2016-04-01 89 views
1

我需要記住Http Request的原始URL,然後將此請求重定向到Web表單以進行用戶驗證。如果驗證成功,用戶必須重定向到上面剛剛記住的original URL。 我使用JBoss 7.1.1 Final,標準web.xml,和JBoss登錄模塊org.jboss.security.auth.spi.DatabaseServerLoginModule爲JBoss實現自定義ServerAuthModule

我曾提到以下鏈接這並沒有完全回答我的問題:

然而,impltementing我的解決方案後,我的自定義ServerAuthModule不叫的。更糟糕的是,我沒有從服務器獲得任何HttpResponse。東西壞了,請幫忙!

web.xml

 <security-constraint> 
      <web-resource-collection> 
       <web-resource-name>All resources in /pages/*</web-resource-name> 
       <description>All resources in /pages/*</description> 
       <url-pattern>/pages/*</url-pattern> 
       <http-method>GET</http-method> 
       <http-method>POST</http-method> 
      </web-resource-collection> 
      <auth-constraint> 
       <role-name>general</role-name> 
      </auth-constraint> 
     </security-constraint> 

     <security-constraint> 
      <display-name>Restrict direct access to the /resources folder.</display-name> 
      <web-resource-collection> 
       <web-resource-name>The /resources folder.</web-resource-name> 
       <url-pattern>/resources/*</url-pattern> 
      </web-resource-collection> 
      <auth-constraint /> 
     </security-constraint> 

     <login-config> 
      <auth-method>FORM</auth-method> 
      <form-login-config> 
       <form-login-page>/login.jsf</form-login-page> 
       <form-error-page>/loginFailed.jsf</form-error-page> 
      </form-login-config> 
     </login-config> 

     <security-role> 
      <role-name>general</role-name> 
     </security-role>  

我的jboss-web.xml中:

<?xml version="1.0" encoding="UTF-8"?> 
    <jboss-web> 
     <security-domain>jBossJaasMysqlRealm</security-domain> 
     <valve> 
      <class-name>org.jboss.as.web.security.jaspi.WebJASPIAuthenticator</class-name> 
     </valve> 
    </jboss-web> 

standalone.xml

<security-domain name="jBossJaasMysqlRealm" cache-type="default"> 
       <authentication-jaspi> 
        <login-module-stack name="lm-stack"> 
         <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> 
          <module-option name="dsJndiName" value="java:/MySqlDS_IamOK"/> 
          <module-option name="principalsQuery" value="select password from user where username=?"/> 
          <module-option name="rolesQuery" value="select role, 'Roles' from user_role where username=?"/> 
         </login-module> 
        </login-module-stack> 
        <auth-module code="at.alex.ok.web.utils.RequestMarkerServerAuthModule" login-module-stack-ref="lm-stack"/> 
       </authentication-jaspi> 
      </security-domain> 

我定製WebServerAuthModule

import org.jboss.as.web.security.jaspi.modules.WebServerAuthModule; 

    public class RequestMarkerServerAuthModule extends WebServerAuthModule { 

     public static final String ORIGINAL_URL = "originalURL"; 

     protected static final Class[] supportedMessageTypes = new Class[] { 
       HttpServletRequest.class, HttpServletResponse.class }; 


     public void initialize(MessagePolicy reqPolicy, MessagePolicy resPolicy, 
       CallbackHandler cBH, Map opts) throws AuthException { 

      System.out.println(this.getClass().getName() + ".initialize() called"); 
     } 

     public Class[] getSupportedMessageTypes() { 
      return supportedMessageTypes; 
     } 

     public AuthStatus validateRequest(MessageInfo msgInfo, Subject client, 
       Subject server) throws AuthException { 
      try { 
       System.out.println(this.getClass().getName() + ".validateRequest() called"); 

       processAuthorizationToken(msgInfo, client); 
       return AuthStatus.SUCCESS; 

      } catch (Exception e) { 
       AuthException ae = new AuthException(); 
       ae.initCause(e); 
       throw ae; 
      } 
     } 

     private void processAuthorizationToken(MessageInfo msgInfo, Subject s) 
       throws AuthException { 

      HttpServletRequest request = (HttpServletRequest) msgInfo 
        .getRequestMessage(); 

      String originalURL = request.getRequestURL().toString(); 
      request.getSession().setAttribute(ORIGINAL_URL, originalURL); 
     } 


     public AuthStatus secureResponse(MessageInfo msgInfo, Subject service) 
       throws AuthException { 

      System.out.println(this.getClass().getName() + ".secureResponse() called"); 

      return AuthStatus.SEND_SUCCESS; 
     } 

     public void cleanSubject(MessageInfo msgInfo, Subject subject) 
       throws AuthException { 
      System.out.println(this.getClass().getName() + ".cleanSubject() called"); 

    } 

} 
+1

的JBoss 7.1.1和JASPIC是沒朋友。 –

回答

-1

這個問題不合邏輯,因爲: 對於在成功登錄後重定向到最初請求的URL,不需要爲JBoss實現自定義的ServerAuthModule。

接口javax.servlet.RequestDispatcher具有常量FORWARD_REQUEST_URI,它表示Http-Request屬性的名稱,在該屬性下原始請求URI可用於轉發請求的處理器。

使用JSF 2.2和查看作用域支持豆LoginBean,我的解決方法是獲得支持bean的@PostConstruct方法最初請求的URL,並將其存儲在一個會話屬性,如下所示:

@ManagedBean(name="loginBean") 
@ViewScoped 
public class LoginBean { 

    private String originalURL; 

    @PostConstruct 
    private void init() { 
     ExternalContext extCtx = FacesContext.getCurrentInstance().getExternalContext(); 

     String origURL = (String) extCtx.getRequestMap().get(RequestDispatcher.FORWARD_REQUEST_URI); 

     HttpServletRequest request = (HttpServletRequest) extCtx.getRequest(); 
     HttpSession session = (HttpSession)extCtx.getSession(false); 

     if (session == null){ 
      session = (HttpSession)extCtx.getSession(true); 
     } 

     if (origURL!=null && session.getAttribute(ORIGINAL_URL) == null){ 
      String applicationName = request.getContextPath(); 
      origURL = origURL.substring(applicationName.length(), origURL.length()); 
      session.setAttribute(ORIGINAL_URL, origURL); 
     } 
    } 

然後,在相同的輔助bean的登錄()方法,將用戶重定向到最初請求的URL在一個全成登錄這樣的情況下:

public String login() { 

    HttpServletRequest request = (HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest(); 

    try { 
     request.login(this.getLogin(), this.getPassword()); 
    } catch (ServletException e) { 
     // handle bad username/password here 
    } 

    return this.originalURL + "?faces-redirect=true"; 
}