1. 首頁
  2. 問答
  3. Javaee Jboss j_security_check登錄總是失敗

Javaee Jboss j_security_check登錄總是失敗

2017-02-25 71 views
1

我想爲我的Java EE項目做一個簡單的j_security_check登錄,我發現這個Tutorial可以使用WildFly Server進行設置,但還不能讓它工作。每次我嘗試登錄時,我都會重定向到錯誤頁面。Javaee Jboss j_security_check登錄總是失敗

這裏是我的代碼的東西:

的jboss-web.xml中

<?xml version="1.0" encoding="UTF-8"?> 
<jboss-web version="8.0" xmlns="http://www.jboss.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/schema/jbossas/jboss-web_8_0.xsd"> 
    <security-domain>testDSSS</security-domain> 
</jboss-web>

的web.xml

<?xml version="1.0" encoding="UTF-8"?> 
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"> 
    <context-param> 
     <param-name>javax.faces.PROJECT_STAGE</param-name> 
     <param-value>Development</param-value> 
    </context-param> 
    <servlet> 
     <servlet-name>Faces Servlet</servlet-name> 
     <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> 
     <load-on-startup>1</load-on-startup> 
    </servlet> 
    <servlet-mapping> 
     <servlet-name>Faces Servlet</servlet-name> 
     <url-pattern>/faces/*</url-pattern> 
    </servlet-mapping> 
    <session-config> 
     <session-timeout> 
      30 
     </session-timeout> 
    </session-config> 
    <welcome-file-list> 
     <welcome-file>test123.xhtml</welcome-file> 
    </welcome-file-list> 
    <security-constraint> 
     <web-resource-collection> 
      <web-resource-name>administrator</web-resource-name> 
      <url-pattern>/pages/admin/*</url-pattern> 
      <http-method>POST</http-method> 
      <http-method>GET</http-method> 
      <http-method>PUT</http-method> 
      <http-method>DELETE</http-method> 
     </web-resource-collection> 
     <auth-constraint> 
      <role-name>ADMINISTRATOR</role-name> 
     </auth-constraint> 
    </security-constraint> 
    <security-constraint> 
     <web-resource-collection> 
      <web-resource-name>user</web-resource-name> 
      <url-pattern>/pages/user/*</url-pattern> 
      <http-method>POST</http-method> 
      <http-method>GET</http-method> 
      <http-method>PUT</http-method> 
      <http-method>DELETE</http-method> 
     </web-resource-collection> 
     <auth-constraint> 
      <role-name>ADMINISTRATOR</role-name> 
      <role-name>USER</role-name> 
     </auth-constraint> 
    </security-constraint> 
    <login-config> 
     <auth-method>FORM</auth-method> 
     <realm-name>testDSSS</realm-name> 
     <form-login-config> 
      <form-login-page>/pages/login.xhtml</form-login-page> 
      <form-error-page>/pages/error.xhtml</form-error-page> 
     </form-login-config> 
    </login-config> 
    <security-role> 
     <role-name>ADMINISTRATOR</role-name> 
    </security-role> 
    <security-role> 
     <role-name>USER</role-name> 
    </security-role> 
</web-app>

login.xhtml

<!DOCTYPE html> 
<html xmlns="http://www.w3.org/1999/xhtml" 
     xmlns:h="http://xmlns.jcp.org/jsf/html" 
     xmlns:f="http://xmlns.jcp.org/jsf/core"> 
    <h:head> 
     <title>TODO supply a title</title> 
     <meta name="viewport" content="width=device-width, initial-scale=1.0"/> 
    </h:head> 
    <h:body> 
     <form action="j_security_check" method="post" class="form-horizontal"> 
    <div class="form-group"> 
     <label class="control-label col-sm-2">Username:</label> 
     <div class="col-sm-10"> 
      <input type="text" class="" name="j_username" placeholder="Username" />  
     </div> 
    </div> 
    <div class="form-group"> 
     <label class="control-label col-sm-2">Password:</label> 
     <div class="col-sm-10"> 
      <input type="password" class="" name="j_password" placeholder="Password" />  
     </div> 
    </div> 
    <div class="form-group"> 
     <div class="col-sm-offset-2 col-sm-10"> 
      <button type="submit" class="btn btn-primary">Login</button>   
     </div></div> 
     </form> 
    </h:body> 
</html>

WildFly standalone_full.xml我爲安全添加的代碼配置

<security-domains> 
       <security-domain name="testDSSS" cache-type="default"> 
        <authentication> 
         <login-module code="Database" flag="required"> 
          <module-option name="dsJndiName" value="java:/testDSSS"/> 
          <module-option name="rolesQuery" value="SELECT role, 'Roles' FROM users WHERE username=?"/> 
          <module-option name="hashAlgorithm" value="MD5"/> 
          <module-option name="hashEncoding" value="hex"/> 
          <module-option name="principalsQuery" value="SELECT password from users WHERE username=?"/> 
         </login-module> 
        </authentication> 
        <authorization> 
         <policy-module code="Database" flag="required"> 
          <module-option name="dsJndiName" value="java:/testDSSS"/> 
          <module-option name="rolesQuery" value="SELECT role, 'Roles' FROM users WHERE username=?"/> 
          <module-option name="hashAlgorithm" value="MD5"/> 
          <module-option name="hashEncoding" value="hex"/> 
          <module-option name="principalsQuery" value="SELECT password from users WHERE username=?"/> 
         </policy-module> 
        </authorization> 
       </security-domain>

有人知道我在做什麼錯了嗎?

來源

2017-02-25 Max R.

+0

查找您的服務器日誌如果日誌級別不夠你配置你的記錄器。或者你可以調試你的代碼來看看發生了什麼,但這比查找日誌輸出要麻煩得多。並且當您提出問題時,請嘗試提供更多詳細信息,例如以此conf運行時的輸出結果 –

+0

請添加數據庫模式的詳細信息,該數據庫模式通常由三個表組成。 –

回答

0

我有同樣的問題。對於我的情況,它變成standalone-full.xml中的SQL查詢(rolesquery和principalsquery)是不正確的,因爲我不使用列名稱用戶名和密碼,但有些不同。

來源

2017-08-31 15:31:17 stevec

相關問題

 相關問題