JBoss Wildfly-数据库登录模块 [英] JBoss Wildfly - database login module
问题描述
JBoss Wildfly 8.0.0-Final
JSF 2.2.4
JBoss Wildfly 8.0.0-Final
JSF 2.2.4
首先,我使用application-users.properties和application-roles.properties创建了登录名. 使用add-user.bat
First I created login using the application-users.properties and application-roles.properties. Added user with add-user.bat
Web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin Resource</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/error.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
Standalone.xml
Standalone.xml
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmDirect" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
login.xhtml
login.xhtml
<?xml version="1.0" encoding="UTF-8"?>
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://xmlns.jcp.org/jsf/facelets"
xmlns:f="http://xmlns.jcp.org/jsf/core"
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:p="http://primefaces.org/ui">
<div class="center">
<form method="POST" action="j_security_check" id="">
<h:panelGrid id="panel" columns="2" border="1" cellpadding="4" cellspacing="4">
<h:outputLabel for="j_username" value="Username:" />
<input type="text" name="j_username" />
<h:outputLabel for="j_password" value="Password:" />
<input type="password" name="j_password" />
<h:panelGroup>
<input type="submit" value="Login" />
</h:panelGroup>
</h:panelGrid>
</form>
</div>
</ui:composition>
所以工作正常..现在我要使用数据库身份验证..所以我更改了standalone.xml.
So that worked fine.. now I want to use database authentication.. so I change the standalone.xml.
<login-module code="Database" flag="sufficient">
<module-option name="dsJndiName" value="java:jboss/jsi/GarageXADataSource"/>
<module-option name="principalsQuery" value="select encode(password, 'hex') from principal where username=?"/>
<module-option name="rolesQuery" value="select r.role, r.role_group from role r inner join principal p on r.role = p.role where p.username=?"/>
<module-option name="hashAlgorithm" value="SHA-512"/>
<module-option name="hashEncoding" value="hex"/>
</login-module>
我使用此sql在数据库中插入一个角色和一个用户(PostgreSQL 9.3)
I use this sql to insert a role and a user in the database ( PostgreSQL 9.3 )
插入角色(role,role_group)VALUES('admin','Roles');
插入 INTO主体(用户名,电子邮件,密码,角色)VALUES("Kris", 'xx @ gmail.com',digest('pass','sha512'),'admin');
INSERT INTO role(role, role_group) VALUES ('admin', 'Roles');
INSERT INTO principal(username, email, password, role) VALUES ('Kris', 'xx@gmail.com', digest('pass', 'sha512'), 'admin');
但是登录不起作用. 我在日志中看不到任何错误. 在AS 7.1.1上,我曾经使用过这种方法.
But the login does not work. I see no errors in the log. I have used this approach before on AS 7.1.1 where it worked.
感谢您的帮助.
推荐答案
首先,DatabaseServerLoginModule日志处于跟踪级别,因此您应按如下所示将org.jboss.security日志级别设置为在您的standalone.xml中进行跟踪.现在,您应该在server.log中看到错误了.
Firstly DatabaseServerLoginModule logs to trace level, so you should set org.jboss.security log levels to trace in your standalone.xml as follows. Now you should see the errors in your server.log
<logger category="org.jboss.security">
<level name="TRACE"/>
</logger>
您还需要在jboss-web.xml中添加一个领域名称
You also need to add a realm-name within your jboss-web.xml
<jboss-web>
<security-domain>java:/jaas/MyRealm</security-domain>
</jboss-web>
您尚未在登录模块配置代码段周围提供周围的标签.您应该在下面有这个东西.领域名称需要与您的web.xml中的名称匹配
You have not supplied the surrounding tags around your login-module configuration snippet. You should have something this below. The realm name needs to match that in your web.xml
<subsystem xmlns="urn:jboss:domain:security:1.0">
<security-domains>
<security-domain name="MyRealm">
<authentication>
<login-module code="Database" flag="required">
....
</authentication>
</security-domain>
</security-domains>
</subsystem>
完成此操作后,您可以从server.log中发布任何错误.
Once you have done this could you post any errors from your server.log.
这篇关于JBoss Wildfly-数据库登录模块的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!