使用 JSF 2,1 和 LDAP 登录阿帕奇雄猫 [英] Login with LDAP using JSF 2,1 & Apache Tomcat

问题描述

不仅仅是一个问题，我需要使用 jsf 执行身份验证.我开发了一个登录，它接收存储在 MySQL 中的用户名和密码.从 Active Directory 登录时，这应该使用 AD 的用户名和密码，我想应该与 MySQL 的相同.

More than a problem, I need to perform authentication using jsf. I have developed a login, which receives a username and password that are stored in MySQL. Upon login from the Active Directory, this should take the username and password of AD, which, I suppose, should be the same as that of MySQL.

然后，进入系统，你不再看到登录，而是直接看到主页或主页.

Then, to enter the system, you no longer see the login, but directly the main or home page.

希望您的帮助和提前感谢.

I hope your help and thanks in advance.

您好.

推荐答案

这是我的解决方案，它对我有用:编辑 faces-config.xml:

This my solution, it worked for me: Edit faces-config.xml:

<lifecycle>
        <phase-listener>
            com.xxx.admin.security.Login
        </phase-listener>
    </lifecycle>

类登录:

    public class Login implements PhaseListener {
    private static final String USER_LOGIN_OUTCOME = "login";
     @Override
        public void afterPhase(PhaseEvent event) {
            FacesContext context = event.getFacesContext();
            if (userExists(context)) {
                // 1. Update last login
                // 2. may be expired ???
                ExternalContext extContext = context.getExternalContext();
                try {
                    ETT_UserDTL tmpUser = (ETT_UserDTL) extContext.getSessionMap().get(User.USER_SESSION_KEY);
                    if (!Authenticator.authenticateUser(tmpUser, context)) {
                        // send the user to the login view
                        reLogin(context);
                    } else {
                        ;
                    }
                    // allow processing of the requested view
                } catch (Exception ex) {
                    SystemLogger.getLogger().error(ex);
                    ClientMessage.logErr(ex.toString());
                    reLogin(context);
                }
            } else {
                // send the user to the login view
                reLogin(context);
            }
        }
    private boolean userExists(FacesContext context) {
    // Need re-check authenticator here.
    // Check user exist
    ExternalContext extContext = context.getExternalContext();
    return (extContext.getSessionMap().containsKey(User.USER_SESSION_KEY));
}
private void reLogin(FacesContext context) {
        // send the user to the login view
        if (requestingSecureView(context)) {
            context.responseComplete();
            context.getApplication().
                    getNavigationHandler().handleNavigation(context,
                    null,
                    USER_LOGIN_OUTCOME);
        } else {
            ;
        }
    }
    }

LDAP认证:

public class LDAPAuthentication {

    static String ATTRIBUTE_FOR_USER = "sAMAccountName";

    @SuppressWarnings("unchecked")
    public Attributes authenticateUser(String username, String password, String strDomain, String strHost, String dn) throws NamingException {

        String searchFilter = "(&(objectClass=user)(" + ATTRIBUTE_FOR_USER + "=" + username + "))";
        // Create the search controls

        SearchControls searchCtls = new SearchControls();
        // searchCtls.setReturningAttributes(returnedAtts);
        // Specify the search scope
        searchCtls.setSearchScope(SearchControls.OBJECT_SCOPE);
        String searchBase = dn;
        Hashtable environment = new Hashtable();
        environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        // Using starndard Port, check your instalation
        environment.put(Context.PROVIDER_URL, "ldap://" + strHost);
        environment.put(Context.SECURITY_AUTHENTICATION, "simple");

        environment.put(Context.SECURITY_PRINCIPAL, username + "@" + strDomain);
        environment.put(Context.SECURITY_CREDENTIALS, password);

        LdapContext ctxGC = null;
        try {
            ctxGC = new InitialLdapContext(environment, null);
            // Search for objects in the GC using the filter
            NamingEnumeration answer = ctxGC.search(searchBase, searchFilter, searchCtls);
            while (answer.hasMoreElements()) {
                SearchResult sr = (SearchResult) answer.next();
                Attributes attrs = sr.getAttributes();
                if (attrs != null) {
                    return attrs;
                }
            }
        } catch (Exception e) {
            SystemLogger.getLogger().error(e);
        }
        return null;
    }
}

身份验证:

public static boolean authenticateLDAPUser(String strUser, String strPass, String strDomain, String strHost) throws NamingException, Exception {
        LDAPAuthentication ldap = new LDAPAuthentication();
        Attributes att = ldap.authenticateUser(strUser, strPass, strDomain, strHost, "");
        if (att != null) {
            try {
                ETT_UserDTL tmpUser = (ETT_UserDTL) DataUtil.performAction(DATA_UserGUI.class, "getInfByUserName", strUser);
                tmpUser.setPassword(strPass);
                if (!otherAuthenticate(tmpUser)) {
                    Authenticator.removeUser();
                    return false;
                } else {
                    ;
                }
                pushUser(tmpUser);
                return true;
            } catch (TelsoftException ex) {
                SystemLogger.getLogger().error(ex);
                return false;
            }
        } else {
            updateLoginFail();
            return false;
        }
    }

这篇关于使用 JSF 2,1 和 LDAP 登录阿帕奇雄猫的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！