我经过2天的呕血奋战实现了不改变java VM环境和Web server环境,在struts下实现JAAS。
步骤如下:
1. welcome.jsp, index.jsp, struts-config.xml
<%@ taglib uri="/tags/struts-logic" prefix="logic" %>
<logic:redirect forward="index"/>
<%-- welcome.jsp
Redirect default requests to Welcome global ActionForward.
By using a redirect, the user-agent will change address to match the path of our Welcome ActionForward.
--%>
index.jsp
<%@ page contentType="text/html; charset=UTF-8"%>
<%@ taglib uri="/tags/struts-bean" prefix="bean"%>
<%@ taglib uri="/tags/struts-html" prefix="html"%>
<%@ taglib uri="/tags/struts-logic" prefix="logic"%>
<html:html>
<Title>Logon</Title>
<body>
<html:form action="/LoginAction.do">
<p>User ID: <input type="text" name="userID" value="tyrone" /><br>
Passord: <input type="password" name="password" value="password"/><br>
<html:submit /></p>
</html:form>
</body>
</html:html>
struts-config.xml
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE struts-config PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 1.2//EN"
"http://jakarta.apache.org/struts/dtds/struts-config_1_2.dtd">
<struts-config>
<!-- ================================================ Form Bean Definitions -->
<form-beans>
<!--2 Login formbean-->
<form-bean
name="LoginForm"
type="com.nova.colimas.web.form.LoginForm"/>
</form-beans>
<global-forwards>
<!-- Default forward to "Welcome" action -->
<!-- Demonstrates using index.jsp to forward -->
<forward
name="index"
path="/index.do"/>
</global-forwards>
<!-- =========================================== Action Mapping Definitions -->
<action-mappings>
<!-- Default "Welcome" action -->
<!-- Forwards to Welcome.jsp -->
<action path="/index"
type="com.nova.colimas.web.action.StartupServlet">
<forward name="success" path="/pages/index.jsp"/>
</action>
<!-- 2 Login -->
<action path="/LoginAction"
type="com.nova.colimas.web.action.LoginAction"
name="LoginForm"
scope="request"
input="/pages/indexcon.jsp"
validate="true">
<forward name="success" path="/pages/index.jsp"/>
<forward name="failure" path="/pages/index.jsp"/>
</action>
</action-mappings>
</struts-config>
2. 实现com.nova.colimas.web.action.StartupServlet用来初始化JAAS需要的系统属性
public class StartupServlet extends Action {
public ActionForward execute(ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws Exception{
// Initialization of the log
//LoggerFactory.setFactory(new EPricerLogFactory ());
//Log.info (this, "Startup of Settings application");
initJAAS();
return mapping.findForward("success");
}
//初始化JAAS需要的系统属性
private void initJAAS(){
//set env variable
//用于认证JAASConstants接口内保存login.config文件地址 System.setProperty("java.security.auth.login.config",JAASConstants.AUTH_SECURITY_LOGINFILE);
}
}
public interface JAASConstants {
String AUTH_SECURITY_POLICYXMLFILE="D:\\MyProject\\colimas\\clms-web\\colimas\\security-policy.xml";
String AUTH_SECURITY_LOGINFILE="D:\\MyProject\\colimas\\clms-web\\colimas\\login.config";
String AUTH_SECURITY_MODULENAME="ColimasLogin";
}
Login.config文件内容:
ColimasLogin {
com.nova.colimas.security.auth.ColimasLoginModule required debug=true;
};
3.实现ColimasLoginModule登录模块
/*
* Created on 2005/07/01
*
* TODO To change the template for this generated file go to
* Window - Preferences - Java - Code Style - Code Templates
*/
package com.nova.colimas.security.auth;
import java.util.*;
import javax.security.auth.*;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.LoginModule;
//import java.security.*;
//import org.w3c.dom.traversal.*;
import org.w3c.dom.*;
//import org.apache.xpath.*;
/**
* @author tyrone
*
* TODO To change the template for this generated type comment go to
* Window - Preferences - Java - Code Style - Code Templates
*/
public class ColimasLoginModule implements LoginModule {
private Subject subject;
private CallbackHandler callbackHandler;
private boolean debug = false;
private boolean succeeded = false;
private boolean commitSucceeded = false;
private String username;
private char[] password;
/**
* Initializes the <code>LoginModule</code>.
*
* @param subject the <code>Subject</code> to be authenticated.
*
* @param callbackHandler a <code>CallbackHandler</code> for
* prompting and retrieving the userid and password from the user.
*
* @param sharedState shared <code>LoginModule</code> state.
*
* @param options options specified in the login configuration
* file for this <code>LoginModule</code>.
*/
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
// initialize configuration options
margin
分享到:
相关推荐
JAAS in Web Applications主要是关于java 的认证与授权.例子很详细,如果有需要此类功能开发可以联系我,收费2000
jaas详细配置精讲 tomcat web.xml
jaas实现,单纯java文件
文件中包含 已配置好的tomcat7和jass示例 打包部署后即可运行 还有一份说明文档 tomcat配置的是mac版的,如果是windows的系统请自行修改tomcat启动参数
JAAS JaasDemo JAAS例子
JAAS In Action 博文链接:https://hintcnuie.iteye.com/blog/245239
jaas in action ebook
JAAS认证与授权教程,包含本教程的源代码
jaas的详细资料 基于JAAS和J2EE Web容器的验证与授权
NULL 博文链接:https://bill-xing.iteye.com/blog/401649
Java安全框架最初集中在保护用户运行潜在的不可信任代码,是基于代码的来源(URL)和谁创建的代码(certificate)来给移动代码进行授权。Java 2 SDK 1.3引入了JAAS( Java Authentication and Authorization Service...
本文件是《jaas in action》一书的代码部分,下载《jaas in action》一书请查看本人发布的资源
JAAS 本身包括文档和一个lib 目录,其中只有一个jar 文件(jaas.jar)。
jaas 入门经典实例,jaas 入门经典实例,jaas 入门经典实例jaas 入门经典实例,jaas 入门经典实例
JAAS(Java Authentication and Authentication Service Jay,认证和授权服务)是Java安全编程的一个重要补 充。它提供了根据验证主题身份来验证主题和授权资源访问的标准方法。本文较全面地介绍了JAAS的特点、组成 ...
JAAS是对原有Java 2安全框架的一个重要补充。本文较全面地介绍了JAAS的特点、组成及其在Jay。安全编程中的应 用。并简单分析了一个例子,该例经扩充后可直接应用于实践
最近温习ssh2整合编程,顺便浏览下struts2有什么更新的消息,下载了新版本的struts2的2.1.8.1版,使用的是MyEclipse8.0开发,但是问题就随之而来了。MyEclipse8.0中自带的struts2版本是2.1.6,spring版本有2.0,2.5...
jaas.jar jaas.jar jaas.jar
全面介绍jaas以及jaas的应用