Weblogic9扩展JAAS应用注意点

Dead_knight

浏览: 1200890 次
性别:
来自: 杭州

最近访客更多访客>>

lawsystem

lkkmm

9997766

andyniu

博主相关

博客

微博

相册

留言

关于我

博客专栏

: Spring Securi...
浏览量：240185

: clojure专题
浏览量：48911

: WebLogic11g
浏览量：236861

文章分类

社区版块

存档分类

博客分类：

weblogic

Weblogic Security XML

一、创建 MBean 定义文件MDF（与Weblogic8一致）
文件名称为：WorkSecurityAuthenticator.xml

<?xml version="1.0" ?>
<!DOCTYPE MBeanType SYSTEM "commo.dtd">
<MBeanType 
	Name          = "WorkSecurityAuthenticator"
	DisplayName   = "Work Security Authenticator"
 	Package       = "com.pims.work.auth.security"
	Extends       = "weblogic.management.security.authentication.Authenticator"
	PersistPolicy = "OnUpdate"	
	Description   = "This MBean represents configuration attributes for the WebLogic Authorization provider."
>
	<MBeanAttribute  
	  	Name          = "ProviderClassName"
	  	Type          = "java.lang.String"
	  	Writeable     = "false"
	  	Default       = "&quot;com.pims.work.auth.security.WorkAuthProviderImpl&quot;"		
	  	Description   = "The name of the Java class used to load the WebLogic Authorization provider."
	/>
	
	<MBeanAttribute 
		Name = "Description"
		Type = "java.lang.String"
		Writeable = "false"
		Default = "&quot;Weblogic Default Authorization Provider&quot;"    
		Description = "A short description of the WebLogic Authorization provider."
	/>
	
	<MBeanAttribute 
		Name = "Version" 
		Type = "java.lang.String" 
		Writeable = "false" 
		Default = "&quot;1.0&quot;" 
		Description = "The version of the WebLogic Authorization provider."
	/>
	
</MBeanType>

二、使用 WebLogic MBeanMaker 生成 MBean 类型
java -classpath "D:\bea9\weblogic92\server\lib\mbeantypes\wlManagement.jar;D:\bea9\weblogic92\server\lib\weblogic.jar;D:\bea9\jdk150_12\lib\tools.jar;D:\bea9\jdk150_12\lib\rt.jar;d:\auth" -DMDF="D:\auth\WorkSecurityAuthenticator.xml" -Dfiles="D:\auth" -DcreateStubs="true" weblogic.management.commo.WebLogicMBeanMaker

三、创建运行时类

package com.pims.work.auth.security;

import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import weblogic.management.security.ProviderMBean;
import weblogic.security.provider.PrincipalValidatorImpl;
import weblogic.security.spi.AuthenticationProviderV2;
import weblogic.security.spi.IdentityAsserterV2;
import weblogic.security.spi.PrincipalValidator;
import weblogic.security.spi.SecurityServices;

public final class WorkAuthProviderImpl implements AuthenticationProviderV2
{   
    private String description;   
    private LoginModuleControlFlag controlFlag;   
    public void initialize(ProviderMBean mbean, SecurityServices services)  
    {      
        WorkSecurityAuthenticatorMBean myMBean = (WorkSecurityAuthenticatorMBean)mbean;      
        description = myMBean.getDescription() + "\n" + myMBean.getVersion();      
        String flag = myMBean.getControlFlag();      
        if (flag.equalsIgnoreCase("REQUIRED")) 
        {        
            controlFlag = LoginModuleControlFlag.REQUIRED;      
        } 
        else if (flag.equalsIgnoreCase("OPTIONAL")) 
        {        
            controlFlag = LoginModuleControlFlag.OPTIONAL;      
        }
        else if (flag.equalsIgnoreCase("REQUISITE")) 
        {        
            controlFlag = LoginModuleControlFlag.REQUISITE;      
        } 
        else if (flag.equalsIgnoreCase("SUFFICIENT")) 
        {        
            controlFlag = LoginModuleControlFlag.SUFFICIENT;      
        } 
        else 
        {       
            throw new IllegalArgumentException("invalid flag value" + flag);      
        }   
    }   
    
    public String getDescription()  
    {      
        return description;  
    }   
    
    public void shutdown()  
    {      
        System.out.println("WorkAuthProviderImpl.shutdown");  
    }  

    private AppConfigurationEntry getConfiguration(HashMap options)   
    {      
        return new AppConfigurationEntry("com.pims.work.auth.security.WorkLoginModuleImpl", controlFlag, options);   
    }   
    
    public AppConfigurationEntry getLoginModuleConfiguration()   
    {      
        HashMap options = new HashMap();      
        return getConfiguration(options);   
    }   
    
    public AppConfigurationEntry getAssertionModuleConfiguration()   
    {      
        HashMap options = new HashMap();      
        options.put("IdentityAssertion","true");      
        return getConfiguration(options);   
    }   
    
    public PrincipalValidator getPrincipalValidator()    
    {      
        return new PrincipalValidatorImpl();   
    }   
    
    public IdentityAsserterV2 getIdentityAsserter()   
    {      
        return null;   
    }
}

其中com.pims.work.auth.security.WorkLoginModuleImpl为JAAS的LoginModule实现类。

四、使用 WebLogic MBeanMaker 创建 MBean JAR 文件 (MJF)
java -classpath "D:\bea9\weblogic92\server\lib\mbeantypes\wlManagement.jar;D:\bea9\weblogic92\server\lib\weblogic.jar;D:\bea9\jdk150_12\lib\tools.jar;D:\bea9\jdk150_12\lib\rt.jar;d:\auth" -DMJF="D:\auth\lib\WorkAuthProvider.jar" -Dfiles="D:\auth" -DcreateStubs="true" weblogic.management.commo.WebLogicMBeanMaker

五、把产生的jar包放到WL_HOME/server/lib/mbeantypes/目录下，并在控制台进行配置。

0
顶

0
踩

分享到：

Weblogic中通过IdentityAsserter实现SSO | 性能优化(案例二)-JMS缓冲短信网关

2011-05-24 23:05
浏览 1912
评论(2)
分类:企业架构
查看更多

2 楼 Dead_knight 2012-05-22

weblogic10对于JAAS的支持部分我还没部署过，你的问题没解决的话，我可以帮忙研究一下

1 楼 rainbow_2000 2012-05-21

您好，请问weblogic10.3扩展JAAS有什么区别，正在做这个，生成MJF的时候失败。
前面的和weblogic9的好像是一样的。

发表评论

您还没有登录,请您登录后再发表评论