我正在嘗試連接到數據庫,以驗證用戶使用Apache Shiro。我有一個servlet調用一個java類來執行這個任務。現在它只是簡單地改變一個字符串,如果它成功驗證。我已嘗試許多不同的連接方法:數據池,JTDS,Microsoft SQL Server的JDBC,所有給我的錯誤:Apache Shiro SQL錯誤,同時驗證用戶
SQL error while authenticating user [user1]
我的日誌文件也顯示此錯誤:
Warning: RAR5058: Error while Resizing pool SQLS1-TestBilling. Exception : Connection could not be allocated because: The TCP/IP connection to the host SQLS1, port 1433 has failed. Error: "null. Verify the connection properties. Make sure that an instance of SQL Server is running on the host and accepting TCP/IP connections at the port. Make sure that TCP connections to the port are not blocked by a firewall.".
我能在Servlet中使用TestBilling連接池就好了,所以我不認爲這是池的問題,但似乎無法使用ini文件聲明來使用SQL。有什麼我失蹤,忘記做,或做錯了?
以下是相關文件:
GetAuthServlet.java:
package com.phmc.shiro5web;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class GetAuthServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE html>");
out.println("<html>");
out.println("<head>");
out.println("<title>Auth</title>");
out.println("</head>");
out.println("<body>");
AuthenticationClass au = new AuthenticationClass();
String b = "";
b = au.isAuthenticated("mmarino", "test");
out.println(b);
out.println("</body>");
out.println("</html>");
}
AuthenticationClass.java:
package com.phmc.shiro5web;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class AuthenticationClass {
private static final transient Logger log = LoggerFactory.getLogger(Authentication.class);
String isAuthenticated(String username, String password){
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();
String b = "fail";
log.info("Test");
try{
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken("mmarino", "test") ;
token.setRememberMe(true);
try {
currentUser.login(token);
b = "Success";
}catch (UnknownAccountException uae) {
log.info("There is no user with username of " + token.getPrincipal());
}
}
}catch(Exception e){
b = e.toString();
}
)
return b;
}
}
Shiro.ini:
[main]
ds = org.apache.shiro.jndi.JndiObjectFactory
ds.resourceName = jdbc/TestBilling
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $ds
jdbcRealm.permissionsLookupEnabled = true
jdbcRealm.authenticationQuery = SELECT theuser FROM UserList
securityManager.realm = $jdbcRealm
我也試過: jdbcRealm.authenticationQuery =選擇用戶FROM UserList where passwordList =?
在倒數第二行的Shiro.ini文件中。
連接池有多大? –
@BrianDemers你是什麼意思「多大」?現在我們仍處於測試模式,所以它沒有獲得很多流量,我可以告訴你。 –
沒錯,但是如果池真的很小,並且你有多個連接(一個來自Shiro,另一個來自你的servlet),它不會花費太多。您還正在爲每個請求創建一個新的SecurityManager。 我建議看一看Shiro [網頁示例](https://github.com/apache/shiro/tree/master/samples/web),或者看看[我們的應用程序文檔](http://shiro.apache.org/web.html)。我建議,作爲一個起點,一旦你有Shiro servlet過濾器設置和工作,添加你的自定義邏輯將會容易得多。 –