我一直对这种事情有一个真正的问题,我通常不会在这里发布问题,除非我完全耗尽了我的资源(互联网搜索和同行帮助)。
我正在尝试运行一个演示应用程序,该应用程序通过 j_security_check 操作提供表单验证。
我相信此方法的所有内容都已正确配置。
我收到的主要警告是:
Warning: Unable to find component with ID j_username in view.
Warning: Unable to find component with ID j_password in view.
Severe: jdbcrealm.grouperror
Warning: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
如果即将发生未经授权的查看,我的index.xhtml页面将重定向到登录页面。
我知道我的信用在我创建时是正确的。
我知道这绝对不是进行身份验证的最佳方法,但我被要求这样做,并且现在已经沮丧了太多小时。
这里有一些引用
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>jdbcRealm</realm-name>
<form-login-config>
<form-login-page>/faces/login.xhtml</form-login-page>
<form-error-page>/faces/loginError.xhtml</form-error-page>
</form-login-config>
</login-config>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin user</web-resource-name>
<url-pattern>/faces/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>ADMIN</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>User</web-resource-name>
<description/>
<url-pattern>/faces/users/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>ADMIN</role-name>
<role-name>USER</role-name>
</auth-constraint>
</security-constraint>
<welcome-file-list>
<welcome-file>faces/index.xhtml</welcome-file>
</welcome-file-list>
glassfish-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
<glassfish-web-app error-url="">
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
<security-role-mapping>
<role-name>ADMIN</role-name>
<group-name>ADMIN</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>USER</role-name>
<group-name>USER</group-name>
</security-role-mapping>
</jsp-config>
登录.xhtml
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://xmlns.jcp.org/jsf/html">
<h:head>
<title>Facelet Title</title>
</h:head>
<h:body>
<p>Login to access secure pages:</p>
<form method="POST" action="j_security_check">
<h:panelGroup>
<h:panelGrid columns="2">
<h:outputLabel for="j_username" value="Username" />
<input type="text" name="j_username" />
<h:outputLabel for="j_password" value="Password" />
<input type="password" name="j_password" />
<h:outputText value="" />
<h:panelGrid columns="2">
<input type="submit" name="submit" value="Login" />
<h:button outcome="index.xhtml" value="Cancel" />
</h:panelGrid>
</h:panelGrid>
</h:panelGroup>
</form>
</h:body>
glassfish-resources.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE resources PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Resource Definitions//EN" "http://glassfish.org/dtds/glassfish-resources_1_5.dtd">
<resources>
<jdbc-resource enabled="true" jndi-name="jdbc/jdbcRealm" object-type="user" pool-name="RealmConnectionPool">
<description/>
</jdbc-resource>
<jdbc-connection-pool allow-non-component-callers="false" associate-with-thread="false" connection- creation-retry-attempts="0" connection-creation-retry-interval-in-seconds="10" connection-leak-reclaim="false" connection-leak-timeout-in-seconds="0" connection-validation-method="auto-commit" datasource-classname="com.mysql.jdbc.jdbc2.optional.MysqlDataSource" fail-all-connections="false" idle-timeout-in-seconds="300" is-connection-validation-required="false" is-isolation-level-guaranteed="true" lazy-connection-association="false" lazy-connection-enlistment="false" match-connections="false" max-connection-usage-count="0" max-pool-size="32" max-wait-time-in-millis="60000" name="RealmConnectionPool" non-transactional-connections="false" pool-resize-quantity="2" res-type="javax.sql.DataSource" statement-timeout-in-seconds="-1" steady-pool-size="8" validate-atmost-once-period-in-seconds="0" wrap-jdbc-objects="false">
<property name="URL" value="jdbc:mysql://localhost:3306/jdbcrealmdemo?zeroDateTimeBehavior=convertToNull"/>
<property name="User" value="root"/>
<property name="Password" value=""/>
</jdbc-connection-pool>
</resources>
感谢您的任何帮助,请让我需要这种表单例份验证方式才能工作,我更喜欢以编程方式进行,但目前我的双手被绑住了。
干杯
最佳答案
从您发布的内容来看,看起来像是您的 jdbcRealm 的问题。您应该确保您的表配置良好。请参阅这篇文章中的答案,其中解决了为领域身份验证设置表的问题 GlassFish JDBC Realm Group Membership
关于java - 使用 JSF 2.2 Glassfish 4.1 的表单例份验证方法失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26741563/