0
我有一個安全的Web服務(通過SSL的消息認證)在戰爭中分組,並且我試圖使用jdbcRealm來認證用戶。 的jdbcRealm做工精細用另一隻耳朵的應用程序,但不是這個的.war 依然採用了fileRealm儘管在web.xmlGlassfish仍然使用默認領域
web.xml中所做的配置其實GlassFish的:
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<url-pattern>/xoxoServer/secondWS/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<!--<auth-constraint>
<role-name>EMPLOYEE</role-name>
</auth-constraint>-->
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>my_realm</realm-name>
</login-config>
</web-app>
在控制檯我得到這個:
FIN: [Web-Security] hasResource perm: (javax.security.jacc.WebResourcePermission /secondWS POST)
FIN: JMAC: UnsupportedCallback : javax.security.auth.callback.NameCallback
FIN: JMAC: In PasswordValidationCallback Processor
FIN: jmac login user [test] into realm: file using JAAS module: fileRealm
FIN: Login module initialized: class com.sun.enterprise.security.auth.login.FileLoginModule
FIN: JAAS authentication aborted.
INFO: SEC5046: Audit: Authentication refused for [test].
INFO: SEC1201: Login failed for user: test
如何解決這個問題? 謝謝。 PS:我使用的Glassfish 3.1.2.2 B5與JDK6