如何在weblogic中创建安全角色 [英] How to create security role in weblogic

问题描述

我跟着这个totorial在weblogic中创建安全角色： http://blog.whitehorses.nl/2010/01/29/weblogic-web-application-container-security-part-1/

I followed this totorial to create security role in weblogic: http://blog.whitehorses.nl/2010/01/29/weblogic-web-application-container-security-part-1/

我在weblogic服务器组RobMon和用户监视器中创建了pass。然后我创建这个xml：

I create in weblogic server group RobMon and user monitor with pass. Then I create this xml:

我的web.xml：

<security-constraint>

    <web-resource-collection>
        <web-resource-name>my-application</web-resource-name>
        <url-pattern>/admin</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>RobMon</role-name>
    </auth-constraint>
</security-constraint>

<security-role>
    <role-name>RobMon</role-name>
</security-role>

<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
        <form-login-page>/login</form-login-page>
        <form-error-page>/login</form-error-page>
    </form-login-config>
</login-config>

weblogic.xml：

weblogic.xml:

<wls:security-role-assignment>
    <wls:role-name>RobMon</wls:role-name>
    <wls:principal-name>RobMon</wls:principal-name>
</wls:security-role-assignment>

现在我想打印角色和原则：

and now I want to println role and principles:

    Subject subject = Security.getCurrentSubject();
    Set<Principal> allPrincipals = subject.getPrincipals();
    for (Principal principal : allPrincipals) {
        if (principal instanceof WLSGroupImpl) {
            logger.error(principal.getName() + "??????????");
            roles.add(principal.getName());
        }
        if (principal instanceof WLSUserImpl) {
            logger.error(principal.getName() + "!!!!!!!!!!!");
            user = principal.getName();
        }
    }

但这打印了我想要的其他东西

but this prints me something else what I want

 admin!!!!!!!!!!!
 Administrators??????????

它应该是println monitor和RobMon。有什么问题？

it should println monitor and RobMon. What is wrong ?

推荐答案

在weblogic.xml中，您已将角色RobMon 分配给用户RobMon 这意味着当用户RobMon通过身份验证时，他将被分配RobMon角色。

In weblogic.xml you have assigned the role RobMon to the user RobMon which means that when the user RobMon is authenticated he will be assigned the RobMon role.

在本教程中，使用主要组用户而不是RobMon用户，这意味着所有在进行身份验证后，将为该组的用户分配角色。

In the tutorial the principal group users is used instead of RobMon user which means that all the users of the group will be assigned the role after being authenticated.

检查主要RobMon是否存在于您的安全领域。我认为用户RobMon不存在于您的安全领域。您可能希望将角色分配给用户监视器。所以weblogic.wml中的配置应该是：

Check that principal RobMon exists in your security realm. I think that the user RobMon does not exist in your security realm. You probably wanted to assign the role to the user monitor. So the configuration in weblogic.wml should be:

    <wls:security-role-assignment>
      <wls:role-name>RobMon</wls:role-name>
      <wls:principal-name>monitor</wls:principal-name>
    </wls:security-role-assignment>

这篇关于如何在weblogic中创建安全角色的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！