbackArray) throws IOException,UnsupportedCallbackException
    {
        int counter = 0;
        while(counter < callbackArray.length)
        {
            if(callbackArray[counter] instanceof NameCallback)
            {
                NameCallback nameCallback = (NameCallback)callbackArray[counter++];
                nameCallback.setName(user);
            }
            else if(callbackArray[counter] instanceof PasswordCallback)
            {
                PasswordCallback passwordCallback = (PasswordCallback)callbackArray[counter++];
                passwordCallback.setPassword(password.toCharArray());
            }
        }
    }
}

LoginMod.java

import java.util.*;
import java.sql.*;
import java.io.*;
import javax.security.auth.Subject;
import javax.security.auth.callback.*;
import javax.security.auth.login.* ;
import javax.security.auth.spi.LoginModule;

public class LoginMod implements LoginModule
{
    private CallbackHandler callbackHandler = null;
    private boolean successFlag = false;

    @Override
    public void initialize(Subject subject, CallbackHandler callbackHandler,Map<String,?> sharedState,Map<String,?> options)
    {
        this.callbackHandler = callbackHandler;
    }

    @Override
    public boolean login() throws LoginException
    {
        Callback[] callbackArray = new Callback[2];
        callbackArray[0] = new NameCallback("User Name: ");
        callbackArray[1] = new PasswordCallback("Password : ",false);
        try
        {
            callbackHandler.handle(callbackArray);
        }
        catch(IOException e)
        {
            e.printStackTrace();
        }
        catch(UnsupportedCallbackException e)
        {
            e.printStackTrace();
        }
        String name = ((NameCallback) callbackArray[0]).getName();
        String password = new String(((PasswordCallback) callbackArray[1]).getPassword());
        if((name.equals("root"))&&(password.equals("root")))
        {
            System.out.println("auth success");
            successFlag = true;
        }
        else
        {
            successFlag = false;
            throw new FailedLoginException ("auth failed");
        }
        return successFlag;
    }

    @Override
    public boolean commit() throws LoginException
    {
        return successFlag;
    }

    @Override
    public boolean abort() throws LoginException
    {
        return false;
    }

    @Override
    public boolean logout() throws LoginException
    {
        return false;
    }
}

jaas.config

Railway
{
    LoginMod required debug=true;
};

当我运行此代码时,我将其作为输出

hiii root root if inside try block

这是我收到的错误

HTTP Status 500 – Internal Server Error
Type Exception Report

Message java.io.IOException: jaas.config (No such file or directory)

Description The server encountered an unexpected condition that prevented it from fulfilling the request.

Exception

java.lang.SecurityException: java.io.IOException: jaas.config (No such file or directory)
    sun.security.provider.ConfigFile$Spi.<init>(Unknown Source)
    sun.security.provider.ConfigFile.<init>(Unknown Source)
    sun.reflect.GeneratedConstructorAccessor23.newInstance(Unknown Source)
    sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    java.lang.reflect.Constructor.newInstance(Unknown Source)
    java.lang.Class.newInstance(Unknown Source)
    javax.security.auth.login.Configuration$2.run(Unknown Source)
    javax.security.auth.login.Configuration$2.run(Unknown Source)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.login.Configuration.getConfiguration(Unknown Source)
    javax.security.auth.login.LoginContext$1.run(Unknown Source)
    javax.security.auth.login.LoginContext$1.run(Unknown Source)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.login.LoginContext.init(Unknown Source)
    javax.security.auth.login.LoginContext.<init>(Unknown Source)
    Authentication.doPost(Authentication.java:37)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
    org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
Root Cause

java.io.IOException: jaas.config (No such file or directory)
    sun.security.provider.ConfigFile$Spi.ioException(Unknown Source)
    sun.security.provider.ConfigFile$Spi.init(Unknown Source)
    sun.security.provider.ConfigFile$Spi.<init>(Unknown Source)
    sun.security.provider.ConfigFile.<init>(Unknown Source)
    sun.reflect.GeneratedConstructorAccessor23.newInstance(Unknown Source)
    sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    java.lang.reflect.Constructor.newInstance(Unknown Source)
    java.lang.Class.newInstance(Unknown Source)
    javax.security.auth.login.Configuration$2.run(Unknown Source)
    javax.security.auth.login.Configuration$2.run(Unknown Source)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.login.Configuration.getConfiguration(Unknown Source)
    javax.security.auth.login.LoginContext$1.run(Unknown Source)
    javax.security.auth.login.LoginContext$1.run(Unknown Source)
    java.security.AccessController.doPrivileged(Native Method)
    javax.security.auth.login.LoginContext.init(Unknown Source)
    javax.security.auth.login.LoginContext.<init>(Unknown Source)
    Authentication.doPost(Authentication.java:37)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
    org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)

最佳答案

我出错的地方是在 java.security 文件中给出了配置文件的位置,该文​​件位于 C:\Program Files\Java\jre1.8.0_77\lib\security\java.security 中

在 Windows 中复制 jaas.config 文件的路径时,路径以反斜杠 (/) 给出,应替换为正斜杠 (\)。

例如,它应该类似于 login.config.url.1=file:D:/mani/java/sample_jaas.config 而不是 login.config.url.1 =文件:D:\mani\java\sample_jaas.config

我想这会对某人有帮助。

关于java - 无法配置 JAAS 身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56394970/

25 4 0
文章推荐: java - HikariPool-1 - 驱动程序不支持获取/设置连接的网络超时。 (com.mysql.jdbc.JDBC4Connection.getNetworkTimeout()I)
文章推荐: c# - 如果第一次没有找到任何内容,如何正确地多次查询数据库以获取某个值 C#
文章推荐: mysql - 如何使用nodejs在mysql中使用like查询
文章推荐: 每秒在 ASP.net 头部创建 Javascript,Ajax Timer 导致问题
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com