- 浏览: 1202335 次
- 性别:
- 来自: 杭州
文章分类
最新评论
-
insistboy:
写的太棒了,受不了
WebLogic11g-创建域(Domain) -
goldyeah:
厉害了 困扰我大半个月的问题解决了 谢谢博主
WebLogic11g-单双向SSL配置(以Springside3为例) -
zy315351965:
404伤不起
开源流程引擎Snaker -
nannan408:
双向的时候谷歌提示“不接受您的登录证书,或者您可能没有提供登录 ...
WebLogic11g-单双向SSL配置(以Springside3为例) -
一颗赛艇:
不成功啊。启动有问题 <Security> < ...
WebLogic11g-单双向SSL配置(以Springside3为例)
步骤一、首先通过MDF的XML文件定义验证提供程序,文件路径为:d:\src\ImepAuthenticator.xml
步骤二、使用MbeanMaker实用工具来处理MDF文件,并生成MBean和桩:
D:\>java -classpath "D:\bea\weblogic81\server\lib\mbeantypes\wlManagement.jar;D:
\bea\weblogic81\server\lib\weblogic.jar;D:\bea\jdk142_05\lib\tools.jar;D:\bea\jd
k142_05\lib\rt.jar;d:\src" -DcreateStubs="true" weblogic.management.commo.WebLog
icMBeanMaker -MDF d:\src\ImepAuthenticator.xml -files d:\src
Parsing the MBean definition file: d:\src\ImepAuthenticator.xml
Generating the source files...
Generating the MBean interface file...
Generating the MBean implementation file...
Compiling the implementation file...
Compiling these files d:\src\ImepSecurityAuthenticatorImpl.java
Generating the MBI generator file...
Compiling the MBI generator file...
Compiling these files d:\src\ImepSecurityAuthenticatorMBI.java
Creating the MBI file...
Deleting the MBI generator temp files.......
Done.
步骤三、通过com.imep.security.ImepAuthProviderImpl类中设置JAAS验证模块
其中com.imep.security.ImepLoginModuleImpl实现LoginModule
步骤四、在com.imep.security.ImepLoginModuleImpl验证模块中,实现自定义验证:
实现源码在附件中
步骤五、将以上代码打成jar包,并通过WebLogicMBeanMaker打成MJF包:
D:\>java -classpath "D:\bea\weblogic81\server\lib\mbeantypes\wlManagement.jar;D:
\bea\weblogic81\server\lib\weblogic.jar;D:\bea\jdk142_05\lib\tools.jar;D:\bea\jd
k142_05\lib\rt.jar;d:\src" -DcreateStubs="true" weblogic.management.commo.WebLog
icMBeanMaker -MJF ImepAuthenticatorProvider.jar -files d:\src
Compiling the files...
Compiling these files d:\src\ImepSecurityAuthenticatorImpl.java
d:\src\ImepSecurityAuthenticatorMBean.java
d:\src\ImepSecurityAuthenticatorMBI.java
Creating the MJF...
MJF is created.
Done.
步骤六、将MJF包:
ImepAuthenticatorProvider.jar 放置到
D:\bea\weblogic81\server\lib\mbeantypes\下,
并登录weblogic的console控制台,在
domain->Security->Realms->myrealm->roviders->Authentication
中添加Imep Security Authenticator即可。
<?xml version="1.0" ?> <!DOCTYPE MBeanType SYSTEM "commo.dtd"> <!-- MBean Definition File (MDF) for the Sample Authenticator. Copyright (c) 2003 by BEA Systems, Inc. All Rights Reserved. --> <!-- Declare your mbean. Since it is for an authenticator, it must extend the weblogic.management.security.authentication.Authenticator mbean. The Name and DisplayName must be the same. They specify the name that will appear on the console for this provider. Set the PeristPolicy to "OnUpdate" so that if an attribute value is changed, the new value is written to disk immediately. See the "Developing Security Services" manual for more info. Note that since this is an xml document, you can't use double quotes directly. Instead you need to use " Note that setting "Writeable" to "false" on an attribute makes the attribute read-only. The default is read-write. --> <MBeanType Name = "ImepSecurityAuthenticator" DisplayName = "Imep Security Authenticator" Package = "com.imep.security" Extends = "weblogic.management.security.authentication.Authenticator" PersistPolicy = "OnUpdate" > <!-- You must set the value of the ProviderClassName attribute (inherited from the weblogic.management.security.Provider mbean) to the name of the java class you wrote that implements the weblogic.security.spi.AuthenticationProvider interface. You can think of the provider's mbean as the factory for your provider's runtime implementation. --> <MBeanAttribute Name = "roviderClassName" Type = "java.lang.String" Writeable = "false" Default = ""com.imep.security.ImepAuthProviderImpl"" /> <!-- You must set the value of the Description attribute (inherited from the weblogic.management.security.Provider mbean) to a brief description of your provider. It is displayed in the console. --> <MBeanAttribute Name = "Description" Type = "java.lang.String" Writeable = "false" Default = ""Authenticator used for the MedRec sample application only"" /> <!-- You must set the value of the Version attribute (inherited from the weblogic.management.security.Provider mbean) to your provider's version. There is no required format. --> <MBeanAttribute Name = "Version" Type = "java.lang.String" Writeable = "false" Default = ""1.0"" /> <!-- Add any custom attributes for your provider here. The sample authenticator does not have any custom attributes. Note: custom attributes do not appear in the console in WLS 7.0. Use the admin command line tool (java weblogic.Admin) to view and set their values. Refer to the "Developing Security Services" manual for more info on defining custom attributes. --> </MBeanType>
步骤二、使用MbeanMaker实用工具来处理MDF文件,并生成MBean和桩:
D:\>java -classpath "D:\bea\weblogic81\server\lib\mbeantypes\wlManagement.jar;D:
\bea\weblogic81\server\lib\weblogic.jar;D:\bea\jdk142_05\lib\tools.jar;D:\bea\jd
k142_05\lib\rt.jar;d:\src" -DcreateStubs="true" weblogic.management.commo.WebLog
icMBeanMaker -MDF d:\src\ImepAuthenticator.xml -files d:\src
Parsing the MBean definition file: d:\src\ImepAuthenticator.xml
Generating the source files...
Generating the MBean interface file...
Generating the MBean implementation file...
Compiling the implementation file...
Compiling these files d:\src\ImepSecurityAuthenticatorImpl.java
Generating the MBI generator file...
Compiling the MBI generator file...
Compiling these files d:\src\ImepSecurityAuthenticatorMBI.java
Creating the MBI file...
Deleting the MBI generator temp files.......
Done.
步骤三、通过com.imep.security.ImepAuthProviderImpl类中设置JAAS验证模块
private AppConfigurationEntry getConfiguration(HashMap hashmap) { hashmap.put("database", new ImepAuthDatabase()); return new AppConfigurationEntry("com.imep.security.ImepLoginModuleImpl", controlFlag, hashmap); }
其中com.imep.security.ImepLoginModuleImpl实现LoginModule
步骤四、在com.imep.security.ImepLoginModuleImpl验证模块中,实现自定义验证:
实现源码在附件中
步骤五、将以上代码打成jar包,并通过WebLogicMBeanMaker打成MJF包:
D:\>java -classpath "D:\bea\weblogic81\server\lib\mbeantypes\wlManagement.jar;D:
\bea\weblogic81\server\lib\weblogic.jar;D:\bea\jdk142_05\lib\tools.jar;D:\bea\jd
k142_05\lib\rt.jar;d:\src" -DcreateStubs="true" weblogic.management.commo.WebLog
icMBeanMaker -MJF ImepAuthenticatorProvider.jar -files d:\src
Compiling the files...
Compiling these files d:\src\ImepSecurityAuthenticatorImpl.java
d:\src\ImepSecurityAuthenticatorMBean.java
d:\src\ImepSecurityAuthenticatorMBI.java
Creating the MJF...
MJF is created.
Done.
步骤六、将MJF包:
ImepAuthenticatorProvider.jar 放置到
D:\bea\weblogic81\server\lib\mbeantypes\下,
并登录weblogic的console控制台,在
domain->Security->Realms->myrealm->roviders->Authentication
中添加Imep Security Authenticator即可。
- src.rar (7.7 KB)
- 下载次数: 104
评论
9 楼
haoppywang
2014-09-28
hello, 我最近需要做Weblogic的自定义登陆模块,有问题想请教一下。qq:2324366756
8 楼
genius
2011-04-22
大哥,非常感谢,文章写的不错,不过在创建的过程中碰到点细节问题,例如:Authenticator.xml 是放在mbeantypes里面执行的,要不然会报找不到commo.dtd的错误。还有,顺带问一下,这些开发有没有好的工具支持一下,我搞你这个例子搞到晚上二点多呢。
7 楼
Dead_knight
2011-04-21
忘记提醒你了,配置domain->Security->Realms->myrealm->roviders->Authentication时,需要重新设置鉴权顺序,点击“Re-order the Configured Authentication Providers”,然后将你的移动最上面,并且需要设置Control Flag的值为sufficient
6 楼
genius
2011-04-21
我测试他不进去啊,我在里面的打印信息没出来。
5 楼
Dead_knight
2011-04-21
就是部署一个web应用,通过在web.xml和weblogic.xml中设置角色等信息,然后登录页面用j_security_check处理,应该就能测试了
4 楼
genius
2011-04-21
大哥,我做好了,怎么去测试呢?
3 楼
genius
2011-04-21
我重新做了一遍好了。非常感谢!
2 楼
Dead_knight
2011-04-21
进入weblogic控制台,进入如下路径
domain->Security->Realms->myrealm->roviders->Authentication
即可看到所有的鉴权列表,包括自定义的JAAS模块
domain->Security->Realms->myrealm->roviders->Authentication
即可看到所有的鉴权列表,包括自定义的JAAS模块
1 楼
genius
2011-04-21
你好,按照你说的,我最后放到mbeantypes,它没有显示啊。 他会自动显示在下拉列表吗?还有,你的roviders 少个P,应该是Providers吧?
发表评论
-
WebLogic11g-EJB部署
2013-09-25 08:31 12889weblogic部署ejb可以通过jar、ear方式。 两种部 ... -
WebLogic11g-集群相关概念
2013-09-18 09:02 5276weblogic集群架构相关的概念有: 1、服务器(serve ... -
WebLogic11g-负载分发
2013-09-17 07:18 29060负载均衡的实现方式有很多种,这里只介绍三种相对来说成本较低的方 ... -
WebLogic11g-半小时让你的domain集群化
2013-09-16 07:04 45325其实网上关于weblogic集群的资料非常多【大部分都是从创建 ... -
WebLogic11g-单双向SSL配置(以Springside3为例)
2013-09-13 06:56 240392、观察weblogic方便开发部署提供的演示秘钥库 (秘钥 ... -
WebLogic11g-常用运维操作
2013-09-11 08:49 33297希望这篇能把weblogic运维时经常遇到的问题、常用的配置汇 ... -
WebLogic11g-配置数据源及全局事务JTA
2013-09-10 07:29 10284这篇文章依然以Springside ... -
WebLogic11g-部署web应用(以Springside3为例)
2013-09-08 22:51 20124Weblogic11g部署web应用,有三种方式,非常简单,但 ... -
WebLogic11g-创建域(Domain)
2013-09-08 11:44 56768最近看到经常有人提问weblogic相关问题,所以闲暇之际写几 ... -
Weblogic中通过IdentityAsserter实现SSO
2011-05-27 22:55 2271weblogic8实现SSO的一种简单方案,就是通过Ident ... -
Weblogic9扩展JAAS应用注意点
2011-05-24 23:05 1928一、创建 MBean 定义文件MDF(与Weblogic8一致 ... -
模拟用户登录JAAS验证模块的weblogic应用
2011-03-06 13:58 2489登录JAAS验证模块的weblogic应用,有两种方法 一、直 ... -
BEA-000342 this server is unable to establish a connection to the node manager
2011-01-13 22:05 3637异常信息: <2011-1-13 下午09时21分4 ... -
weblogic集群节点监控
2010-12-27 16:41 6834由于项目需要,对weblogic集群做监控,并定时采集系统中队 ... -
weblogic与portal用户同步
2010-12-27 15:54 1686String url = "t3 ... -
WebLogic更改默认cookie名称JSESSIONID
2010-12-27 15:46 4750在weblogic中,如果需要更改默认的CookieName名 ... -
Configuring jdbcdslog on Weblogic and Oracle
2010-05-19 11:29 2471通过JavaEye新闻月刊了解到jdbcdslog工具,尝试在 ... -
Weblogic下部署axis的问题总结
2009-06-21 09:11 5081网上看过很多关于tomcat下的axis部署,却很少有 ... -
BEA-Portal 异常解决案例分析
2008-12-07 22:32 2351一、异常信息: 当在生产环境中登录portalAdmin应用时 ...
相关推荐
通过WebLogic的安全配置,可以实现用户身份验证、权限管理和审计功能。 8. **性能优化** 优化WebLogic Server涉及调整内存设置、线程池大小、缓存策略等。通过监控和诊断工具,可以分析性能瓶颈,进行针对性优化。...
5. 安全性:考虑到数据敏感性,系统应包含身份验证和授权机制,例如使用JAAS(Java Authentication and Authorization Service)和SSL/TLS协议来保护用户信息和交易安全。 6. 部署与容器:JavaEE应用通常部署在应用...
1. 用户认证与授权:这是任何系统的基础,J2EE中的Servlet和JSP可以实现用户登录界面,而JAAS(Java Authentication and Authorization Service)则负责处理用户的身份验证和权限控制。 2. 数据持久化:通过JDBC...
同时,需要考虑身份验证和授权机制,如OAuth或JAAS(Java Authentication and Authorization Service)。 6. **性能和可扩展性**:考虑到需要处理大量实时数据,系统应能处理高并发,并且能够随着业务增长而扩展。...
11. **安全性**:涉及身份验证、授权、加密以及合规性要求,如SSL/TLS、JAAS(Java Authentication and Authorization Service)等。 12. **持续集成与部署**:如Jenkins、Maven和Docker等工具的使用,能提升开发...
6. **安全控制**:集成JAAS(Java Authentication and Authorization Service),实现用户身份验证和权限控制,保障系统安全。 7. **部署与伸缩性**:J2EE应用服务器如Tomcat、WildFly、WebLogic等提供了高可用性和...
6. **安全与认证**:J2EE平台内置了安全机制,包括角色基的访问控制(RBAC)、SSL/TLS加密、容器管理的身份验证和授权,以及JAAS(Java Authentication and Authorization Service)。 7. **部署与容器**:J2EE应用...
- **JAAS**:Java Authentication and Authorization Service,用于用户身份验证和权限控制。 - **HTTPS**:确保数据传输的安全性,防止敏感信息被窃取。 - **角色与权限**:定义不同用户角色(如管理员、普通...
“Hotel”系统可能采用了Spring Security或 JAAS(Java Authentication and Authorization Service)进行用户身份验证和权限控制,保护系统免受非法访问。 7. **数据库设计**: 数据库是系统的基础,合理的表结构...