Configurando segurança no glasfish

Rommel · Dezembro 6, 2010, 12:14pm

Estou tentando fazer uma autenticão usando glassfish e um formulario web com o metodo no web.xml FORM, mas só retornou login errado.

Adicionei o jar do banco Oracle na pasta do glassfish pq ele não estava pingnado o banco e depois disso ele só dá erro no login.
Configurei só duas tabela para ficar mais facil,as do usuario e a do grupos e nada.

Web login failed: Login failed: javax.security.auth.login.LoginException: java.lang.ExceptionInInitializerError
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:247)
at com.sun.gjc.common.DataSourceObjectBuilder.getDataSourceObject(DataSourceObjectBuilder.java:275)
at com.sun.gjc.common.DataSourceObjectBuilder.constructDataSourceObject(DataSourceObjectBuilder.java:108)
at com.sun.gjc.spi.ManagedConnectionFactory.getDataSource(ManagedConnectionFactory.java:1168)
at com.sun.gjc.spi.DSManagedConnectionFactory.getDataSource(DSManagedConnectionFactory.java:135)
at com.sun.gjc.spi.DSManagedConnectionFactory.createManagedConnection(DSManagedConnectionFactory.java:90)
at com.sun.enterprise.resource.allocator.LocalTxConnectorAllocator.createResource(LocalTxConnectorAllocator.java:73)
at com.sun.enterprise.resource.pool.ConnectionPool.createSingleResource(ConnectionPool.java:841)
at com.sun.enterprise.resource.pool.ConnectionPool.createResource(ConnectionPool.java:1110)
at com.sun.enterprise.resource.pool.datastructure.ListDataStructure.addResource(ListDataStructure.java:121)
at com.sun.enterprise.resource.pool.ConnectionPool.addResource(ConnectionPool.java:277)
at com.sun.enterprise.resource.pool.ConnectionPool.createResourceAndAddToPool(ConnectionPool.java:1404)
at com.sun.enterprise.resource.pool.ConnectionPool.createResources(ConnectionPool.java:869)
at com.sun.enterprise.resource.pool.ConnectionPool.initPool(ConnectionPool.java:229)
at com.sun.enterprise.resource.pool.ConnectionPool.internalGetResource(ConnectionPool.java:455)
at com.sun.enterprise.resource.pool.ConnectionPool.getResource(ConnectionPool.java:369)
at com.sun.enterprise.resource.pool.PoolManagerImpl.getResourceFromPool(PoolManagerImpl.java:226)
at com.sun.enterprise.resource.pool.PoolManagerImpl.getResource(PoolManagerImpl.java:150)
at com.sun.enterprise.connectors.ConnectionManagerImpl.getResource(ConnectionManagerImpl.java:327)
at com.sun.enterprise.connectors.ConnectionManagerImpl.internalGetConnection(ConnectionManagerImpl.java:290)
at com.sun.enterprise.connectors.ConnectionManagerImpl.allocateConnection(ConnectionManagerImpl.java:182)
at com.sun.enterprise.connectors.ConnectionManagerImpl.allocateConnection(ConnectionManagerImpl.java:159)
at com.sun.enterprise.connectors.ConnectionManagerImpl.allocateConnection(ConnectionManagerImpl.java:154)
at com.sun.gjc.spi.base.DataSource.getConnection(DataSource.java:127)
at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.getConnection(JDBCRealm.java:543)
at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.isUserValid(JDBCRealm.java:393)
at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.authenticate(JDBCRealm.java:311)
at com.sun.enterprise.security.auth.login.JDBCLoginModule.authenticate(JDBCLoginModule.java:72)
at com.sun.enterprise.security.auth.login.PasswordLoginModule.authenticateUser(PasswordLoginModule.java:90)
at com.sun.appserv.security.AppservPasswordLoginModule.login(AppservPasswordLoginModule.java:141)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:341)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:199)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:152)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:479)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:418)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:264)
at org.apache.catalina.authenticator.AuthenticatorBase.processSecurityCheck(AuthenticatorBase.java:1015)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:614)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:615)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.lang.SecurityException: Sealing violation loading oracle.jdbc.driver.OracleDriver : Package oracle.jdbc.driver is sealed.
at org.glassfish.web.loader.WebappClassLoader.findClassInternal(WebappClassLoader.java:2047)
at org.glassfish.web.loader.WebappClassLoader.findClass(WebappClassLoader.java:894)
at org.glassfish.web.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1449)
at oracle.jdbc.pool.OracleDataSource.(OracleDataSource.java:95)
… 70 more

INFO: JACC Policy Provider: Failed Permission Check, context(portal/portal)- permission((org.osgi.framework.AdminPermission (id=234) resolve,resource))

AVISO: Web login failed: Login failed: javax.security.auth.login.LoginException: Security Exception

AVISO: Web login failed: Login failed: javax.security.auth.login.LoginException: Security Exception

Uma luz ficarei muito grato :D.

Diabo_Loiro · Dezembro 6, 2010, 1:51pm

Acho que o jar deve ficar na aplicação posta seu codigo ai, ou a maneira como esta tentando configurar.

Rommel · Dezembro 6, 2010, 3:21pm

Na aplicação tb tem.

A intenção é fazer a autenticação sem personalizar( Custom ), somente pelo container no caso o glassfish.

Os passos foram:
1-Configurar a conexão jdbc no glassfish ->painel do administrador/recursos/jdbc/ Recursos JDBC e Grupos de conexões
2-Ainda no Glassfish configurar o Dominio( realm ) ->painel do administrador/configurações/dominios
3-depois na aplicação configurando o sun-webxml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="">

	<context-root>/testeSegurancaTeimosa</context-root>
	<security-role-mapping>
		<role-name>ADMINISTRADOR</role-name>
		<group-name>ADMINISTRADOR</group-name>
	</security-role-mapping>
	<class-loader delegate="false" />
	<jsp-config>
		<property name="keepgenerated" value="true">
			<description>Keep a copy of the generated servlet class java code.</description>
		</property>
	</jsp-config>

</sun-web-app>

4-Configurando o web.xml

<security-constraint>
             <display-name>SecurityConstraint</display-name>
            <web-resource-collection>
                  <web-resource-name>WRCollection</web-resource-name>
                 <url-pattern>/*</url-pattern>
         </web-resource-collection>
            <auth-constraint>
                  <role-name>ADMINISTRADOR</role-name>
            </auth-constraint>
            <user-data-constraint>
                <transport-guarantee>NONE</transport-guarantee>
            </user-data-constraint>
       </security-constraint>
      <login-config>
            <auth-method>FORM</auth-method>
            <realm-name>testLiber</realm-name>
         <form-login-config>
                  <form-login-page>/login.jsp</form-login-page>
                 <form-error-page>/erro.html</form-error-page>
          </form-login-config>
     </login-config>
     <security-role>
        <role-name>ADMINISTRADOR</role-name>
    </security-role>

5-
E as tag forms[code]

</tr>
<tr>
	<td><label for="senha">Senha:</label></td>
	<td><input type="password" id="senha" name="j_password" /></td>

</tr>
<tr>
	<td><input type="submit" value="Login"></input></td>
</tr>

Usuário:

[/code] acho que esquece nada

system · Dezembro 30, 2015, 5:11pm

Configurando segurança no glasfish

Cursos de Mobile

Cursos de Programação

Cursos de Front-end

Cursos de DevOps

Cursos de Design & UX

Cursos de Business

Cursos de Data & BI