jaas

Tomcat JAAS 简单的登录

好久不见. 提交于 2020-01-07 08:18:18
【推荐】2019 Java 开发者跳槽指南.pdf(吐血整理) >>> Java Authentication Authorization Service(JAAS,Java验证和授权API)提供了灵活和可伸缩的机制来保证客户端或服务器端的Java程序。[来自百度百科] 登录界面 注意 下面的 name是不可以修改的 (原因待我去google下) <form method="POST" action="j_security_check"> 姓名:<input type="text" name="j_username"/><br/> 密码:<input type="password" name="j_password"/><br/> <input type="submit" value="登录"/> </form> 错误界面 <body> 粗错了…… </body> 创建一个你要访问的界面 比如 mangement.html <body> hello world </body> web.xml 配置 注意 下面的<role-name>admin</role-name> 要和 你的tomcat 安装目录下的conf/tomcat-users.xml 里面的配置相同。 默认下的tomcat-users.xml 是注释掉的。你需要把注释去掉!!!! <security-constraint

Retrieve object add in JAAS login module from JSF managedbean

那年仲夏 提交于 2020-01-07 04:51:27
问题 Our application uses JSF 2.2 and use glassfish 4 as the server. I need to add some object in the login module during authenticate user, so in the web application, the managed bean can retrieve that object. In the loginModule I did the following (if it is not the case please tell me the right way to do): _subject.getPublicCredentials().add(someObject); But how can I retrieve it in ManagedBean. Any help will be much appreciated. 回答1: This is part of the JSR-115 specification JavaTM

Why is tomcat7 unable to find LoginModule class in JAAS

一笑奈何 提交于 2020-01-07 02:19:08
问题 I have an application packaged in a WAR which is running great on an existing Tomcat6 server. I am now trying to deploy it in tomcat7 but am getting the following error as soon as I run the login action: Failed login. Reason: LoginException: unable to find LoginModule class: security.jass.SimpleLoginModule I have the contents below in the conf file, which is defined in Java's security.properties: UserLoginImpo { security.jass.SimpleLoginModule required; }; Changing the class name here (to a

No JAAS configuration section named 'Server' was foundin '/kafka/kafka_2.12-2.3.0/config/zookeeper_jaas.conf'

浪子不回头ぞ 提交于 2020-01-06 12:14:46
问题 when i run the zookeeper from the package in the kakfa_2.12-2.3.0 i am getting the following error $ export KAFKA_OPTS="-Djava.security.auth.login.config=/kafka/kafka_2.12-2.3.0/config/zookeeper_jaas.conf" $ ./bin/zookeeper-server-start.sh config/zookeeper.properties and the zookeeper_jaas.conf is KafkaServer { org.apache.kafka.common.security.plain.PlainLoginModule required username="admin" password="admin-secret" user_admin="admin-secret"; }; and the zookeeper.properties file is server

Why is Tomcat manager using my LoginModule?

回眸只為那壹抹淺笑 提交于 2020-01-02 21:53:44
问题 I'm running Tomcat 6.0.29 and created a realm and loginmodule of my own. They are defined in server.xml like so: <Realm className="mycompany.tomcat.MyRepositoryRealm" appName="My_Realm" userClassNames="mycompany.tomcat.IdentityPrincipal" roleClassNames="mycompany.tomcat.RolePrincipal" useContextClassLoader="true"/> I have added the library containing these classes to my tomcat/lib folder. Other than that, I have not changed Tomcat from it's default configuration. When I go to fire up the

Password Encryption Algorithm in Glassfish 4

你说的曾经没有我的故事 提交于 2020-01-02 03:29:13
问题 I've recently updated Glassfish from 3.1.2 to 4.0 and wanted to set up a JDBCRealm that I used before on my app which uses FORM based authentication. The passwords are hashed with SHA-256 in the database (that is the default Digest Algorithm option). The realm has a property that became mandatory in this Glassfish version: Password Encryption Algorithm. Quite incredibly, the official Glassfish documentation says it's optional, and the note under the input field says it is a risk to leave it

Password Encryption Algorithm in Glassfish 4

限于喜欢 提交于 2020-01-02 03:29:10
问题 I've recently updated Glassfish from 3.1.2 to 4.0 and wanted to set up a JDBCRealm that I used before on my app which uses FORM based authentication. The passwords are hashed with SHA-256 in the database (that is the default Digest Algorithm option). The realm has a property that became mandatory in this Glassfish version: Password Encryption Algorithm. Quite incredibly, the official Glassfish documentation says it's optional, and the note under the input field says it is a risk to leave it

how to integrate angularjs and java jaas based authentication?

感情迁移 提交于 2019-12-31 01:11:28
问题 I have a webapp which has angularJS on the frontend and Java on the backed. Angular communicates with the java backend via Restful webservices consuming and sending JSON across HTTP. I need to build the authentication mechanism for this app and was wondering how would be the best approach, currently I'm using JAAS based authentication (JDBC user table). This is how my app is configured: My web.xml configuration has: <login-config> <auth-method>FORM</auth-method> <realm-name>userauth</realm

Newbie at JAAS authentication; Sign in using a token in the URL Bar

和自甴很熟 提交于 2019-12-30 07:12:15
问题 I have an interesting project requirement where we must accept a token as a GET paramenter that will authenticate a user coming into an application. This is to allow trusted third parties to seamlessly send a user over to our site without having to make them log in again. An example might be: http://www.myproj.com/appName/index.jsf?user_token=asdf123randomstuffaf12fsaasdf appName would be the context root, and user_token would be a token that could be checked. The token will be used once,

EJB3 & How JAAS subject/principal is propagated to EJB Tier from servlet container?

前提是你 提交于 2019-12-30 05:24:04
问题 I'm trying to understand how the JAAS principal propagates to the Business/EJB tier from web tier. I've read that the if the roles/realm is configured in login-config & security-context of web.xml then the servlet container will also transparently pass the authenticated principal to the EJB Tier. Two questions 1.) First & more importantly is that true ? Without any intervention from the developer ! 2.) And secondly any idea how that works under the hood. 回答1: yes it's true. that's generally
订阅 jaas