我正在使用 纯jsps(scriptlets) 编写的项目,而未使用任何框架。
jboss版本:jboss-as-7.1.0.Final
我现在尝试在其上添加简单的身份验证。因此,当用户尝试浏览jsps时,例如http://localhost/myContextPath/hello.jsp,它首先需要登录。
http://localhost/myContextPath/hello.jsp
web.xml
<security-constraint> <web-resource-collection> <web-resource-name>All Access</web-resource-name> <url-pattern>/*</url-pattern> <http-method>DELETE</http-method> <http-method>PUT</http-method> <http-method>HEAD</http-method> <http-method>OPTIONS</http-method> <http-method>TRACE</http-method> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config>
jboss-web.xml
<jboss-web> <security-domain>other</security-domain> </jboss-web>
standalone.xml([jboss_home] \ standalone \ configuration文件夹)
<subsystem xmlns="urn:jboss:domain:security:1.1"> <security-domains> <security-domain name="other" cache-type="default"> <authentication> <login-module code="UsersRoles" flag="required"> <module-option name="usersProperties" value="users.properties"/> <module-option name="rolesProperties" value="roles.properties"/> </login-module> </authentication> </security-domain> <security-domain name="form-auth"> <authentication> <login-module code="UsersRoles" flag="required"> <module-option name="usersProperties" value="users.properties"/> <module-option name="rolesProperties" value="roles.properties"/> </login-module> </authentication> </security-domain> </security-domains> </subsystem>
users.properties(放在webapp classes文件夹下)
user1=jboss7
role.properties(放在webapp classes文件夹下)
user1=Admin
经过所有这些修改后,我尝试浏览我的hello jsp。我照常工作。没有身份验证,也没有例外。
我不确定我会朝正确的方向前进,还是安全约束是完全不同的事情。请帮忙,谢谢!!!
只需按照本文中的步骤为7.1设置BASIC身份验证即可。
尝试这个。
<security-constraint> <web-resource-collection> <web-resource-name>All Access</web-resource-name> <url-pattern>/*</url-pattern> <http-method>DELETE</http-method> <http-method>PUT</http-method> <http-method>HEAD</http-method> <http-method>OPTIONS</http-method> <http-method>TRACE</http-method> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>ApplicationRealm</realm-name> </login-config> <security-role> <role-name>user</role-name> </security-role>
<jboss-web> <security-domain>java:/jaas/other</security-domain> </jboss-web>
如果您正在使用 ApplicationRealm, 则无需执行任何操作。
您可以使用jboss提供的工具将用户添加到 ApplicationRealm 。
从 %JBOSS_HOME%/ bin中 。使用 add-user.bat(或)add-user.sh 工具。
C:\dev\jboss-eap-6.2\bin>add-user What type of user do you wish to add? a) Management User (mgmt-users.properties) b) Application User (application-users.properties) (a): b Enter the details of the new user to add. Using realm 'ApplicationRealm' as discovered from the existing property files. Username : johngalt Password : Re-enter Password : What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[ ]: user About to add user 'johngalt' for realm 'ApplicationRealm' Is this correct yes/no? yes Added user 'johngalt' to file 'C:\dev\jboss-eap-6.2\standalone\configuration\application-users.properties' Added user 'johngalt' to file 'C:\dev\jboss-eap-6.2\domain\configuration\application-users.properties' Added user 'johngalt' with groups user to file 'C:\dev\jboss-eap-6.2\standalone\configuration\application-roles.properties' Added user 'johngalt' with groups user to file 'C:\dev\jboss-eap-6.2\domain\configuration\application-roles.properties' Is this new user going to be used for one AS process to connect to another AS process? e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls. yes/no? no Press any key to continue . . . C:\dev\jboss-eap-6.2\bin>
这对我有用
