如何使用Netbeans 7.1配置glassfish 3.1安全文件领域? [英] How to configure glassfish 3.1 security file realm using Netbeans 7.1?
问题描述
我试图在glassfish 3.1中配置一个简单的文件领域,在 tutorial :
我做了所有事情,但没有成功,当我前往管理页面时,我没有看到弹出消息询问凭据。
这就是我所做的:
创建一个文件领域:
2-然后我创建了一个用户管理用户按钮
3-I使用图形界面而不是编辑器创建了glassfish-web.xml文件
4然后以相同的方式配置web.xml
抱歉,如果最后一张图片有点难以看到,您可以缩放。
当我使用URL访问/admin.xhtml时,无法阻止我查看页面的内容,这意味着某些内容没有正确配置。
我不知道我错过了什么。
有人可以试图找到我无法完成这个简单安全任务的原因吗?
更新
这里是我的web.xml源代码
< ;?xml version =1.0encoding =UTF-8?>
< web-app version =3.0xmlns =http://java.sun.com/xml/ns/javaeexmlns:xsi =http://www.w3.org/2001/ XMLSchema-instancexsi:schemaLocation =http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd\">
< context-param>
< param-name> javax.faces.PROJECT_STAGE< / param-name>
<参数值>开发< /参数值>
< / context-param>
< servlet>
< servlet-name> Faces Servlet< / servlet-name>
< servlet-class> javax.faces.webapp.FacesServlet< / servlet-class>
<加载启动> 1< /加载启动>
< / servlet>
< servlet-mapping>
< servlet-name> Faces Servlet< / servlet-name>
< url-pattern> / faces / *< / url-pattern>
< / servlet-mapping>
< session-config>
< session-timeout>
30
< / session-timeout>
< / session-config>
< welcome-file-list>
< welcome-file> faces / index.xhtml< / welcome-file>
< / welcome-file-list>
< security-constraint>
< display-name> Constraint1< / display-name>
< web-resource-collection>
< web-resource-name>允许< / web-resource-name>
< description />
< url-pattern> /admin.xhtml< / url-pattern>
< / web-resource-collection>
< auth-constraint>
< description />
<角色名称>管理员< /角色名称>
< / auth-constraint>
< / security-constraint>
< login-config>
< auth-method> BASIC< / auth-method>
< realm-name>档案< / realm-name>
< / login-config>
< security-role>
< description />
<角色名称>管理员< /角色名称>
< / security-role>
< / web-app>
还有glassfish-web.xml源文件
< pre class =lang-xml prettyprint-override> <?xml version =1.0encoding =UTF-8?>
<!DOCTYPE glassfish-web-app PUBLIC - // GlassFish.org //DTD GlassFish Application Server 3.1 Servlet 3.0 // ENhttp://glassfish.org/dtds/glassfish-web-app_3_0 -1.dtd>
< glassfish-web-app error-url =>
< security-role-mapping>
<角色名称>管理员< /角色名称>
< group-name> admin< / group-name>
< / security-role-mapping>
< class-loader delegate =true/>
< jsp-config>
< property name =keepgeneratedvalue =true>
< description>保存生成的servlet类'java代码的副本。< / description>
< / property>
< / jsp-config>
< / glassfish-web-app>
基本上我想要做的是拥有两种类型的用户。浏览index.xhtml的用户,他们根本没有证书,管理员将他们的凭证存储在文件中,并在前往admin.xhtml时询问他们。
我不明白缺少什么。我需要为访客用户创建特殊权限,说他们可以查看index.xhtml吗?
解决方案假设您的admin.xhtml是一个JSF页面,然后是因为你的JSF映射是/ faces / *,你通过一个像http:// localhost:8080 / [Project /] faces / admin.xhtml这样的URL打开它。这不符合/admin.xhtml
替换:
< ; url-pattern的> /admin.xhtml< / url-pattern的>
with
< URL模式> /faces/admin.xhtml< / url-pattern的>
I am trying to configure a simple file realm in glassfish 3.1 following this tutorial:
I did everything as it says but doesn't work, when I travel to the admin page doesn't I don't see the pop up message asking for credentials. This is what I did:
1- Create a file realm:
2- Then I created a user using the manage users button
3-I created a glassfish-web.xml file using the graphic interface instead of the editors
4-Then in the same way I configured the web.xml Sorry if this last image is a bit hard to see, you can zoom.
When I use the URL to travel to /admin.xhtml nothing stops me from viewing the content of the page, this means something is not configured right. I don't know what am I missing. Could somebody give me a hand trying to find the reason I cannot make this simple security task work?
Update
Here my web.xml source
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/index.xhtml</welcome-file>
</welcome-file-list>
<security-constraint>
<display-name>Constraint1</display-name>
<web-resource-collection>
<web-resource-name>allowed</web-resource-name>
<description/>
<url-pattern>/admin.xhtml</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>administrator</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>file</realm-name>
</login-config>
<security-role>
<description/>
<role-name>administrator</role-name>
</security-role>
</web-app>
and also glassfish-web.xml source
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
<glassfish-web-app error-url="">
<security-role-mapping>
<role-name>administrator</role-name>
<group-name>admin</group-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
</jsp-config>
</glassfish-web-app>
Basically what I want to do is having 2 types of users. Guests who just browse index.xhtml and they have no credentials at all and the administrators who have their credentials stored in the file and are asked for them when going to admin.xhtml
I don't understand what is missing. Do I need to create special privilege for guest users saying that they can view index.xhtml?
Assuming your admin.xhtml is a JSF page then because your JSF mapping is /faces/* you are opening it through a URL like http://localhost:8080/[Project/]faces/admin.xhtml. This does not match /admin.xhtml
Replace:
<url-pattern>/admin.xhtml</url-pattern>
with
<url-pattern>/faces/admin.xhtml</url-pattern>
这篇关于如何使用Netbeans 7.1配置glassfish 3.1安全文件领域?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
