- 浏览: 295721 次
- 性别:
- 来自: 上海
文章分类
- 全部博客 (155)
- Liferay portal研究 (23)
- spring研究 (7)
- Displaytag (2)
- Flash Builder (0)
- 搜索引擎 (12)
- 杂项 (17)
- SCM管理 (7)
- Jquery (5)
- Linux (7)
- Oracle (10)
- httpd集成 (3)
- Maven2 (5)
- 企业管理 (1)
- tomcat高级 (4)
- dos命令 (1)
- ldap (2)
- Java (8)
- webservice (1)
- jetty代码研究 (3)
- OpenCMS (1)
- JMX (2)
- hibernate (5)
- Ant (1)
- js tree (4)
- Quartz (0)
- CMS (1)
- springside (1)
- proxool (1)
- freemarker (1)
- Cookie (1)
- CAS SSO (4)
- mysql (1)
- php (1)
- js (2)
- Asset (1)
- openmeeting (1)
- h2数据库 (2)
- wcf vs java ws (1)
最新评论
-
22199143:
...
当在重启Tomcat容器时 Exception in Thread "HouseKeeper" java.lang.NullPointerException -
liuqq:
一直用Oracle开发,几乎没有接触过其他数据库。使用Mysq ...
The Nested Set Model -
yjsxxgm:
yjsxxgm 写道FFFFFFFFFFFFFFFWWW
java 访问wcf -
yjsxxgm:
FFFFFFFFFFFFFFF
java 访问wcf -
hjp222:
scanIntervalSeconds 是重新启动,并非真正的 ...
Jetty 热部署
本例是认证的实现,JAAS定义了可插拔的认证机制,使认证逻辑独立开来,可通过修改配置文件切换认证模块。
官方参考:
http://java.sun.com/products/archive/jaas/
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/JAASRefGuide.html
security.pdf
一、配置文件及设置
1. 配置文件(假设为D:/jaas.conf):
Sample
{
com.fastunit.samples.jaas.SampleLoginModule required debug=false;
};
此文件定义了一个“Sample”验证模块,使用SampleLoginModule来进行验证。
2. 启用配置文件:
-Djava.security.auth.login.config=D:/jaas.conf
二、客户端调用
- package javaapplication3;
- import javax.security.auth.login.LoginContext;
- import javax.security.auth.login.LoginException;
- /**
- *
- * @author Dao
- */
- public class LoginManager
- {
- public LoginManager()
- {
- }
- public static void main(String[] args)
- {
- try
- {
- String username = "username";
- String password = "password";
- //此处指定了使用配置文件的“Sample"验证模块,对应的实现类为SampleLoginModule
- LoginContext lc = new LoginContext("Sample", new SampleCallbackHandler(username, password));
- //进行登录操作,如果验证失败会抛出异常
- lc.login();
- }
- catch (LoginException e)
- {
- e.printStackTrace();
- }
- catch (SecurityException e)
- {
- e.printStackTrace();
- }
- }
- }
package javaapplication3; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; /** * * @author Dao */ public class LoginManager { public LoginManager() { } public static void main(String[] args) { try { String username = "username"; String password = "password"; //此处指定了使用配置文件的“Sample"验证模块,对应的实现类为SampleLoginModule LoginContext lc = new LoginContext("Sample", new SampleCallbackHandler(username, password)); //进行登录操作,如果验证失败会抛出异常 lc.login(); } catch (LoginException e) { e.printStackTrace(); } catch (SecurityException e) { e.printStackTrace(); } } }
- package javaapplication3;
- import java.io.IOException;
- import javax.security.auth.callback.Callback;
- import javax.security.auth.callback.CallbackHandler;
- import javax.security.auth.callback.NameCallback;
- import javax.security.auth.callback.PasswordCallback;
- import javax.security.auth.callback.UnsupportedCallbackException;
- /**
- *
- * @author Dao
- */
- public class SampleCallbackHandler implements CallbackHandler
- {
- private String username;
- private String password;
- public SampleCallbackHandler(String username, String password)
- {
- this.username = username;
- this.password = password;
- }
- public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
- {
- for (int i = 0; i < callbacks.length; i++)
- {
- if (callbacks[i] instanceof NameCallback)
- {
- NameCallback ncb = (NameCallback) callbacks[i];
- ncb.setName(this.username);
- }
- else if (callbacks[i] instanceof PasswordCallback)
- {
- PasswordCallback pcb = (PasswordCallback) callbacks[i];
- pcb.setPassword(this.password.toCharArray());
- }
- }
- }
- }
package javaapplication3; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; /** * * @author Dao */ public class SampleCallbackHandler implements CallbackHandler { private String username; private String password; public SampleCallbackHandler(String username, String password) { this.username = username; this.password = password; } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof NameCallback) { NameCallback ncb = (NameCallback) callbacks[i]; ncb.setName(this.username); } else if (callbacks[i] instanceof PasswordCallback) { PasswordCallback pcb = (PasswordCallback) callbacks[i]; pcb.setPassword(this.password.toCharArray()); } } } }
三、验证实现
- package javaapplication3;
- import java.io.IOException;
- import java.util.Map;
- import javax.security.auth.Subject;
- import javax.security.auth.callback.Callback;
- import javax.security.auth.callback.CallbackHandler;
- import javax.security.auth.callback.NameCallback;
- import javax.security.auth.callback.PasswordCallback;
- import javax.security.auth.callback.UnsupportedCallbackException;
- import javax.security.auth.login.LoginException;
- import javax.security.auth.spi.LoginModule;
- /**
- *
- * @author Dao
- */
- public class SampleLoginModule implements LoginModule
- {
- private boolean isAuthenticated = false;
- private CallbackHandler callbackHandler;
- private Subject subject;
- private SamplePrincipal principal;
- public SampleLoginModule()
- {
- }
- public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options)
- {
- this.subject = subject;
- this.callbackHandler = callbackHandler;
- }
- public boolean login() throws LoginException
- {
- try
- {
- NameCallback nameCallback = new NameCallback("username");
- PasswordCallback passwordCallback = new PasswordCallback("password", false);
- Callback[] calls = new Callback[]{nameCallback, passwordCallback};
- this.callbackHandler.handle(calls);
- //获得用户数据
- String username = nameCallback.getName();
- String password = String.valueOf(passwordCallback.getPassword());
- //TODO验证,如:查询数据库、LDAP。。。
- if (true) //此处省去了实际的验证逻辑,在此假设验证通过
- {
- this.principal = new SamplePrincipal(username);
- this.isAuthenticated = true;
- }
- else
- {
- throw new LoginException("user or password is wrong");
- }
- }
- catch (IOException e)
- {
- throw new LoginException("no such user");
- }
- catch (UnsupportedCallbackException e)
- {
- throw new LoginException("login failure");
- }
- return this.isAuthenticated;
- }
- /**
- * 验证后处理,在Subject中加入用户对象
- * @return
- * @throws javax.security.auth.login.LoginException
- */
- public boolean commit() throws LoginException
- {
- if (this.isAuthenticated)
- {
- this.subject.getPrincipals().add(this.principal);
- }
- else
- {
- throw new LoginException("Authentication failure");
- }
- return this.isAuthenticated;
- }
- public boolean abort() throws LoginException
- {
- return false;
- }
- public boolean logout() throws LoginException
- {
- this.subject.getPrincipals().remove(this.principal);
- this.principal = null;
- return true;
- }
- }
package javaapplication3; import java.io.IOException; import java.util.Map; import javax.security.auth.Subject; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; /** * * @author Dao */ public class SampleLoginModule implements LoginModule { private boolean isAuthenticated = false; private CallbackHandler callbackHandler; private Subject subject; private SamplePrincipal principal; public SampleLoginModule() { } public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) { this.subject = subject; this.callbackHandler = callbackHandler; } public boolean login() throws LoginException { try { NameCallback nameCallback = new NameCallback("username"); PasswordCallback passwordCallback = new PasswordCallback("password", false); Callback[] calls = new Callback[]{nameCallback, passwordCallback}; this.callbackHandler.handle(calls); //获得用户数据 String username = nameCallback.getName(); String password = String.valueOf(passwordCallback.getPassword()); //TODO验证,如:查询数据库、LDAP。。。 if (true) //此处省去了实际的验证逻辑,在此假设验证通过 { this.principal = new SamplePrincipal(username); this.isAuthenticated = true; } else { throw new LoginException("user or password is wrong"); } } catch (IOException e) { throw new LoginException("no such user"); } catch (UnsupportedCallbackException e) { throw new LoginException("login failure"); } return this.isAuthenticated; } /** * 验证后处理,在Subject中加入用户对象 * @return * @throws javax.security.auth.login.LoginException */ public boolean commit() throws LoginException { if (this.isAuthenticated) { this.subject.getPrincipals().add(this.principal); } else { throw new LoginException("Authentication failure"); } return this.isAuthenticated; } public boolean abort() throws LoginException { return false; } public boolean logout() throws LoginException { this.subject.getPrincipals().remove(this.principal); this.principal = null; return true; } }
- package javaapplication3;
- import java.security.Principal;
- /**
- *
- * @author Dao
- */
- public class SamplePrincipal implements Principal
- {
- private String name;
- public SamplePrincipal(String name)
- {
- this.name = name;
- }
- public String getName()
- {
- return name;
- }
- public boolean equals(Object ob)
- {
- if (ob instanceof SamplePrincipal)
- {
- SamplePrincipal principal = (SamplePrincipal) ob;
- return this.name.equalsIgnoreCase(principal.getName());
- }
- return false;
- }
- public int hashCode()
- {
- return name.toUpperCase().hashCode();
- }
- }
发表评论
-
ogl的入门
2010-03-30 08:24 1416http://jxb8901.iteye.com/blog/2 ... -
JAAS HelloWorld
2010-03-04 17:09 1264Examples: JAAS HelloWorld Thes ... -
liferay sso
2010-01-28 16:18 2336基于Liferay的CAS SSO ... -
liferay 权限
2010-01-04 13:49 1587liferay的权限很多资料说 ... -
liferay多数据源
2009-12-15 15:46 1786Configure MySQL Master/Slave ... -
杂项2
2009-11-18 21:44 920function <portlet:namespace ... -
Simple Apache CXF web service integration
2009-11-18 20:24 1199For those who wants to use the ... -
LiferayCounter机制
2009-10-24 14:08 1060public long increment(String na ... -
lifery 老的资源
2009-10-23 14:40 879http://docs.liferay.com/portal/ ... -
liferay portal 的开发目录结构
2009-10-17 11:59 1731portal-kenel.jar 不依赖任何非标准jar(只依 ... -
liferay 常用urls
2009-10-16 22:43 955http://blog.csdn.net/smilingleo ... -
liferay 调用webservice
2009-10-16 22:34 4548Liferay是基于SOA理念设计的,很容易通过Web Ser ... -
Database Sharding
2009-10-15 12:40 1591Database sharding is a way of s ... -
Liferay权限管理的讲解
2009-10-12 21:37 1542这篇文章讲解了liferay中使用的权限管理系统的内部细节,涉 ... -
ServiceContext Pattern
2009-10-12 21:30 1036The Service Context is an objec ... -
Liferay性能调优
2009-10-12 21:25 2206CONTRIBUTIONS WANTED Corné|Corn ... -
Liferay重要对象-Layout
2009-10-12 21:19 2227A layout is an instance of a si ... -
liferay常用配置
2009-10-12 20:47 1165在实际需求中,如果是做网站那我们有时候会有这样的需求,即希望用 ... -
liferay学习系列(3)
2009-10-11 20:16 1250在一个Portlet中链接到另一个Portlet 这个问题,应 ... -
liferay学习系列(2)
2009-10-07 20:31 6967想做个用户积分管理,类似于论坛积分的概念,首先在用户管理里面添 ...
相关推荐
本文将深入探讨 JAAS 的基本概念、工作原理以及如何通过一个入门例子来理解和使用它。 1. **JAAS 基本概念** - **身份验证**:验证用户或系统实体的身份,通常通过用户名和密码、数字证书等方式进行。 - **授权**...
### JAAS身份验证技术入门详解 #### 一、JAAS概览 JAAS,全称为Java Authentication and Authorization Service(Java认证与授权服务),是Java Standard Edition(Java SE)中的一个核心组成部分,旨在为Java应用...
8. **基于 JAAS 的安全框架**:Karaf 提供了一个基于 Java Authentication and Authorization Service (JAAS) 的安全框架,为用户提供身份验证和授权支持。 9. **实例管理**:Karaf 提供了简单的命令用于管理多个...
【Drools入门手册】是关于规则引擎的介绍,Drools是一个开源的Java规则引擎,它被设计用于实现复杂的业务逻辑和决策自动化。规则引擎是一种软件系统,它允许业务规则与应用程序的其余部分分离,使得规则的修改和管理...
Java EE提供了多种组件和服务,包括Web层组件(如JSP和Servlet)、业务层组件(如EJB)以及JNDI、JDBC、RMI、JAAS、JavaMail等服务。值得注意的是,虽然Java EE有两个体系,标准体系和流行体系(如Struts、Hibernate...
服务:JNDI JDBC RMI JAAS JavaMail等等 Java EE包括2个体系:标准(上面介绍的)+流行(Struts+Hibernate+Spring) 两套体系都是JSP+Servlet为基础。 2 JSP会涉及哪些内容 JSP语法基础(Java+HTML)...
本教程将带你深入理解WebLogic 9.0的基础知识,让你能够快速入门并熟练掌握其核心功能。 一、WebLogic Server简介 WebLogic Server是WebLogic平台的核心组件,它提供了运行Java应用程序和服务的环境。在WebLogic ...
8. **安全性**:EJB3.0提供了基于角色的访问控制(Role-Based Access Control, RBAC),并支持JAAS(Java Authentication and Authorization Service)。 配合**黎活明**编著的《EJB3.0入门经典》,读者可以系统地...
WebSphere提供了多种安全机制,包括基本认证、LDAP集成、SSL/TLS加密、JAAS(Java Authentication and Authorization Service)和自定义安全策略。你可以为每个应用程序定义访问控制和用户角色。 7. **监控与性能...
### Java Web快速入门——全十讲 #### 一、Java与Web开发的融合:JavaEE标准框架 在探讨Java Web开发之前,我们首先要理解Java在Web领域的定位。Java不仅仅是一种编程语言,它还是一套完整的生态系统,适用于各种...
eclipse.zip //01.Eclipse入门样例 database.zip //02.数据库文件 (2)EJB入门样例 EJBTest.zip //03.EJB入门样例——HelloWorld EJBTestJava.zip //03.Java测试客户端 EJBTestJSP.zip //03.JSP...
eclipse.zip //01.Eclipse入门样例 database.zip //02.数据库文件 (2)EJB入门样例 EJBTest.zip //03.EJB入门样例——HelloWorld EJBTestJava.zip //03.Java测试客户端 EJBTestJSP.zip //03.JSP...
eclipse.zip //01.Eclipse入门样例 database.zip //02.数据库文件 (2)EJB入门样例 EJBTest.zip //03.EJB入门样例——HelloWorld EJBTestJava.zip //03.Java测试客户端 EJBTestJSP.zip //03.JSP...
eclipse.zip //01.Eclipse入门样例 database.zip //02.数据库文件 (2)EJB入门样例 EJBTest.zip //03.EJB入门样例——HelloWorld EJBTestJava.zip //03.Java测试客户端 EJBTestJSP.zip //03.JSP...
本入门培训教程适合对Acegi不熟悉的新手,旨在帮助读者理解和掌握Acegi的基础配置和工作原理。 1. **Acegi Security概述** Acegi的主要目标是将系统的安全逻辑从核心业务代码中分离出来,以实现更清晰的架构。它...