| Blog信息 |
|
blog名称:
日志总数:1304
评论数量:2242
留言数量:5
访问次数:7603548
建立时间:2006年5月29日 |
| |
|
 [J2SE]JAAS:认证篇[续]
软件技术
lhwork 发表于 2006/8/18 16:51:52 |
| JAAS:认证篇[续]步骤二:
实现Principal.Principal干什么,我觉得就是和Subject关联的属性数据,如果你把User当作subject,Principal可以存放帐号,密码以及其他的Email等.
必须实现该方法.
public String getName() { return this.name; }
我这里简单写了一个Principal.
package cn.com.tiansky.auth.Principal;
import java.io.Serializable;import java.security.Principal;
/** * @author tiansky * @version 1.0 * 实现Principal接口的对象,可以存放于subject的Principal集合中。 * */public class Operator implements Principal,Serializable{
/** * serialVersionUID */ private static final long serialVersionUID = 1789L; /** * name is for Principal标识 */ private String name; private String id; private String pwd; private String email; private String content; private String loginname; public String getLoginname() { return loginname; } public void setLoginname(String loginname) { this.loginname = loginname; } /** * */ public Operator() { } /** * @param id */ public Operator(String id) { this.id =id; } public String getName() { return this.name; }
public void setName(String name) { this.name = name; }
public String getContent() { return content; }
public void setContent(String content) { this.content = content; }
public String getEmail() { return email; }
public void setEmail(String email) { this.email = email; }
public String getId() { return id; }
public void setId(String id) { this.id = id; }
public String getPwd() { return pwd; }
public void setPwd(String pwd) { this.pwd = pwd; }
}
步骤三:
配置文件C:\tomcat4\conf\login.config
Sample { cn.com.tiansky.auth.LoginModule.MyJAASModule required debug=true mark="MD5" debug=true check=true jndi="jdbc/EmployeeDB";};
步骤四:配置Server.xml
<Context path="/myjaas" docBase="D:/CAS src/myjaas" debug="0" reloadable="true" crossContext="true"> <Realm className="org.apache.catalina.realm.JAASRealm" appName="Sample" userClassNames="cn.com.tiansky.auth.Principal.Operator" roleClassNames="cn.com.tiansky.auth.Principal.Role" debug="99"> </Realm> <Resource name="jdbc/EmployeeDB" auth="Container" type="javax.sql.DataSource" driverClassName="oracle.jdbc.driver.OracleDriver" url="jdbc:oracle:thin:@192.168.3.124:1521:cudms" username="report" password="report" maxActive="20" maxIdle="10" maxWait="-1"/>
</Context>
注意:userClassNames,roleClassNames.你自己的Principal,一定要在这里注册.
步骤五:
配置Djava.security.auth.login.config
在 tomcat 启动脚本中加入 JAVA_OPTS=-Djava.security.auth.login.config==C:\tomcat4\conf\login.config
步骤四中的appName="Sample" 应用与配置文件login.config 保持一致.
步骤六:
你自己再搞
<security-constraint> <web-resource-collection> <web-resource-name>User Protected</web-resource-name> <url-pattern>/protected/*</url-pattern> <url-pattern>/protected.jsp</url-pattern> </web-resource-collection> <auth-constraint> <role-name>user</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>MyJAASRealm</realm-name> </login-config> 笔者采用From校验方式,如下
<?xml version="1.0" encoding="ISO-8859-1"?><web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4"> <display-name>yutou1.0</display-name>
<filter> <filter-name>Set Character Encoding</filter-name> <filter-class>my.SetCharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>utf-8</param-value> </init-param> <init-param> <param-name>ignore</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>Set Character Encoding</filter-name> <servlet-name>*</servlet-name> </filter-mapping>
<session-config> <session-timeout>30</session-timeout> </session-config> <security-constraint> <web-resource-collection> <web-resource-name>User Protected</web-resource-name> <url-pattern>/protected/*</url-pattern> <url-pattern>/protected.jsp</url-pattern> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> </security-constraint> <!--<login-config> <auth-method>BASIC</auth-method> <realm-name>MyJAASRealm</realm-name> </login-config>--> <!-- Default login configuration uses form-based authentication --> <login-config> <auth-method>FORM</auth-method> <realm-name>Anonymous Form-Based Authentication Area</realm-name> <form-login-config> <form-login-page>/protected/login.jsp</form-login-page> <form-error-page>/protected/error.jsp</form-error-page> </form-login-config> </login-config> <!-- Security roles referenced by this web application --> <security-role> <role-name>*</role-name> </security-role><resource-ref> <description> Resource reference to a factory for java.sql.Connection instances that may be used for talking to a particular database that is configured in the server.xml file. </description> <res-ref-name> jdbc/EmployeeDB </res-ref-name> <res-type> javax.sql.DataSource </res-type> <res-auth> Container </res-auth></resource-ref> <!-- The Usual Welcome File List --> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <error-page> <exception-type>org.springframework.context.ApplicationContextException</exception-type> <location>/WEB-INF/view/jsp/brokenContext.jsp</location> </error-page>
<error-page> <exception-type>java.lang.Exception</exception-type> <location>/WEB-INF/view/jsp/errors.jsp</location> </error-page>
<error-page> <error-code>404</error-code> <location>/</location> </error-page></web-app>
打完收工:
注意事项,关于自己的loginModule,Principal等类,最好放在Apache/Common/classes下面,否则可能会找不到,猜想和容器的类装载策略有关.
[待续!] |
|
|