JBoss 身份验证问题
JBoss authentication issue
我是 JBoss 的新手,我在 JBoss 6.2 中有应用程序 运行。
我们通常使用 JSF 设置登录。它显示了一个带有用户名和密码的屏幕(由 JSF 创建),这是应用程序的内部部分并且工作正常。
但我了解到 JBoss 中提供了基本的身份验证设置。我们可以按照需要通过身份验证的方式对其进行配置。
我在网上搜索了一下,找到了如下介绍的方法:
D:\workspace_Csmart\jboss-eap-6.2\bin>add-user
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): b
Enter the details of the new user to add.
Using realm 'ApplicationRealm' as discovered from the existing property files.
Username : prabhu
User 'prabhu' already exits, would you like to update the existing user password and roles
Is this correct yes/no? yes
Password :
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[user]: prabhu
Updated user 'prabhu' to file 'D:\workspace_Csmart\jboss-eap-
6.2\standalone\configuration\application-users.properties'
Updated user 'prabhu' to file 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-users.properties'
Updated user 'prabhu' with groups prabhu to file 'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-roles.prope
Updated user 'prabhu' with groups prabhu to file 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-roles.propertie
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? yes
To represent the user add the following to the server-identities definition <secret value="cHJhYmh1QDEyMw==" />
您会看到用户和密码已在属性中更新,所以我 运行 使用本地设置的服务器已启动 运行。但我没有看到任何询问 JBoss 基本凭据的弹出窗口。就是直接进入登录页面:http://10.17.195.15:8080/Proj/home.xhtml
我必须对 standalone.xml 做些什么吗? security 标签?
如果有人能指出我在这里遗漏了什么,我将不胜感激?我需要做什么才能使其适用于 JBoss 基本身份验证?谢谢!
1) 首先,您需要将所有 jsf 文件(需要保护)移动到某个文件夹中,例如 secured 文件夹。
2) 创建重定向到受保护起始页的 index.jsf 并将其放在 secured 文件夹之外。
3) 创建 logout.jsf 执行 session.invalidate() 并重定向到 index.jsf 页面。
<html>
<body>
<%
if(session!=null)
{
session.invalidate();%>
<jsp:forward page="index.jsp" />
<%
} else{
%>
Logged Out Successfully....
<% }%>
</body>
</html>
4) 添加安全约束到 web.xml.
<security-constraint>
<web-resource-collection>
<web-resource-name>MySecureResources</web-resource-name>
<description>Some Description</description>
<url-pattern>/secured/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>TestRole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>TestRole</role-name>
</security-role>
5) 在项目 WEB_INF 文件夹中创建 jboss-web.xml 文件。
<?xml version="1.0"?>
<!DOCTYPE jboss-web PUBLIC
"-//JBoss//DTD Web Application 5.0//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd">
<jboss-web>
<security-domain>java:/jaas/BasicAuthWebAppPolicy</security-domain>
<context-root>/basicSecurityWebApp</context-root>
</jboss-web>
6) 创建一个名称类似于 basicSecurityWebApp-roles.properties. 的文件并将其放在 WEB_INF/classes 文件夹中。在那里定义角色并将该角色分配给某个用户。
TestUserOne=TestRole
7) 创建另一个类似 basicSecurityWebApp-users.properties 的文件并将其放入 WEB-INF/classes 文件夹并定义用户名和密码。
TestUserOne=TestPassword
8) 现在你应该修改 $PROFILE/conf/ 文件夹中的 login-config.xml。添加与 BasicSecurityWebApp.
同名的应用程序策略
<application-policy name="BasicAuthWebAppPolicy">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties">basicSecurityWebApp-users.properties</module-option>
<module-option name="rolesProperties">basicSecurityWebApp-roles.properties</module-option>
</login-module>
</authentication>
9) 将应用程序部署到 JBoss。
10) 现在每次访问我们的网站时,您都必须输入您在凭据文件中提供的用户名和密码(用户名为“TestUserOne”,密码为“TestPassword” ).
有关详细信息,请参阅 This
是的。这以某种方式帮助我解决了这个问题,我只是做了以下事情:
在 WebContent 文件夹下:
第 1 步:web.xml
中的变化
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<description>Protects all resources</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>prabhu</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>prabhu</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name></realm-name>
</login-config>
第 2 步:jboss-web.xml
中的变化
<jboss-web>
<context-root>C-SMART</context-root>
<security-domain>java:/jaas/other</security-domain>
</jboss-web>
第 3 步:为 jboss 基本身份验证创建用户和密码
D:\workspace_Csmart\jboss-eap-6.2\bin>添加用户
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): b
Enter the details of the new user to add.
Using realm 'ApplicationRealm' as discovered from the existing property files.
Username : prabhu
User 'prabhu' already exits, would you like to update the existing user password and roles
Is this correct yes/no? yes
Password :
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[prabhu]: prabhu
Updated user 'prabhu' to file 'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-users.properties'
Updated user 'prabhu' to file 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-users.properties'
Updated user 'prabhu' with groups prabhu to file 'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-roles.properties'
Updated user 'prabhu' with groups prabhu to file 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-roles.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? yes
To represent the user add the following to the server-identities definition <secret value="cHJhYmh1QDEyMw==" />
Press any key to continue . . .
第 4 步:验证以上用户更改反映在以下文件中
'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-users.properties'
'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-users.properties'
'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-roles.properties'
'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-roles.properties'
它对我来说很好..谢谢你的帮助..
我是 JBoss 的新手,我在 JBoss 6.2 中有应用程序 运行。 我们通常使用 JSF 设置登录。它显示了一个带有用户名和密码的屏幕(由 JSF 创建),这是应用程序的内部部分并且工作正常。
但我了解到 JBoss 中提供了基本的身份验证设置。我们可以按照需要通过身份验证的方式对其进行配置。 我在网上搜索了一下,找到了如下介绍的方法:
D:\workspace_Csmart\jboss-eap-6.2\bin>add-user
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): b
Enter the details of the new user to add.
Using realm 'ApplicationRealm' as discovered from the existing property files.
Username : prabhu
User 'prabhu' already exits, would you like to update the existing user password and roles
Is this correct yes/no? yes
Password :
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[user]: prabhu
Updated user 'prabhu' to file 'D:\workspace_Csmart\jboss-eap-
6.2\standalone\configuration\application-users.properties'
Updated user 'prabhu' to file 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-users.properties'
Updated user 'prabhu' with groups prabhu to file 'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-roles.prope
Updated user 'prabhu' with groups prabhu to file 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-roles.propertie
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? yes
To represent the user add the following to the server-identities definition <secret value="cHJhYmh1QDEyMw==" />
您会看到用户和密码已在属性中更新,所以我 运行 使用本地设置的服务器已启动 运行。但我没有看到任何询问 JBoss 基本凭据的弹出窗口。就是直接进入登录页面:http://10.17.195.15:8080/Proj/home.xhtml
我必须对 standalone.xml 做些什么吗? security 标签?
如果有人能指出我在这里遗漏了什么,我将不胜感激?我需要做什么才能使其适用于 JBoss 基本身份验证?谢谢!
1) 首先,您需要将所有 jsf 文件(需要保护)移动到某个文件夹中,例如 secured 文件夹。
2) 创建重定向到受保护起始页的 index.jsf 并将其放在 secured 文件夹之外。
3) 创建 logout.jsf 执行 session.invalidate() 并重定向到 index.jsf 页面。
<html>
<body>
<%
if(session!=null)
{
session.invalidate();%>
<jsp:forward page="index.jsp" />
<%
} else{
%>
Logged Out Successfully....
<% }%>
</body>
</html>
4) 添加安全约束到 web.xml.
<security-constraint>
<web-resource-collection>
<web-resource-name>MySecureResources</web-resource-name>
<description>Some Description</description>
<url-pattern>/secured/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>TestRole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>TestRole</role-name>
</security-role>
5) 在项目 WEB_INF 文件夹中创建 jboss-web.xml 文件。
<?xml version="1.0"?>
<!DOCTYPE jboss-web PUBLIC
"-//JBoss//DTD Web Application 5.0//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd">
<jboss-web>
<security-domain>java:/jaas/BasicAuthWebAppPolicy</security-domain>
<context-root>/basicSecurityWebApp</context-root>
</jboss-web>
6) 创建一个名称类似于 basicSecurityWebApp-roles.properties. 的文件并将其放在 WEB_INF/classes 文件夹中。在那里定义角色并将该角色分配给某个用户。
TestUserOne=TestRole
7) 创建另一个类似 basicSecurityWebApp-users.properties 的文件并将其放入 WEB-INF/classes 文件夹并定义用户名和密码。
TestUserOne=TestPassword
8) 现在你应该修改 $PROFILE/conf/ 文件夹中的 login-config.xml。添加与 BasicSecurityWebApp.
<application-policy name="BasicAuthWebAppPolicy">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties">basicSecurityWebApp-users.properties</module-option>
<module-option name="rolesProperties">basicSecurityWebApp-roles.properties</module-option>
</login-module>
</authentication>
9) 将应用程序部署到 JBoss。
10) 现在每次访问我们的网站时,您都必须输入您在凭据文件中提供的用户名和密码(用户名为“TestUserOne”,密码为“TestPassword” ).
有关详细信息,请参阅 This
是的。这以某种方式帮助我解决了这个问题,我只是做了以下事情:
在 WebContent 文件夹下:
第 1 步:web.xml
中的变化<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<description>Protects all resources</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>prabhu</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>prabhu</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name></realm-name>
</login-config>
第 2 步:jboss-web.xml
中的变化<jboss-web>
<context-root>C-SMART</context-root>
<security-domain>java:/jaas/other</security-domain>
</jboss-web>
第 3 步:为 jboss 基本身份验证创建用户和密码
D:\workspace_Csmart\jboss-eap-6.2\bin>添加用户
What type of user do you wish to add?
a) Management User (mgmt-users.properties)
b) Application User (application-users.properties)
(a): b
Enter the details of the new user to add.
Using realm 'ApplicationRealm' as discovered from the existing property files.
Username : prabhu
User 'prabhu' already exits, would you like to update the existing user password and roles
Is this correct yes/no? yes
Password :
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[prabhu]: prabhu
Updated user 'prabhu' to file 'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-users.properties'
Updated user 'prabhu' to file 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-users.properties'
Updated user 'prabhu' with groups prabhu to file 'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-roles.properties'
Updated user 'prabhu' with groups prabhu to file 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-roles.properties'
Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? yes
To represent the user add the following to the server-identities definition <secret value="cHJhYmh1QDEyMw==" />
Press any key to continue . . .
第 4 步:验证以上用户更改反映在以下文件中
'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-users.properties' 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-users.properties' 'D:\workspace_Csmart\jboss-eap-6.2\standalone\configuration\application-roles.properties' 'D:\workspace_Csmart\jboss-eap-6.2\domain\configuration\application-roles.properties'
它对我来说很好..谢谢你的帮助..