JDBC领域表单身份验证如何 [英] JDBC Realm Form Authentication How To
问题描述
可能存在重复:
JDBC Realm登录页面
大家好,我想创建与jdbc领域捆绑的应用程序登录功能以及自定义登录表单(基于表单的身份验证登录约束方法)。
请提供链接或任何帮助,非常感谢。
请帮忙。
谢谢。
您使用什么类型的容器?jBoss?Tomcat?Derby?
您还需要使用持久性存储 - >是需要DBMS。这将是什么?MySQL?Sysbase?Oracle PL / SQL?MS SQL?
文档适用于初学者:
http://tomcat.apache.org/tomcat-7.0-doc/ realm-howto.html#JDBCRealm
通常,你需要有一个DB后端,一个JDBC-ODBC驱动程序(jar)和一个容器来为你做认证。
但是,如果您遇到困难,我会为您提供一些指导和见解,以帮助您。
假设你正在使用Tomcat 7.0+和MySQL 5.5按照以下步骤操作:
起初看起来很乏味,但实际上很简单。
首先安装MySQL或你想要的其他DBMS。这里最关键的事情之一是命名并注册一个MySQL服务,安装程序将自动为您执行*。尝试连接到数据库**。
成功完成后,将更改默认DBMS特权用户的用户名(root)和密码()。
创建一个项目模式。
在名为'users'和'rights'的模式中创建2个表。
第一个表(用户)必须有两列:用户名和密码。
第二个(权利)也必须有两列:用户名和角色。
对于初学者来说,这两个表都是空白
的。
现在你必须编辑tomcat-users.xml和server.xml驻留在tomcat的Catalina(aka home)conf(配置)目录中。
tomcat-users.xml :这个文件包含tomcat可识别的角色。所以,您至少需要添加一个这样的角色,比如'客户','客户','未经验证的'e.t.c.
另外,这个文件中至少有一个tomcat用户名和密码实例,当您手动或作为服务或通过IDE启动tomcat时会使用这个实例。这个实例 需要 插入到数据库中,因此您需要手动添加它(SQL代码)以便容器自己进行身份验证(否则您将获得持久性登录容器本身出现故障)。
server.xml:现在,假设您的JDBC-ODBC驱动程序已添加到您的项目的类路径中,请将UserDatabaseRealm注释掉
< Realm className =org.apache.catalina.realm.UserDatabaseRealm
resourceName =UserDatabase/>
<
并在LockoutRealm(已存在)中添加类似内容
< Realm className =org.apache .catalina.realm.JDBCRealm
connectionURL =jdbc:mysql:// localhost:3306 / SCHEMA_NAME_IN_DB?user = DB_USER; password = DB_PASSdebug =99driverName =com.mysql.jdbc.Driver
userTable =usersuserNameCol =usernameuserCredCol =password
userRoleTable =rightsroleNameCol =role/>
(或者如果您不想拥有LockOutRealm - >注释掉,然后粘贴上面的Realm)
SCHEMA_NAME_IN_DB, DB_USER和DB_PASS是您在创建模式并更改t时设置的值他是DBMS特权用户的用户名和密码。
现在,您只需在数据库中添加正在运行的tomcat的实例用户名和密码(role:'manager-script')以及MySQL特权用户(role:custom ie'client')。 />
还可以添加一个或两个用于展示的测试用户,并将它们与您在tomcat-users.xml中手动添加的角色相关联。
最后,你需要编辑你的项目的web.xml文件。您需要提供以下内容:
登录配置,安全角色和放大器安全约束。
登录配置:提供登录页面和登录错误页面。
安全角色:在此处添加你手动添加到users-tomcat.xml文件中的安全角色,并且用户必须具有以通过登录才能访问任何页面。
安全约束:指定哪些页面需要登录用户进行验证访问。
示例(weeeh!)
< >
< security-constraint>
b $ b < display-name> URLsConstraintMechanism< / display-name>
< web-resource-collection>
< web-resource-name> clientURL< / web-resource-name>
< description>具有客户端权限的指定网址< / description>
< url-pattern> /securedURL/index.html< / url-pattern>
< http-method> GET< / http-method>
< http-method> PUT< / http-method>
< http-method> POST< / http-method>
< http-method> DELETE< / http-method>
< / web-resource-collection>
...(更多网页 -
< auth-constraint>
<角色名称>客户端< / role-名称>
< / auth-constraint>
< / security constraint>
< login-config> <
< auth-method> FORM< / auth-method>
< form -login-config>
< form-login-page> /index.html< / form-login-page>
<表单错误页面> /index_denied.html< /表单错误页面>
< / form-login-config>
< / login-config>
< security-role>
< description> < / description>
<角色名称>客户端< /角色名称>
< / security-role>
这会容易得多你使用IDE(特别是NetBeans for web.xml)。
玩得开心!并祝你好运:D :):D
关于*和**:
MySQL 5.5的安装程序中存在2个严重的错误。
如果你需要帮助,请检查以下网址:
https://serverfault.com/questions/214435/error-1067-the-process-terminated-unexpectedly-when-trying-to-install -mysql-on
PS:明天我会回来添加一些提示。现在,我要去睡觉了! xD
Possible Duplicate:
JDBC Realm Login Page
Hello to all, i would like to create an application login feature which bundled with jdbc realm and with custom login form(Form based authentication login constraint method).
Please provide a link or any help is greatly appreciated.
Please help.
Thanks.
What kind of container are you using?jBoss?Tomcat?Derby?
You also need to make use of persistent storage -> yes DBMS is needed. Which one will it be?MySQL?Sysbase?Oracle PL/SQL?MS SQL?
Documentation is available here for starters:
http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#JDBCRealm
In general you need to have a DB backend, a JDBC-ODBC driver (jar) and a container to do the authentication for you.
However, I'll provide you with some guidance and insight to help you in case you are stuck.
Assuming you are using Tomcat 7.0+ and MySQL 5.5 follow the steps here:
It may seem tedious at first but it quite simple actually.
First install MySQL or what other DBMS you want. One of the most critical things here is to name and register a MySQL service that the installer will automatically do it for you*.Try to connect to the database**.
When you successfully do that change the username(root) and password("") of the default DBMS privileged user.
Create a project schema.
Create 2 tables in the schema named 'users' and 'rights'.
The first table(users) must have two columns:username and password.
The second one(rights) must also have two columns:username and role.
For starters leave both tables blank.
Now you have to edit the tomcat-users.xml and server.xml that reside in tomcat's Catalina (aka home) conf(iguration) directory.
tomcat-users.xml: This file contains roles that are recognisable by tomcat. So, you will need to add at least one such role such as 'client', 'customer', 'unauthenticated' e.t.c.
In addition, there is at least one tomcat username and password instance in this file that is used when you launch tomcat manually or as a service or via an IDE. That instance needs to be inserted in the database so you need to add it manually (SQL code) in order for the container to authenticate itself (otherwise you'll get persistent login failures form the container itself).
server.xml: Now, assuming your JDBC-ODBC driver is added to your project's classpath, comment out the UserDatabaseRealm
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
and add something like this inside the LockoutRealm (already exists)
<Realm className="org.apache.catalina.realm.JDBCRealm"
connectionURL="jdbc:mysql://localhost:3306/SCHEMA_NAME_IN_DB?user=DB_USER;password=DB_PASS" debug="99" driverName="com.mysql.jdbc.Driver"
userTable="users" userNameCol="username" userCredCol="password"
userRoleTable="rights" roleNameCol="role"/>
(or not if you do not want to have a LockOutRealm -> comment it out as well then and paste the above Realm)
The SCHEMA_NAME_IN_DB, DB_USER and DB_PASS are values that you have had set when you made the schema and changed the username and password of the DBMS privileged user.
Now, all you need to do is add the running tomcat's instance username and password (role:'manager-script') in the database as well as MySQL privileged user's (role:custom i.e. 'client').
Add also one or two test users for showcase and associate them with a role you've added manually in tomcat-users.xml.
Finally, you need to edit your project's web.xml file. There you need to provide these:
Login Configuration, Security Roles & Security Constraints.
Login Configuration:Provide a login page and a login error page.
Security Roles: Add here the security roles that you manually added to users-tomcat.xml file and that a user must have in order to access any page by having logged in.
Security Constraints:Specify what pages need authenticated access by logged in users.
Example ( weeeh! )
<security-constraint>
<display-name>URLsConstraintMechanism</display-name>
<web-resource-collection>
<web-resource-name>clientURL</web-resource-name>
<description>Required access to specified URL with client permissions </description>
<url-pattern>/securedURL/index.html</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
<http-method>POST</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
... (more web-resource-collections here)
<auth-constraint>
<description>Required privileges to access securely constraint URLs.</description>
<role-name>client</role-name>
</auth-constraint>
</security constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/index.html</form-login-page>
<form-error-page>/index_denied.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>Required privileges to access securely constraint URLs.</description>
<role-name>client</role-name>
</security-role>
This will be much easier if you use an IDE (especially NetBeans for web.xml).
Have fun!!! and good luck :D :) :D
About * and **:
There are 2 serious bugs in the installers of MySQL 5.5.
Check this URLif you need help:
https://serverfault.com/questions/214435/error-1067-the-process-terminated-unexpectedly-when-trying-to-install-mysql-on
P.S.:I'll come back tomorrow to add some hints. For now, I'm going to sleep! xD
这篇关于JDBC领域表单身份验证如何的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
