问题
Im being a few days struggling to create my first Security realm in glassfish V3.
My problem is that it looks like for some reason, the application does not see the one of the coulmns in the database, and my console keeps telling me that there is a syntax error. I think the table that is making me trouble is the join column(Below you will see my DB implementation).
Here i will copy the hold stack trace so you will see what is going on:
FINE: [Web-Security] Setting Policy Context ID: old = null ctxID = CHAPTER_x_12_Container_Managed_Authentication_and_Authorization/CHAPTER_x_12_Container_Managed_Authentication_and_Authorization FINE: [Web-Security] hasUserDataPermission perm: (javax.security.jacc.WebUserDataPermission GET) FINE: [Web-Security] hasUserDataPermission isGranted: true FINE: SecurityContext: setCurrentSecurityContext method called
FINE: [Web-Security] Policy Context ID was: CHAPTER_x_12_Container_Managed_Authentication_and_Authorization/CHAPTER_x_12_Container_Managed_Authentication_and_Authorization FINE: [Web-Security] hasUserDataPermission perm: (javax.security.jacc.WebUserDataPermission /j_security_check POST) FINE: [Web-Security] hasUserDataPermission isGranted: true FINE: Logging in user [administrator@gmail.com] into realm: DBRealm using JAAS module: jdbcRealm FINE: Login module initialized: class com.sun.enterprise.security.auth.login.JDBCLoginModule
SEVERE: SEC1111: Cannot load group for JDBC realm user [administrator@gmail.com]. FINE: Cannot load group java.sql.SQLSyntaxErrorException: Column 'USER_GROUP' is either not in any table in the FROM list or appears within a join specification and is outside the scope of the join specification or appears in a HAVING clause and is not in the GROUP BY list. If this is a CREATE or ALTER TABLE statement then 'USER_GROUP' is not a column in the target table. at org.apache.derby.client.am.SQLExceptionFactory40.getSQLException(Unknown Source) at org.apache.derby.client.am.SqlException.getSQLException(Unknown Source) at org.apache.derby.client.am.Connection.prepareStatement(Unknown Source) at com.sun.gjc.spi.base.ConnectionHolder.prepareStatement(ConnectionHolder.java:535) at com.sun.gjc.spi.jdbc40.ConnectionWrapper40.prepareCachedStatement(ConnectionWrapper40.java:251) at com.sun.gjc.spi.jdbc40.ConnectionWrapper40.prepareCachedStatement(ConnectionWrapper40.java:48) at com.sun.gjc.spi.ManagedConnection.prepareCachedStatement(ManagedConnection.java:880) at com.sun.gjc.spi.jdbc40.ConnectionWrapper40.prepareStatement(ConnectionWrapper40.java:169) at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.findGroups(JDBCRealm.java:478) at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.authenticate(JDBCRealm.java:312) at com.sun.enterprise.security.auth.login.JDBCLoginModule.authenticate(JDBCLoginModule.java:72) at com.sun.enterprise.security.auth.login.PasswordLoginModule.authenticateUser(PasswordLoginModule.java:90) at com.sun.appserv.security.AppservPasswordLoginModule.login(AppservPasswordLoginModule.java:141) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:341) at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:199) at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:152) at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:479) at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:418) at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:264) at org.apache.catalina.authenticator.AuthenticatorBase.processSecurityCheck(AuthenticatorBase.java:1015) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:614) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:615) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97) at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165) at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954) at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170) at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88) at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76) at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53) at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57) at com.sun.grizzly.ContextTask.run(ContextTask.java:69) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330) at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309) at java.lang.Thread.run(Thread.java:662) Caused by: org.apache.derby.client.am.SqlException: Column 'USER_GROUP' is either not in any table in the FROM list or appears within a join specification and is outside the scope of the join specification or appears in a HAVING clause and is not in the GROUP BY list. If this is a CREATE or ALTER TABLE statement then 'USER_GROUP' is not a column in the target table. at org.apache.derby.client.am.Statement.completeSqlca(Unknown Source) at org.apache.derby.client.net.NetStatementReply.parsePrepareError(Unknown Source) at org.apache.derby.client.net.NetStatementReply.parsePRPSQLSTTreply(Unknown Source) at org.apache.derby.client.net.NetStatementReply.readPrepareDescribeOutput(Unknown Source) at org.apache.derby.client.net.StatementReply.readPrepareDescribeOutput(Unknown Source) at org.apache.derby.client.net.NetStatement.readPrepareDescribeOutput_(Unknown Source) at org.apache.derby.client.am.Statement.readPrepareDescribeOutput(Unknown Source) at org.apache.derby.client.am.PreparedStatement.readPrepareDescribeInputOutput(Unknown Source) at org.apache.derby.client.am.PreparedStatement.flowPrepareDescribeInputOutput(Unknown Source) at org.apache.derby.client.am.PreparedStatement.prepare(Unknown Source) at org.apache.derby.client.am.Connection.prepareStatementX(Unknown Source) ... 50 more
FINE: JAAS login complete. FINE: JAAS authentication committed. FINE: Password login succeeded for : administrator@gmail.com FINE: permission check done to set SecurityContext FINE: Set security context as user: administrator@gmail.com FINE: [Web-Security] Policy Context ID was: CHAPTER_x_12_Container_Managed_Authentication_and_Authorization/CHAPTER_x_12_Container_Managed_Authentication_and_Authorization FINE: [Web-Security] hasUserDataPermission perm: (javax.security.jacc.WebUserDataPermission GET) FINE: [Web-Security] hasUserDataPermission isGranted: true FINE: permission check done to set SecurityContext FINE: SecurityContext: setCurrentSecurityContext method called
Just to check once more, here i will paste my realm configuration and also the database and the entities used to create it.
Realm
Database and entities
package entities;
import java.io.Serializable;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToOne;
import javax.persistence.Table;
@Entity
@Table(name="USERS", schema="ADMIN")
public class User implements Serializable {
private static final long serialVersionUID = -1244856316278032177L;
@Id
@Column(nullable = false)
private String userid;
@Column(nullable = false)
private String password;
@ManyToOne
@JoinTable(name="USER_GROUP",schema="ADMIN", joinColumns = @JoinColumn(name="userid", referencedColumnName="userid"), inverseJoinColumns=@JoinColumn(name="groupid", referencedColumnName= "groupid") )
private Group group;
public String getUserid() {
return userid;
}
public void setUserid(String userid) {
this.userid = userid;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public Group getGroup() {
return group;
}
public void setGroup(Group group) {
this.group = group;
}
}
package entities;
import java.io.Serializable;
import java.util.Set;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.OneToMany;
import javax.persistence.Table;
@Entity
@Table(name="GROUPS", schema="ADMIN")
public class Group implements Serializable {
private static final long serialVersionUID = -7274308564659753174L;
@Id
@Column(nullable = false)
private String groupid;
@OneToMany(mappedBy="group")
private Set<User> users;
public String getGroupid() {
return groupid;
}
public void setGroupid(String groupid) {
this.groupid = groupid;
}
public Set<User> getUsers() {
return users;
}
public void setUsers(Set<User> users) {
this.users = users;
}
}
This is what the console displays when using the option generate Tables from entities:
[EL Config]: The access type for the persistent class [class entities.Group] is set to [FIELD]. [EL Config]: The target entity (reference) class for the one to many mapping element [field users] is being defaulted to: class entities.User. [EL Config]: The access type for the persistent class [class entities.User] is set to [FIELD]. [EL Config]: The target entity (reference) class for the many to one mapping element [field group] is being defaulted to: class entities.Group. [EL Config]: The alias name for the entity class [class entities.Group] is being defaulted to: Group. [EL Config]: The column name for element [field groupid] is being defaulted to: GROUPID. [EL Config]: The alias name for the entity class [class entities.User] is being defaulted to: User. [EL Config]: The column name for element [field userid] is being defaulted to: USERID. [EL Config]: The column name for element [field password] is being defaulted to: PASSWORD. [EL Warning]: PersistenceUnitInfo CHAPTER x 12 Container Managed Authentication and Authorization has transactionType RESOURCE_LOCAL and therefore jtaDataSource will be ignored [EL Info]: EclipseLink, version: Eclipse Persistence Services - 2.0.1.v20100213-r6600 [EL Fine]: Detected Vendor platform: org.eclipse.persistence.platform.database.JavaDBPlatform [EL Config]: Connection(25292190)--connecting(DatabaseLogin( platform=>JavaDBPlatform user name=> "user" datasource URL=> "jdbc:derby://localhost:1527/studydb;create=true" )) [EL Config]: Connection(18306082)--Connected: jdbc:derby://localhost:1527/studydb;create=true User: user Database: Apache Derby Version: 10.5.3.0 - (802917) Driver: Apache Derby Network Client JDBC Driver Version: 10.5.3.0 - (802917) [EL Config]: Connection(9740137)--connecting(DatabaseLogin( platform=>JavaDBPlatform user name=> "user" datasource URL=> "jdbc:derby://localhost:1527/studydb;create=true" )) [EL Config]: Connection(23965177)--Connected: jdbc:derby://localhost:1527/studydb;create=true User: user Database: Apache Derby Version: 10.5.3.0 - (802917) Driver: Apache Derby Network Client JDBC Driver Version: 10.5.3.0 - (802917) [EL Info]: file:/C:/learningJSF/CHAPTER x 12 Container Managed Authentication and Authorization/build/classes/_CHAPTER x 12 Container Managed Authentication and Authorization_url=jdbc:derby://localhost:1527/studydb;create=true_user=user login successful [EL Fine]: Connection(18306082)--ALTER TABLE ADMIN.USER_GROUP DROP CONSTRAINT USER_GROUP_groupid [EL Fine]: Connection(18306082)--ALTER TABLE ADMIN.USER_GROUP DROP CONSTRAINT USER_GROUP_userid [EL Fine]: Connection(18306082)--DROP TABLE ADMIN.USER_GROUP [EL Fine]: Connection(18306082)--CREATE TABLE ADMIN.USER_GROUP (userid VARCHAR(255) NOT NULL, groupid VARCHAR(255) NOT NULL, PRIMARY KEY (userid, groupid)) [EL Fine]: Connection(18306082)--DROP TABLE ADMIN.USERS [EL Fine]: Connection(18306082)--CREATE TABLE ADMIN.USERS (USERID VARCHAR(255) NOT NULL, PASSWORD VARCHAR(255) NOT NULL, PRIMARY KEY (USERID)) [EL Fine]: Connection(18306082)--DROP TABLE ADMIN.GROUPS [EL Fine]: Connection(18306082)--CREATE TABLE ADMIN.GROUPS (GROUPID VARCHAR(255) NOT NULL, PRIMARY KEY (GROUPID)) [EL Fine]: Connection(18306082)--ALTER TABLE ADMIN.USER_GROUP ADD CONSTRAINT USER_GROUP_groupid FOREIGN KEY (groupid) REFERENCES ADMIN.GROUPS (groupid) [EL Fine]: Connection(18306082)--ALTER TABLE ADMIN.USER_GROUP ADD CONSTRAINT USER_GROUP_userid FOREIGN KEY (userid) REFERENCES ADMIN.USERS (userid) [EL Config]: Connection(18306082)--disconnect [EL Info]: file:/C:/learningJSF/CHAPTER x 12 Container Managed Authentication and Authorization/build/classes/_CHAPTER x 12 Container Managed Authentication and Authorization_url=jdbc:derby://localhost:1527/studydb;create=true_user=user logout successful [EL Config]: Connection(25292190)--disconnect [EL Config]: Connection(23965177)--disconnect
And this is the rest of my configuration, maybe it helps too:
Ill really appreciate your help.
回答1:
Try to type ADMIN.USERS and ADMIN.USER_GROUP in realm settings. It will tell GlasshFish the schema, where your tables are stored.
来源:https://stackoverflow.com/questions/7994068/cannot-load-group-for-jdbc-realm