javax.security.auth.login.LoginException:安全异常 [英] javax.security.auth.login.LoginException: Security Exception
本文介绍了javax.security.auth.login.LoginException:安全异常的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我尝试使用GlassFish v3.1.2和JSF 2.1和primeFaces 3.4.2设置容器管理的安全性。
值HexValue和数据库匹配,但获取以下例外
我试过Base64编码器,但结果相同。
计算值和密码都很好,我错过了其他的东西...
是否有其他任何设置,我错过了glassfish或login.xhtml文件
使用以下SHAConverter.java用户名:admin1
通过:admin
使用org.apache.commons.codec.digest.DigestUtils;用于计算HEX
final MessageDigest messageDigest = MessageDigest.getInstance(SHA-256);
final byte bin [] = messageDigest.digest((value.getBytes(UTF-8)));
final String hash = DigestUtils.sha256Hex(bin);
System.out.println(hex:+ hash);
<$ p设置策略上下文ID:old = null ctxID = PrimeJSF-EJB-JPA-2 / PrimeJSF-EJB-JPA-2
FINE:[Web-Security]安全性] hasUserDataPermission perm :(javax.security.jacc.WebUserDataPermission/Login.xhtmlPOST)
FINE:[Web-Security] hasUserDataPermission isGranted:true
INFO:VALUE --- ---------- admin
INFO:hex:dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO:request.isRequestedSessionIdValid()true
INFO:user:admin1>> dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO:假
FINEST:处理登录用类型的凭证:类com.sun.enterprise.security.auth.login.common.PasswordCredential
FINE:登录用户[ADMIN1]成realm:使用JAAS模块的myRealm:jdbcRealm
FINE:初始化登录模块:class com.sun.enterprise.security.auth.login.JDBCLoginModule
FINE:JAAS身份验证中止。
FINEST:doPasswordLogin失败
javax.security.auth.login.LoginException:安全性异常$ b $ javax.security.auth.login.LoginContext.invoke(LoginContext.java:870)
在javax.security.auth.login.LoginContext.access $ 000(LoginContext.java:203)$ b $在javax.security.auth.login.LoginContext $ 4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext $ 4.run(LoginContext.java:696)$ java.util.AccessController.doPrivileged(Native方法)
在javax.security.auth.login.LoginContext处
。 invokePriv(LoginContext.java:695)
位于javax.security.auth.login.LoginContext.login(LoginContext.java:594)
位于com.sun.enterprise.security.auth.login.LoginContextDriver。在com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:240)
的com.sun.enterprise.security.auth处输入doPasswordLogin(LoginContextDriver.java:382)
。 login.LoginContextDriver.login(LoginContextDriver.java:153)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:514)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:455)
at org.apache。 catalina.connector.Request.login(Request.java:1938)
在org.apache.catalina.connector.Request.login(Request.java:1901)
在org.apache.catalina.connector。 RequestFacade.login(RequestFacade.java:1146)
at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController $ Proxy $ _ $$ _ WeldClientProxy.login($的LoginController代理$ _ $$ _ WeldClientProxy.java)
在sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法)
在sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java :57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com。 sun.el.parser.AstValue.invoke(AstValue.java:254)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax .faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)$ javax.faces.event.ActionEvent.processListener上的b $ b(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast (UIComponentBase.java:769)
at javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces .webapp.FacesServlet.service(FacesServlet.java:593)
在org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
在org.apache.catalina.core.ApplicationFilterChain .internalDoFilter(ApplicationFilterChain.java:343)
在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)在com.nz.simplecrud.filter.LoginPageFilter.doFilter
(LoginPageFilter .java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217 )
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java :175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper $ AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com。 sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229 )
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com。 sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask。 doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool $ Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool $ Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
由javax.security.auth.login.LoginContext.invoke(LoginContext。)中的java.lang.SecurityException
引起。 java:871)
... 64 more
警告:WEB9102:Web登录失败:com.sun.enterprise.security.auth.login.common.LoginException:登录失败:安全异常
SEVERE:IOException,登录控制器:用户名或密码提供的与我们的记录不符。
SEVERE:javax.servlet.ServletException:尝试为用户进行身份验证时引发异常:admin1
at org.apache.catalina.connector.Request.login(Request.java:1970)
at org.apache.catalina.connector.Request.login(Request.java:1901)
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
at com.nz. simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController $ Proxy $ _ $$ _ WeldClientProxy.login(LoginController $ Proxy $ _ $$ _ WeldClientProxy.java)
。在sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法)
在sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
在sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java :43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
在com.sun.el.MethodExpressionI mpl.invoke(MethodExpressionImpl.java:302)
处org.jboss.weld.el.WeldMethodExpression org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
。 invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener。
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
在javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot .processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhas e(Phase.java:101)
在com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
在javax.faces.webapp.FacesServlet.service(FacesServlet.java:在org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550 593)
)
在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
at org .apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina .core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
在org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
在org.apache.catalina.co re.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve。调用(StandardHostValve.java:161)
在org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
在org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter。 java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper $ AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl。 ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess( ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java: 229)
在com.sun.grizzly.DefaultPro tocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java: 90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
在com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
在com.sun.grizzly.ContextTask.run(ContextTask.java:71)
在com.sun.grizzly.util .AbstractThreadPool $ Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool $ Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run (Thread.java:722)
导致:javax.servlet.ServletException:尝试验证用户时失败登录:admin1
at org.apache.catalina.connector.Request.login(Request.java: 1941)
... 52 more
SEVERE:在org.apache.catalina.connector.Request.login(Request.java:1970)
SEVERE:在org.apache.catalina.connector.Request .login(Request.java:1901)
SEVERE:在org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
SEVERE:在com.nz.simplecrud.controller.LoginController .login(LoginController.java:83)
SEVERE:com.nz.simplecrud.controller.LoginController $ Proxy $ _ $$ _ WeldClientProxy.login(LoginController $ Proxy $ _ $$ _ WeldClientProxy.java)
重度:在sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法)
重度:在sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
重度:在sun.reflect.DelegatingMethodAccessorImpl.invoke( DelegatingMethodAccessorImpl.java:43)
SEVERE:在java.lang.reflect.Method.invoke(Method.java:601)
SEVERE:在com.sun.el.parser.AstValue.invoke(AstValue。 java:254)
SEVERE:在com.sun.el.MethodExpressionImpl。 invoke(MethodExpressionImpl.java:302)
SEVERE:在org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
SEVERE:在org.jboss.weld.el。 WeldMethodExpression.invoke(WeldMethodExpression.java:50)
重度:在com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
重度:在javax.faces.event。 MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
SEVERE:在javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
SEVERE:在javax.faces.component.UIComponentBase.broadcast( UIComponentBase.java:769)
SEVERE:在javax.faces.component.UICommand.broadcast(UICommand.java:300)
SEVERE:在javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java: 794)
SEVERE:在javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
SEVERE:在com.sun.faces.lifecycle.InvokeApplicationPhase.execute(Invo keApplicationPhase.java:81)
SEVERE:在com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
SEVERE:在com.sun.faces.lifecycle.LifecycleImpl.execute(
SEVERE:在javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
SEVERE:在org.apache.catalina.core.StandardWrapper.service(StandardWrapper。 Java的:1550)
重度:在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
重度:在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain。 java:217)
SEVERE:在com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
SEVERE:在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain。 Java的:256)
重度:在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
重度:在org.apache.catalina.core.StandardWrapperValve.invoke(展位ardWrapperValve.java:279)
SEVERE:在org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
SEVERE:在org.apache.catalina.core.StandardPipeline.doInvoke( StandardPipeline.java:655)
SEVERE:在org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
SEVERE:在org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:161)
SEVERE:在org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
SEVERE:在org.apache.catalina.connector.CoyoteAdapter.service( CoyoteAdapter.java:231)
SEVERE:在com.sun.enterprise.v3.services.impl.ContainerMapper $ AdapterCallable.call(ContainerMapper.java:317)
SEVERE:在com.sun.enterprise。 v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
SEVERE:在com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
SEVERE:at com。 sun.grizzly.http.ProcessorTask.doProcess(P
SEVERE:在com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
SEVERE:在com.sun.grizzly.http.DefaultProtocolFilter.execute(
SEVERE:在com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
SEVERE:在com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java: 104)
SEVERE:在com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
SEVERE:在com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
SEVERE:在com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
SEVERE:在com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
SEVERE:在com.sun.grizzly.ContextTask.run(ContextTask.java:71)
SEVERE:在com.sun.grizzly.util.AbstractThreadPool $ Worker.doWork(AbstractThreadPool.java:532)
重度:在com.sun.grizzly.util.AbstractThreadPool $ Worker.run(AbstractThreadPool.java:513)
SEVERE:在java.lang.Thread.run(Thread.java:722)
SEVERE:由:javax.servlet.ServletException:尝试验证用户时失败登录:admin1
SEVERE:在org.apache.catalina.connector.Request.login(Request.java:1941)
SEVERE:... 52 more
这是Glassfish realmSettings
配置名称:server-config
Realm名称:myRealm
类名:com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm
JAAS上下文:jdbcRealm
JNDI:jdbc / myDatasource
用户表:user_role_view
用户名列:用户名
密码列:密码
组表:user_role_view
组表用户名列:---
组名列:rolename
分配组:---
数据库用户:---
数据库密码:---
摘要算法:SHA-256
密码加密算法:---
编码:Hex
字符集:UTF-8
我的login.xhtml
< ui:define name =content >
< h:form styleClass =loginPanelStyle>
< p:growl id =msgsshowDetail =truesticky =false/>
< p:panelGrid columns =2>
< f:facet name =header>
登入面板
< / f:facet>
< h:outputText value =用户名:>< / h:outputText>
< p:inputText id =usernamevalue =#{loginController.username}required =truerequiredMessage =请输入用户名!>
< f:validateLength minimum =1/>
< / p:inputText>
< h:outputText value =Password:>< / h:outputText>
< f:facet name =footer>
< / f:facet>
< / p:panelGrid>
我的web.xml
< security-constraint>
< display-name>管理员< / display-name>
< web-resource-collection>
< web-resource-name>管理区域< / web-resource-name>
< description />
< url-pattern> / admin / *< / url-pattern>
< / web-resource-collection>
< auth-constraint>
< description>管理员< / description>
<角色名称>管理员< /角色名称>
< / auth-constraint>
< / security-constraint>
< security-constraint>
< display-name>管理员< / display-name>
< web-resource-collection>
< web-resource-name>管理器区域< / web-resource-name>
< description />
< url-pattern> / manager / *< / url-pattern>
< / web-resource-collection>
< auth-constraint>
< description>管理员< / description>
<角色名称>经理< /角色名称>
<角色名称>管理员< /角色名称>
< / auth-constraint>
< / security-constraint>
< security-constraint>
< display-name>用户< / display-name>
< web-resource-collection>
< web-resource-name>用户操作< / web-resource-name>
< description />
< url-pattern> / user / *< / url-pattern>
< / web-resource-collection>
< auth-constraint>
< description>用户< / description>
<角色名称>经理< /角色名称>
<角色名称>管理员< /角色名称>
<角色名称>用户< /角色名称>
< / auth-constraint>
< / security-constraint>
< login-config>
< auth-method> FORM< / auth-method>
< realm-name> myRealm< / realm-name>
< form-login-config>
< form-login-page> /Login.xhtml< / form-login-page>
< form-error-page> /Login.xhtml< / form-error-page>
< / form-login-config>
< / login-config>
< security-role>
<角色名称>管理员< /角色名称>
< / security-role>
< security-role>
<角色名称>经理< /角色名称>
< / security-role>
< security-role>
<角色名称>用户< /角色名称>
< / security-role>
我的glassfish-web.xml $ b
< security-role-mapping>
<角色名称>管理员< /角色名称>
< group-name>管理员< / group-name>
< / security-role-mapping>
< security-role-mapping>
<角色名称>经理< /角色名称>
< group-name>管理员< /组名>
< / security-role-mapping>
< security-role-mapping>
<角色名称>用户< /角色名称>
< group-name>用户< / group-name>
< / security-role-mapping>
我使用了这个帖子表单,但这个有一个计算不匹配,但我的问题似乎是不同的,然后计算
解决方案
你在提到的帖子中遇到了几乎相同的问题。如您所见,密码 admin 的散列应为 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918 ,而不是 dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7 ,因为它与您的情况相同。
因为这个值应该是一个字符串,你可以使用它:
final String hash = DigestUtils.sha256Hex(值);
System.out.println(hex:+ hash);
但是,这是我不明白的地方:
final MessageDigest md = MessageDigest.getInstance(SHA-256);
字符串值=admin;
md.update(value.getBytes(UTF-8));
final byte bin [] = md.digest();
System.out.println(DigestUtils.sha256Hex(bin));
System.out.println(DigestUtils.sha256Hex(value));
输出结果为:
dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
不过,我想这两种方法应返回相同值...?
I am attempting to setup container managed security with GlassFish v3.1.2 and JSF 2.1 and primeFaces 3.4.2
The value HexValue and the database match, but get the following Exception
I tried Base64 encoder but same result. The calculated value, and password are fine, something else I missed out... is there any other setting that I am missing out esp in glassfish or login.xhtml file
username: admin1 pass: admin
using following SHAConverter.java
Used org.apache.commons.codec.digest.DigestUtils; for calculating HEX
final MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
final byte bin[] = messageDigest.digest((value.getBytes("UTF-8")));
final String hash = DigestUtils.sha256Hex(bin);
System.out.println("hex : " + hash);
FINE: [Web-Security] Setting Policy Context ID: old = null ctxID = PrimeJSF-EJB-JPA-2/PrimeJSF-EJB-JPA-2
FINE: [Web-Security] hasUserDataPermission perm: ("javax.security.jacc.WebUserDataPermission" "/Login.xhtml" "POST")
FINE: [Web-Security] hasUserDataPermission isGranted: true
INFO: VALUE ------------- admin
INFO: hex : dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO: request.isRequestedSessionIdValid() true
INFO: user : admin1 >> dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO: false
FINEST: Processing login with credentials of type: class com.sun.enterprise.security.auth.login.common.PasswordCredential
FINE: Logging in user [admin1] into realm: myRealm using JAAS module: jdbcRealm
FINE: Login module initialized: class com.sun.enterprise.security.auth.login.JDBCLoginModule
FINE: JAAS authentication aborted.
FINEST: doPasswordLogin fails
javax.security.auth.login.LoginException: Security Exception
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:870)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:382)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:240)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:153)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:514)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:455)
at org.apache.catalina.connector.Request.login(Request.java:1938)
at org.apache.catalina.connector.Request.login(Request.java:1901)
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
at javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
Caused by: java.lang.SecurityException
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:871)
... 64 more
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
SEVERE: IOException, Login Controller: The username or password you provided does not match our records.
SEVERE: javax.servlet.ServletException: Exception thrown while attempting to authenticate for user: admin1
at org.apache.catalina.connector.Request.login(Request.java:1970)
at org.apache.catalina.connector.Request.login(Request.java:1901)
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
at javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1
at org.apache.catalina.connector.Request.login(Request.java:1941)
... 52 more
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1970)
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1901)
SEVERE: at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
SEVERE: at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
SEVERE: at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
SEVERE: at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
SEVERE: at java.lang.reflect.Method.invoke(Method.java:601)
SEVERE: at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
SEVERE: at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
SEVERE: at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
SEVERE: at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
SEVERE: at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
SEVERE: at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
SEVERE: at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
SEVERE: at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
SEVERE: at javax.faces.component.UICommand.broadcast(UICommand.java:300)
SEVERE: at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
SEVERE: at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
SEVERE: at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
SEVERE: at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
SEVERE: at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
SEVERE: at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
SEVERE: at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
SEVERE: at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
SEVERE: at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
SEVERE: at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
SEVERE: at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
SEVERE: at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
SEVERE: at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
SEVERE: at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
SEVERE: at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
SEVERE: at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
SEVERE: at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
SEVERE: at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
SEVERE: at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
SEVERE: at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
SEVERE: at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
SEVERE: at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
SEVERE: at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
SEVERE: at java.lang.Thread.run(Thread.java:722)
SEVERE: Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1941)
SEVERE: ... 52 more
Here is the Glassfish realmSettings
Configuration Name: server-config
Realm Name: myRealm
Class Name: com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm
JAAS Context: jdbcRealm
JNDI: jdbc/myDatasource
User Table: user_role_view
User Name Column: username
Password Column: password
Group Table: user_role_view
Group Table User Name Column:---
Group Name Column: rolename
Assign Groups:---
Database User:---
Database Password:---
Digest Algorithm: SHA-256
Password Encryption Algorithm:---
Encoding:Hex
Charset:UTF-8
My login.xhtml
<ui:define name="content">
<h:form styleClass="loginPanelStyle">
<p:growl id="msgs" showDetail="true" sticky="false" />
<p:panelGrid columns="2">
<f:facet name="header">
Login Panel
</f:facet>
<h:outputText value="Username : "></h:outputText>
<p:inputText id="username" value="#{loginController.username}" required="true" requiredMessage="Please Enter Username!">
<f:validateLength minimum="1" />
</p:inputText>
<h:outputText value="Password : "></h:outputText>
<p:password id="password" value="#{loginController.password}" required="true" requiredMessage="Please Enter password!">
<f:validateLength minimum="1" />
<f:converter converterId="com.nz.util.SHAConverter"></f:converter>
</p:password>
<f:facet name="footer">
<p:commandButton value="Submit" update="msgs" actionListener="#{loginController.login}" type="submit" icon="ui-icon-check" style="margin:0"></p:commandButton>
</f:facet>
</p:panelGrid>
My web.xml
<security-constraint>
<display-name>Administrator</display-name>
<web-resource-collection>
<web-resource-name>Admin Area</web-resource-name>
<description/>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Administrator</description>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>Manager</display-name>
<web-resource-collection>
<web-resource-name>Manager Area</web-resource-name>
<description/>
<url-pattern>/manager/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Manager</description>
<role-name>Manager</role-name>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>User</display-name>
<web-resource-collection>
<web-resource-name>User Operations</web-resource-name>
<description/>
<url-pattern>/user/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>User</description>
<role-name>Manager</role-name>
<role-name>Administrator</role-name>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>myRealm</realm-name>
<form-login-config>
<form-login-page>/Login.xhtml</form-login-page>
<form-error-page>/Login.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>Administrator</role-name>
</security-role>
<security-role>
<role-name>Manager</role-name>
</security-role>
<security-role>
<role-name>User</role-name>
</security-role>
my glassfish-web.xml
<security-role-mapping>
<role-name>Administrator</role-name>
<group-name>Administrators</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>Manager</role-name>
<group-name>Managers</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
I used this post form, but this one had a calculation mismatch, but my problem seems to be something different then calculating
解决方案
You have nearly the same problem as in the post you mentioned. As you can see there the hash for the password admin should be 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918 and not dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7 as it is in your case.
Because the value should be a string you can yust use:
final String hash = DigestUtils.sha256Hex(value);
System.out.println("hex : " + hash);
But here is something that i don't understand:
final MessageDigest md = MessageDigest.getInstance("SHA-256");
String value = "admin";
md.update(value.getBytes("UTF-8"));
final byte bin[] = md.digest();
System.out.println(DigestUtils.sha256Hex(bin));
System.out.println(DigestUtils.sha256Hex(value));
Output is:
dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
But I guess both methods should return the same value...?
这篇关于javax.security.auth.login.LoginException:安全异常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
