如何從部署到Websphere 6.1的EJB訪問認證別名

Question

我需要在我的EJB中爲密鑰存儲提供密碼，但我不希望它對開發人員可見。我的想法是在Websphere Console中創建身份驗證別名，稍後查找MY_ALIAS並從別名獲取密碼。 我發現一些有關主題的討論在： http://www.coderanch.com/t/79439/Websphere/Authentication-Data

有誰知道可以別名lookuped？你建議的方法來達到我的目標是什麼？

非常感謝！

Answer 1

您可以使用下面的代碼來獲得J2C認證數據錄入憑證：

import com.ibm.wsspi.security.auth.callback.Constants; 
import com.ibm.wsspi.security.auth.callback.WSMappingCallbackHandlerFactory; 
import javax.resource.spi.security.PasswordCredential; 
import javax.security.auth.Subject; 
import javax.security.auth.callback.CallbackHandler; 
import javax.security.auth.login.LoginContext; 

Map map = new HashMap(); 
map.put(Constants.MAPPING_ALIAS, "YOUR_J2C_DATA_ALIAS"); 
CallbackHandler callbackHandler = WSMappingCallbackHandlerFactory.getInstance().getCallbackHandler(map, null); 

LoginContext loginContext = new LoginContext("DefaultPrincipalMapping", callbackHandler); 
loginContext.login(); 

Subject subject = loginContext.getSubject(); 
Set credentials = subject.getPrivateCredentials(); 

PasswordCredential passwordCredential = (PasswordCredential) credentials.iterator().next(); 

String user = passwordCredential.getUserName(); 
String password = new String(passwordCredential.getPassword());