基于JBoss 7.1数据库的JAAS身份验证-身份验证失败 [英] JBoss 7.1 Database based JAAS authentication - authentication failed

查看:96
本文介绍了基于JBoss 7.1数据库的JAAS身份验证-身份验证失败的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试在JBoss 7.1应用服务器上实现基于数据库的JAAS身份验证,但出现错误.任何指针都会有所帮助.

I am trying to implement database based JAAS authentication on JBoss 7.1 Application server, but getting below error. Any pointer will be helpful.

我有共享的配置详细信息.

I have shared configuration details.

14:46:03,807跟踪 [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2)获得的用户密码 14:46:03,808 调试[org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (http-localhost/127.0.0.1:8080-2)AppDS:returnConnection(40c2d8ac, false)[1/9] 14:46:03,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2)resumeAnyTransaction 14:46:03,808 跟踪[org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2)已验证用户'test_user', loginOk = true 14:46:03,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2)中止14:46:03,809错误 [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-localhost/127.0.0.1:8080-2)登录失败: javax.security.auth.login.FailedLoginException:密码 错误/需要密码 org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:293) [picketbox-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1]在 sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法) [rt.jar:1.7.0_25]位于 sun.reflect.NativeMethodAccessorImpl.invoke(未知来源) [rt.jar:1.7.0_25]位于 sun.reflect.DelegatingMethodAccessorImpl.invoke(未知来源) [rt.jar:1.7.0_25],位于java.lang.reflect.Method.invoke(未知源) [rt.jar:1.7.0_25]位于 javax.security.auth.login.LoginContext.invoke(未知来源) [rt.jar:1.7.0_25]位于 javax.security.auth.login.LoginContext.access $ 000(来源不明) [rt.jar:1.7.0_25]位于 javax.security.auth.login.LoginContext $ 4.run(未知源) [rt.jar:1.7.0_25]位于 javax.security.auth.login.LoginContext $ 4.run(未知源) [rt.jar:1.7.0_25]位于 java.security.AccessController.doPrivileged(本机方法) [rt.jar:1.7.0_25]位于 javax.security.auth.login.LoginContext.invokePriv(未知源) [rt.jar:1.7.0_25]位于 javax.security.auth.login.LoginContext.login(未知源) [rt.jar:1.7.0_25]位于 org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1] 在 org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1] 在 org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1] 在 org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1] 在 org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]在 org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.16.Final-redhat-1.jar:]在 org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:381) [jbossweb-7.0.16.Final-redhat-1.jar:]在 org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]在 org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]在 org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.16.Final-redhat-1.jar:]在 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.16.Final-redhat-1.jar:]在 org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.16.Final-redhat-1.jar:]在 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.16.Final-redhat-1.jar:]在 org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.16.Final-redhat-1.jar:]在 org.apache.coyote.http11.Http11Protocol $ Http11ConnectionHandler.process(Http11Protocol.java:679) [jbossweb-7.0.16.Final-redhat-1.jar:]在 org.apache.tomcat.util.net.JIoEndpoint $ Worker.run(JIoEndpoint.java:931) [jbossweb-7.0.16.Final-redhat-1.jar:]在java.lang.Thread.run(未知 来源)[rt.jar:1.7.0_25]

14:46:03,807 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2) Obtained user password 14:46:03,808 DEBUG [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (http-localhost/127.0.0.1:8080-2) AppDS: returnConnection(40c2d8ac, false) [1/9] 14:46:03,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2) resumeAnyTransaction 14:46:03,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2) User 'test_user' authenticated, loginOk=true 14:46:03,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost/127.0.0.1:8080-2) abort 14:46:03,809 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-localhost/127.0.0.1:8080-2) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:293) [picketbox-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_25] at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_25] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_25] at java.lang.reflect.Method.invoke(Unknown Source) [rt.jar:1.7.0_25] at javax.security.auth.login.LoginContext.invoke(Unknown Source) [rt.jar:1.7.0_25] at javax.security.auth.login.LoginContext.access$000(Unknown Source) [rt.jar:1.7.0_25] at javax.security.auth.login.LoginContext$4.run(Unknown Source) [rt.jar:1.7.0_25] at javax.security.auth.login.LoginContext$4.run(Unknown Source) [rt.jar:1.7.0_25] at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_25] at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) [rt.jar:1.7.0_25] at javax.security.auth.login.LoginContext.login(Unknown Source) [rt.jar:1.7.0_25] at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1] at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1] at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1] at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.9.Final-redhat-1.jar:4.0.9.Final-redhat-1] at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1] at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.16.Final-redhat-1.jar:] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:381) [jbossweb-7.0.16.Final-redhat-1.jar:] at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.16.Final-redhat-1.jar:] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.16.Final-redhat-1.jar:] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.16.Final-redhat-1.jar:] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.16.Final-redhat-1.jar:] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.16.Final-redhat-1.jar:] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:679) [jbossweb-7.0.16.Final-redhat-1.jar:] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:931) [jbossweb-7.0.16.Final-redhat-1.jar:] at java.lang.Thread.run(Unknown Source) [rt.jar:1.7.0_25]

jboss-web.xml 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC
    "-//JBoss//DTD Web Application 2.4//EN"
    "http://www.jboss.org/j2ee/dtd/jboss-web_4_2.dtd">

<jboss-web>
    <!-- <security-domain>java:/jaas/apsapp</security-domain> -->
     <security-domain>other</security-domain>
    <context-root>/app</context-root>
</jboss-web>

web.xml 

<login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/login.xhtml</form-login-page>
            <form-error-page>/login.xhtml</form-error-page>
        </form-login-config>
    </login-config>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Secured Content</web-resource-name>
        <url-pattern>/auth/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>ADMINISTRATOR</role-name>
        <role-name>AUTHENTICATED</role-name>
    </auth-constraint>
</security-constraint>

<security-role>
    <role-name>ADMINISTRATOR</role-name>
</security-role>
<security-role>
    <role-name>AUTHENTICATED</role-name>
</security-role>

Standalone.xml 

 <subsystem xmlns="urn:jboss:domain:security:1.2">
            <security-domains>
                <security-domain name="other" cache-type="default">
                    <authentication>
                        <login-module code="Remoting" flag="optional">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                        <login-module code="RealmDirect" flag="required">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                        <login-module code="Database" flag="required">
                            <module-option name="dsJndiName" value="java:jboss/datasources/appPgDS"/>
                            <module-option name="principalsQuery" value="select passwd from app.user where username=?"/>
                            <module-option name="rolesQuery" value="select role,'Roles' from app.userrole where username=?"/>
                            <module-option name="hashAlgorithm" value="MD5"/>
                            <module-option name="hashEncoding" value="base64"/>
                            <module-option name="hashCharset" value="UTF-8"/>
                            <module-option name="unauthenticatedIdentity" value="guest"/>
                        </login-module>
                    </authentication>
                </security-domain>

login.xhtml 

 <form id="loginForm" action="j_security_check" method="post">
        <input type="text" name="j_username"  value="test_user" maxlength="22" />
        <input type="password" name="j_password" value="password" maxlength="22" />
        <input type="submit" />
    </form>

生成密码 

import org.jboss.security.auth.spi.*;

String passwordHash = Util.createPasswordHash("MD5", "base64", null, null, "password");
//Value generated and stored in DB: X03MO1qnZdYdgyfeuILPmQ==

推荐答案

在我注释掉以下语句(在standalone.xml中默认显示)后,它起作用了.

It worked after I commented out the below statements which was appearing as default in standalone.xml.

<security-domain name="other" cache-type="default">
<login-module code="Remoting" flag="optional">
    <module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmDirect" flag="required">
    <module-option name="password-stacking" value="useFirstPass"/>
</login-module>

这篇关于基于JBoss 7.1数据库的JAAS身份验证-身份验证失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆