|
Java форум JavaTalks
форум программистов
|
|
|
|
| Предыдущая тема :: Следующая тема |
| Автор |
Сообщение |
devalentino : 31
Новичок
|
 Фев 17, 2012 14:31 |
 |
|
Здравствуйте. У меня вопрос по поводу авторизации средствами JAAS. Я написал свой модуль авторизации (MonopolyRealm, MonopolyLoginModule). Так же в другом проекте у меня есть класс, в котором я получаю логин и пароль из HTML формы (Player). Вопрос - как передать значения логина и пароля в мой модуль авторизации?
Модуль зарегистрирован в Glassfish 3.1.1. Теперь мне нужно чтобы мое приложение подхватило его при развертывании на сервере, и передало в него логин и пароль (в методе login класса Player)
Заранее спасибо
MonopolyRealm
| Код: |
package net.monopolyclub.monopolylogin;
import java.util.Enumeration;
import java.util.Vector;
import java.sql.ResultSet;
import net.monopolyclub.monopolylogin.db.DBManager;
import net.monopolyclub.monopolylogin.db.DerbyDBManager;
import java.sql.SQLException;
import java.io.IOException;
import com.sun.enterprise.security.auth.realm.IASRealm;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
public class MonopolyRealm extends IASRealm
{
private DBManager dbManager;
public MonopolyRealm () throws InvalidOperationException
{
super();
dbManager = new DerbyDBManager();
try
{
dbManager.initialize("org.apache.derby.jdbc.ClientDriver", "jdbc:derby://localhost:1527/****", "****", "****");
}
catch (SQLException e)
{
throw new InvalidOperationException(e.getMessage());
}
catch (IOException e)
{
throw new InvalidOperationException(e.getMessage());
}
}
@Override
public Enumeration getGroupNames (String login) throws InvalidOperationException, NoSuchUserException {
Vector vector = new Vector();
try
{
ResultSet rs = dbManager.select("APP.ROLES.NAME", "APP.USERS, APP.ROLES, APP.JT_USER_ROLE", "APP.USERS.LOGIN = '" + login + "' AND APP.USERS.ID = APP.JT_USER_ROLE.USER_FK AND APP.ROLES.ID = APP.JT_USER_ROLE.ROLE_FK");
while (rs.next())
{
vector.add(rs.getString("NAME"));
}
}
catch (SQLException e)
{
throw new InvalidOperationException(e.getMessage());
}
return vector.elements();
}
@Override
public String getAuthType () {
return "MonopolyAuth";
}
@Override
public String getJAASContext () {
return "monopolyRealm";
}
public boolean loginUser (String login, String password) throws InvalidOperationException, NoSuchUserException {
boolean loginSuccessfull = false;
try
{
ResultSet rs = dbManager.select("LOGIN", "APP.USERS", "APP.USERS.LOGIN = '" + login + "' AND APP.USERS.PASSWORD = '" + password + "'");
if (rs.next())
{
loginSuccessfull = true;
}
else
{
throw new NoSuchUserException("username or password incorect");
}
}
catch (SQLException e)
{
throw new InvalidOperationException(e.getMessage());
}
return loginSuccessfull;
}
}
|
MonopolyLoginModule
| Код: |
package net.monopolyclub.monopolylogin;
import java.util.LinkedList;
import java.util.Enumeration;
import com.sun.appserv.security.AppservPasswordLoginModule;
import javax.security.auth.login.LoginException;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
public class MonopolyLoginModule extends AppservPasswordLoginModule
{
private MonopolyRealm realm;
@Override
protected void authenticateUser () throws LoginException
{
Enumeration userGroupEnum = null;
LinkedList<String> userGroupList = new LinkedList<String>();
if (!(_currentRealm instanceof MonopolyRealm))
{
throw new LoginException();
}
else
{
realm = (MonopolyRealm) _currentRealm;
}
try
{
if (realm.loginUser(_username, _password))
{
try
{
userGroupEnum = realm.getGroupNames(_username);
}
catch (InvalidOperationException e)
{
throw new LoginException(e.getMessage());
}
catch (NoSuchUserException e)
{
throw new LoginException(e.getMessage());
}
while (userGroupEnum.hasMoreElements())
{
userGroupList.add((String) userGroupEnum.nextElement());
}
}
else
{
throw new LoginException();
}
}
catch (InvalidOperationException e)
{
throw new LoginException(e.getMessage());
}
catch (NoSuchUserException e)
{
throw new LoginException(e.getMessage());
}
commitUserAuthentication(userGroupList.toArray(new String[0]));
}
}
|
Player
| Код: |
package net.monopolyclub.game.faces;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ManagedProperty;
import javax.faces.bean.RequestScoped;
import javax.faces.event.ComponentSystemEvent;
import javax.faces.context.FacesContext;
import javax.annotation.PostConstruct;
import javax.ejb.EJB;
import net.monopolyclub.game.ejb.PlayerEJB;
import net.monopolyclub.game.faces.utils.ImplicitNavigationManagerInterface;
@ManagedBean
@RequestScoped
public class Player
{
@EJB
private PlayerEJB player;
@ManagedProperty("#{implicitNavigationManager}")
private ImplicitNavigationManagerInterface navigator;
private String email;
private String password;
private String confirmPassword;
public Player ()
{
}
@PostConstruct
public void init ()
{
navigator.setRedirect(true);
}
public void checkIsAuthorized (ComponentSystemEvent cse)
{
navigator.jump("game");
}
public void registerNewUser ()
{
Long id = player.addNewUser(email, password);
}
public void login ()
{
}
/* -- getters/setters -- */
public String getEmail ()
{
return this.email;
}
public void setEmail (String email)
{
this.email = email;
}
public String getPassword ()
{
return this.password;
}
public void setPassword (String password)
{
this.password = password;
}
public String getConfirmPassword ()
{
return this.confirmPassword;
}
public void setConfirmPassword (String confirmPassword)
{
this.confirmPassword = confirmPassword;
}
public ImplicitNavigationManagerInterface getNavigator ()
{
return this.navigator;
}
public void setNavigator (ImplicitNavigationManagerInterface navigator)
{
this.navigator = navigator;
}
}
|
|
|
|
|
 |
devalentino : 31
Новичок
|
| Фев 19, 2012 1:44 |
| |
|
Я я переписал метод login класса Player. Но у меня происходит исключение, незнаю как его избежать. Может кто-то с таким тоже сталкивался 
| Код: |
public void login ()
{
LoginHandler handler = new LoginHandler(email, password);
try
{
loginContext = new LoginContext("monopolyRealm", handler);
loginContext.login();
System.out.println("login successfull");
}
catch (LoginException e)
{
//System.out.println("login exception: " + e.getMessage());
e.printStackTrace();
}
}
|
LoginHandler
| Код: |
package net.monopolyclub.game.util;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.CallbackHandler;
public class LoginHandler implements CallbackHandler
{
private String login;
private char[] password;
public LoginHandler (String login, String password)
{
this.login = login;
this.password = password.toCharArray();
}
@Override
public void handle(Callback[] callbacks)
{
System.out.println("----------------------------------------------------");
for (Callback callback : callbacks)
{
if (callback instanceof NameCallback)
{
System.out.println("2222222222222222222222222");
NameCallback nc = (NameCallback) callback;
nc.setName(login);
}
else if (callback instanceof PasswordCallback)
{
System.out.println("olololololololololool111111");
PasswordCallback pc = (PasswordCallback) callback;
pc.setPassword(password);
}
}
}
}
|
| Цитата: |
[#|2012-02-19T00:21:25.526+0300|SEVERE|glassfish3.1.1|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=105;_ThreadName=Thread-2;|javax.security. auth.login.LoginException: No credentials.
at com.sun.appserv.security.AppservPasswordLoginModule.extractCredentials(AppservPasswordLoginModule.java:336)
at com.sun.appserv.security.AppservPasswordLoginModule.login(AppservPasswordLoginModule.java:145)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
at net.monopolyclub.game.faces.Player.login(Player.java:5
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:234)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:297)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:8
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
at javax.faces.component.UICommand.broadcast(UICommand.java:315)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1539)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:9
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:330)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:174)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:828)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:725)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1019)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
|#]
|
|
|
|
|
|
devalentino : 31
Новичок
|
| Фев 19, 2012 23:57 |
| |
|
Я переписал LoginModule, и все вроде как заработало. К сожалению информации очень очень мало даже на английском, и модуль пришлось писать по обрывкам отдельных постов на форумах, багтрекерах, блогах, и stackoverflow-ах. Может быть кому-то пригодится мой опыт, по этому ниже привожу свой код:
| Код: |
package net.monopolyclub.mlogin;
import java.util.Map;
import java.util.Enumeration;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.spi.LoginModule;
import java.io.IOException;
import javax.security.auth.login.LoginException;
import javax.security.auth.callback.UnsupportedCallbackException;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import com.sun.enterprise.security.auth.realm.BadRealmException;
public class MonopolyLoginModule implements LoginModule
{
private MonopolyRealm realm;
private Subject subject;
private CallbackHandler callbackHandler;
private Object sharedState;
private Object options;
private boolean authenticated = false;
private String username;
private String password;
private Enumeration roles;
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String, ?> sharedState, Map<String, ?> options)
{
this.subject = subject;
this.callbackHandler = callbackHandler;
this.sharedState = sharedState;
this.options = options;
}
@Override
public boolean abort() throws LoginException
{
// TODO
return true;
}
@Override
public boolean commit() throws LoginException
{
if (authenticated)
{
while (roles.hasMoreElements())
{
subject.getPrincipals().add(new MPrincipal((String) roles.nextElement()));
}
subject.getPrincipals().add(new MPrincipal(username));
}
return authenticated;
}
@Override
public boolean login() throws LoginException
{
NameCallback nameCB = new NameCallback("Username");
PasswordCallback passwordCB = new PasswordCallback("Password", true);
Callback[] callbacks = new Callback[] { nameCB, passwordCB };
try
{
callbackHandler.handle(callbacks);
// Authenticate username/password
username = nameCB.getName();
password = String.valueOf(passwordCB.getPassword());
realm = new MonopolyRealm();
try
{
if (realm.loginUser(username, password))
{
authenticated = true;
roles = realm.getGroupNames(username);
return authenticated;
}
else
{
return false;
}
}
catch (NoSuchUserException e)
{
throw new LoginException(e.getMessage());
}
}
catch (IOException e)
{
throw new LoginException(e.getMessage());
}
catch (UnsupportedCallbackException e)
{
throw new LoginException(e.getMessage());
}
catch (InvalidOperationException e)
{
throw new LoginException(e.getMessage());
}
}
@Override
public boolean logout() throws LoginException
{
subject.getPrincipals().clear();
authenticated = false;
return true;
}
}
|
|
|
|
|
|
|
|
|
