Configurando segurança no glasfish

Estou tentando fazer uma autenticão usando glassfish e um formulario web com o metodo no web.xml FORM, mas só retornou login errado.

Adicionei o jar do banco Oracle na pasta do glassfish pq ele não estava pingnado o banco e depois disso ele só dá erro no login.
Configurei só duas tabela para ficar mais facil,as do usuario e a do grupos e nada.

Web login failed: Login failed: javax.security.auth.login.LoginException: java.lang.ExceptionInInitializerError

at java.lang.Class.forName0(Native Method)

at java.lang.Class.forName(Class.java:247)

at com.sun.gjc.common.DataSourceObjectBuilder.getDataSourceObject(DataSourceObjectBuilder.java:275)

at com.sun.gjc.common.DataSourceObjectBuilder.constructDataSourceObject(DataSourceObjectBuilder.java:108)

at com.sun.gjc.spi.ManagedConnectionFactory.getDataSource(ManagedConnectionFactory.java:1168)

at com.sun.gjc.spi.DSManagedConnectionFactory.getDataSource(DSManagedConnectionFactory.java:135)

at com.sun.gjc.spi.DSManagedConnectionFactory.createManagedConnection(DSManagedConnectionFactory.java:90)

at com.sun.enterprise.resource.allocator.LocalTxConnectorAllocator.createResource(LocalTxConnectorAllocator.java:73)

at com.sun.enterprise.resource.pool.ConnectionPool.createSingleResource(ConnectionPool.java:841)

at com.sun.enterprise.resource.pool.ConnectionPool.createResource(ConnectionPool.java:1110)

at com.sun.enterprise.resource.pool.datastructure.ListDataStructure.addResource(ListDataStructure.java:121)

at com.sun.enterprise.resource.pool.ConnectionPool.addResource(ConnectionPool.java:277)

at com.sun.enterprise.resource.pool.ConnectionPool.createResourceAndAddToPool(ConnectionPool.java:1404)

at com.sun.enterprise.resource.pool.ConnectionPool.createResources(ConnectionPool.java:869)

at com.sun.enterprise.resource.pool.ConnectionPool.initPool(ConnectionPool.java:229)

at com.sun.enterprise.resource.pool.ConnectionPool.internalGetResource(ConnectionPool.java:455)

at com.sun.enterprise.resource.pool.ConnectionPool.getResource(ConnectionPool.java:369)

at com.sun.enterprise.resource.pool.PoolManagerImpl.getResourceFromPool(PoolManagerImpl.java:226)

at com.sun.enterprise.resource.pool.PoolManagerImpl.getResource(PoolManagerImpl.java:150)

at com.sun.enterprise.connectors.ConnectionManagerImpl.getResource(ConnectionManagerImpl.java:327)

at com.sun.enterprise.connectors.ConnectionManagerImpl.internalGetConnection(ConnectionManagerImpl.java:290)

at com.sun.enterprise.connectors.ConnectionManagerImpl.allocateConnection(ConnectionManagerImpl.java:182)

at com.sun.enterprise.connectors.ConnectionManagerImpl.allocateConnection(ConnectionManagerImpl.java:159)

at com.sun.enterprise.connectors.ConnectionManagerImpl.allocateConnection(ConnectionManagerImpl.java:154)

at com.sun.gjc.spi.base.DataSource.getConnection(DataSource.java:127)

at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.getConnection(JDBCRealm.java:543)

at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.isUserValid(JDBCRealm.java:393)

at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.authenticate(JDBCRealm.java:311)

at com.sun.enterprise.security.auth.login.JDBCLoginModule.authenticate(JDBCLoginModule.java:72)

at com.sun.enterprise.security.auth.login.PasswordLoginModule.authenticateUser(PasswordLoginModule.java:90)

at com.sun.appserv.security.AppservPasswordLoginModule.login(AppservPasswordLoginModule.java:141)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:597)

at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)

at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)

at java.security.AccessController.doPrivileged(Native Method)

at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)

at javax.security.auth.login.LoginContext.login(LoginContext.java:579)

at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:341)

at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:199)

at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:152)

at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:479)

at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:418)

at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:264)

at org.apache.catalina.authenticator.AuthenticatorBase.processSecurityCheck(AuthenticatorBase.java:1015)

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:614)

at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:615)

at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)

at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)

at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)

at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)

at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)

at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)

at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)

at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)

at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)

at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)

at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)

at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)

at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)

at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)

at com.sun.grizzly.ContextTask.run(ContextTask.java:69)

at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)

at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)

at java.lang.Thread.run(Thread.java:619)

Caused by: java.lang.SecurityException: Sealing violation loading oracle.jdbc.driver.OracleDriver : Package oracle.jdbc.driver is sealed.

at org.glassfish.web.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:2047)

at org.glassfish.web.loader.WebappClassLoader.findClass(WebappClassLoader.java:894)

at org.glassfish.web.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1449)

at oracle.jdbc.pool.OracleDataSource.(OracleDataSource.java:95)

… 70 more

INFO: JACC Policy Provider: Failed Permission Check, context(portal/portal)- permission((org.osgi.framework.AdminPermission (id=234) resolve,resource))

AVISO: Web login failed: Login failed: javax.security.auth.login.LoginException: Security Exception

Uma luz ficarei muito grato :D.

Na aplicação tb tem.

A intenção é fazer a autenticação sem personalizar( Custom ), somente pelo container no caso o glassfish.

Os passos foram: 1-Configurar a conexão jdbc no glassfish ->painel do administrador/recursos/jdbc/ Recursos JDBC e Grupos de conexões 2-Ainda no Glassfish configurar o Dominio( realm ) ->painel do administrador/configurações/dominios 3-depois na aplicação configurando o sun-webxml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="">

	<context-root>/testeSegurancaTeimosa</context-root>
	<security-role-mapping>
		<role-name>ADMINISTRADOR</role-name>
		<group-name>ADMINISTRADOR</group-name>
	</security-role-mapping>
	<class-loader delegate="false" />
	<jsp-config>
		<property name="keepgenerated" value="true">
			<description>Keep a copy of the generated servlet class java code.</description>
		</property>
	</jsp-config>

</sun-web-app>

4-Configurando o web.xml

<security-constraint>
             <display-name>SecurityConstraint</display-name>
            <web-resource-collection>
                  <web-resource-name>WRCollection</web-resource-name>
                 <url-pattern>/*</url-pattern>
         </web-resource-collection>
            <auth-constraint>
                  <role-name>ADMINISTRADOR</role-name>
            </auth-constraint>
            <user-data-constraint>
                <transport-guarantee>NONE</transport-guarantee>
            </user-data-constraint>
       </security-constraint>
      <login-config>
            <auth-method>FORM</auth-method>
            <realm-name>testLiber</realm-name>
         <form-login-config>
                  <form-login-page>/login.jsp</form-login-page>
                 <form-error-page>/erro.html</form-error-page>
          </form-login-config>
     </login-config>
     <security-role>
        <role-name>ADMINISTRADOR</role-name>
    </security-role>

5- E as tag forms

<form method="post" action="j_security_check">
<table>
	<tr>
		<td><label for="username">Usuário:</label></td>
		<td><input type="text" id="usuario" name="j_username"></input></td>
	</tr>
	<tr>

	</tr>
	<tr>
		<td><label for="senha">Senha:</label></td>
		<td><input type="password" id="senha" name="j_password" /></td>

	</tr>
	<tr>
		<td><input type="submit" value="Login"></input></td>
	</tr>
</table>
</form>

acho que esquece nada

2 Respostas

Topicos relacionados