JAAS Glassfish V3 - -----RESOLVIDO---APOS 10000 de toturiais ----ATÉ QUE ENFIM (Obrigao a todos)

2 de novembro de 2010 13 respostas

sbb_20 2 de novembro de 2010

Estou tentando testar um exemplo mas nada de funcionar, alguém sabe o que falta ou o que esta errado?

(confuguração glassfish v3)

Recurso JDBC
JNDI = DBImovel

Grupo de conexão
mysql_imovel_rootPool

Dominio
nome do dominio: imovelRealm
Nome da classe: JDBCRealm
contexto do jaas: jdbcRealm
tabela de usuarios: cliente
coluna de nomes de usuarios: usuario
coluna de senhas: senha
tabela de grupo: grupo
coluna de nomes de grupo: nome

— estou usando um banco Mysql
tem uma tebela de cliente com varios campos entre eles usuario e senha
criei uma tabela GRUPO com id(pk), usuario(fk) e nome(do grupo)

-----web.xml—

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
    <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Development</param-value>
    </context-param>
    <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>Faces Servlet</servlet-name>
        <url-pattern>/faces/*</url-pattern>
    </servlet-mapping>
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
        <welcome-file>faces/template.xhtml</welcome-file>
    </welcome-file-list>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>RI</web-resource-name>
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>rolecliente</role-name>
        </auth-constraint>
    </security-constraint>
    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>imovelRealm</realm-name>
    </login-config>
</web-app>

—sun-web.xml—

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD GlassFish Application Server 3.0 Servlet 3.0//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_3_0-0.dtd">
<sun-web-app error-url="">
  <context-root>/site</context-root>
  <security-role-mapping>
    <role-name>rolecliente</role-name>
    <group-name>CLIENTE</group-name>
  </security-role-mapping>
  <class-loader delegate="true"/>
  <jsp-config>
    <property name="keepgenerated" value="true">
      <description>Keep a copy of the generated servlet class' java code.</description>
    </property>
  </jsp-config>
</sun-web-app>

—sun-resources.xml----

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE resources PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Resource Definitions //EN" "http://www.sun.com/software/appserver/dtds/sun-resources_1_3.dtd">
<resources>
    <jdbc-connection-pool allow-non-component-callers="false" associate-with-thread="false" connection-creation-retry-attempts="0" connection-creation-retry-interval-in-seconds="10" connection-leak-reclaim="false" connection-leak-timeout-in-seconds="0" connection-validation-method="auto-commit" datasource-classname="com.mysql.jdbc.jdbc2.optional.MysqlDataSource" fail-all-connections="false" idle-timeout-in-seconds="300" is-connection-validation-required="false" is-isolation-level-guaranteed="true" lazy-connection-association="false" lazy-connection-enlistment="false" match-connections="false" max-connection-usage-count="0" max-pool-size="32" max-wait-time-in-millis="60000" name="mysql_Imovel_rootPool" non-transactional-connections="false" pool-resize-quantity="2" res-type="javax.sql.DataSource" statement-timeout-in-seconds="-1" steady-pool-size="8" validate-atmost-once-period-in-seconds="0" wrap-jdbc-objects="false">
        <property name="serverName" value="127.0.0.1"/>
        <property name="portNumber" value="3306"/>
        <property name="databaseName" value="Imovel"/>
        <property name="User" value="root"/>
        <property name="Password" value="root"/>
        <property name="URL" value="jdbc:mysql://127.0.0.1:3306/Imovel"/>
        <property name="driverClass" value="com.mysql.jdbc.Driver"/>
    </jdbc-connection-pool>
    <jdbc-resource enabled="true" jndi-name="DBImovel" object-type="user" pool-name="mysql_Imovel_rootPool"/>
</resources>

13 Respostas

sbb_20 3 de nov. de 2010

alguém se abilita?

vamo la galera, eu nao consigo logar nem a pau, fica so na tela de login do servidor, ja coloquei todo tipo de senha possivel mais nada de logar… alguem ja teve o mesmo problema?

Flavio_Almeida 3 de nov. de 2010

Difícil alguém se habilitar sem você descrever o erro que está acontecendo.

sbb_20 3 de nov. de 2010

então, mas nao da msg de erro nenhum, simplesmente estou usando o metodo BASIC de autenticação, só que insiro usuario e senha e não loga, volta para a tela para digitar usuario e senha novamente!!

configurei o servidor glassfish com as informações que postei ai, e minha aplicação para testar coloquei para exigir autenticacao em todas as telas

sbb_20 4 de nov. de 2010

alguem ai para ajudar, indica algum livro, tutorial, qualquer coisa!!!

ja fiz uns 10 exemplos mas nada de funcionar!!

garcia-jj 4 de nov. de 2010

Poste aqui seu domain.xml.

Erros de configuração do JAAS não são reportados em log nem na tela, e o resultado é que você simplesmente não consegue conectar.

sbb_20 4 de nov. de 2010

domain.xml

- <domain log-root="${com.sun.aas.instanceRoot}/logs" application-root="${com.sun.aas.instanceRoot}/applications" version="22">
- <system-applications>
- <application context-root="" location="${com.sun.aas.installRootURI}/lib/install/applications/__admingui" directory-deployed="true" name="__admingui" object-type="system-admin">
- <module name="__admingui">
  <engine sniffer="web" /> 
  <engine sniffer="security" /> 
  </module>
  </application>
  </system-applications>
- <applications>
- <application context-root="/siteImovel" location="file:/C:/Users/Sergio/Documents/NetBeansProjects/siteImovel/build/web/" directory-deployed="true" name="siteImovel" object-type="user">
  <property name="org.glassfish.ejb.container.application_unique_id" value="84463343630876672" /> 
  <property name="org.glassfish.persistence.app_name_property" value="siteImovel" /> 
  <property name="defaultAppName" value="web" /> 
  <property name="keepSessions" value="true" /> 
- <module name="siteImovel">
  <engine sniffer="ejb" /> 
  <engine sniffer="security" /> 
  <engine sniffer="jpa" /> 
  <engine sniffer="web" /> 
  </module>
  </application>
  </applications>
- <resources>
  <jdbc-resource pool-name="SamplePool" jndi-name="jdbc/sample" /> 
  <jdbc-resource pool-name="__TimerPool" jndi-name="jdbc/__TimerPool" object-type="system-admin" /> 
  <jdbc-resource pool-name="DerbyPool" jndi-name="jdbc/__default" /> 
- <jdbc-connection-pool datasource-classname="org.apache.derby.jdbc.EmbeddedXADataSource" res-type="javax.sql.XADataSource" name="__TimerPool">
  <property name="databaseName" value="${com.sun.aas.instanceRoot}/lib/databases/ejbtimer" /> 
  <property name="connectionAttributes" value=";create=true" /> 
  </jdbc-connection-pool>
- <jdbc-connection-pool is-isolation-level-guaranteed="false" datasource-classname="org.apache.derby.jdbc.ClientDataSource" res-type="javax.sql.DataSource" name="DerbyPool">
  <property name="PortNumber" value="1527" /> 
  <property name="Password" value="APP" /> 
  <property name="User" value="APP" /> 
  <property name="serverName" value="localhost" /> 
  <property name="DatabaseName" value="sun-appserv-samples" /> 
  <property name="connectionAttributes" value=";create=true" /> 
  </jdbc-connection-pool>
- <jdbc-connection-pool connection-validation-method="auto-commit" datasource-classname="org.apache.derby.jdbc.ClientDataSource" wrap-jdbc-objects="false" res-type="javax.sql.DataSource" name="SamplePool">
  <property name="DatabaseName" value="sample" /> 
  <property name="User" value="app" /> 
  <property name="Password" value="app" /> 
  <property name="URL" value="jdbc:derby://localhost:1527/sample" /> 
  <property name="PortNumber" value="1527" /> 
  <property name="serverName" value="localhost" /> 
  </jdbc-connection-pool>
- <jdbc-connection-pool connection-validation-method="auto-commit" datasource-classname="com.mysql.jdbc.jdbc2.optional.MysqlDataSource" res-type="javax.sql.DataSource" wrap-jdbc-objects="false" name="mysql_Imovel_rootPool">
  <property name="URL" value="jdbc:mysql://127.0.0.1:3306/Imovel" /> 
  <property name="driverClass" value="com.mysql.jdbc.Driver" /> 
  <property name="Password" value="root" /> 
  <property name="portNumber" value="3306" /> 
  <property name="databaseName" value="Imovel" /> 
  <property name="User" value="root" /> 
  <property name="serverName" value="127.0.0.1" /> 
  </jdbc-connection-pool>
  <jdbc-resource pool-name="mysql_Imovel_rootPool" jndi-name="DBImovel" /> 
  </resources>
- <servers>
- <server name="server" config-ref="server-config">
  <application-ref ref="__admingui" virtual-servers="__asadmin" /> 
  <application-ref ref="siteImovel" virtual-servers="server" /> 
  <resource-ref ref="jdbc/__TimerPool" /> 
  <resource-ref ref="jdbc/__default" /> 
  <resource-ref ref="jdbc/sample" /> 
  <resource-ref ref="DBImovel" /> 
  </server>
  </servers>
- <configs>
- <config name="server-config">
- <http-service>
  <access-log /> 
  <virtual-server id="server" network-listeners="http-listener-1,http-listener-2" /> 
  <virtual-server id="__asadmin" network-listeners="admin-listener" /> 
  </http-service>
- <iiop-service>
  <orb use-thread-pool-ids="thread-pool-1" /> 
  <iiop-listener port="3700" id="orb-listener-1" address="0.0.0.0" lazy-init="true" /> 
- <iiop-listener port="3820" id="SSL" address="0.0.0.0" security-enabled="true">
  <ssl cert-nickname="s1as" /> 
  </iiop-listener>
- <iiop-listener port="3920" id="SSL_MUTUALAUTH" address="0.0.0.0" security-enabled="true">
  <ssl cert-nickname="s1as" client-auth-enabled="true" /> 
  </iiop-listener>
  </iiop-service>
- <admin-service system-jmx-connector-name="system" type="das-and-server">
  <jmx-connector port="8686" address="0.0.0.0" security-enabled="false" name="system" auth-realm-name="admin-realm" /> 
  <das-config dynamic-reload-enabled="true" autodeploy-dir="${com.sun.aas.instanceRoot}/autodeploy" autodeploy-enabled="true" /> 
  <property name="adminConsoleContextRoot" value="/admin" /> 
  <property name="adminConsoleDownloadLocation" value="${com.sun.aas.installRoot}/lib/install/applications/admingui.war" /> 
  <property name="ipsRoot" value="${com.sun.aas.installRoot}/.." /> 
  <property name="adminConsoleVersion" value="3.0.1,0-22:20100608T221423Z" /> 
  </admin-service>
  <connector-service /> 
- <web-container>
- <session-config>
- <session-manager>
  <manager-properties /> 
  <store-properties /> 
  </session-manager>
  <session-properties /> 
  </session-config>
  </web-container>
- <ejb-container session-store="${com.sun.aas.instanceRoot}/session-store">
  <ejb-timer-service /> 
  </ejb-container>
  <mdb-container /> 
- <jms-service default-jms-host="default_JMS_host" type="EMBEDDED">
  <jms-host host="localhost" name="default_JMS_host" lazy-init="true" /> 
  </jms-service>
- <security-service default-realm="imovelRealm">
- <auth-realm name="admin-realm" classname="com.sun.enterprise.security.auth.realm.file.FileRealm">
  <property name="file" value="${com.sun.aas.instanceRoot}/config/admin-keyfile" /> 
  <property name="jaas-context" value="fileRealm" /> 
  </auth-realm>
- <auth-realm name="file" classname="com.sun.enterprise.security.auth.realm.file.FileRealm">
  <property name="file" value="${com.sun.aas.instanceRoot}/config/keyfile" /> 
  <property name="jaas-context" value="fileRealm" /> 
  </auth-realm>
  <auth-realm name="certificate" classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" /> 
- <auth-realm name="imovelRealm" classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm">
  <property name="jaas-context" value="jdbcRealm" /> 
  <property name="datasource-jndi" value="DBImovel" /> 
  <property name="user-table" value="cliente" /> 
  <property name="user-name-column" value="usuario" /> 
  <property name="password-column" value="senha" /> 
  <property name="group-table" value="grupo" /> 
  <property name="group-name-column" value="nome" /> 
  </auth-realm>
- <jacc-provider policy-provider="com.sun.enterprise.security.provider.PolicyWrapper" name="default" policy-configuration-factory-provider="com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl">
  <property name="repository" value="${com.sun.aas.instanceRoot}/generated/policy" /> 
  </jacc-provider>
  <jacc-provider policy-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyProvider" name="simple" policy-configuration-factory-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyConfigurationFactory" /> 
- <audit-module name="default" classname="com.sun.enterprise.security.Audit">
  <property name="auditOn" value="false" /> 
  </audit-module>
- <message-security-config auth-layer="SOAP">
- <provider-config provider-type="client" provider-id="XWS_ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
  <request-policy auth-source="content" /> 
  <response-policy auth-source="content" /> 
  <property name="encryption.key.alias" value="s1as" /> 
  <property name="signature.key.alias" value="s1as" /> 
  <property name="dynamic.username.password" value="false" /> 
  <property name="debug" value="false" /> 
  </provider-config>
- <provider-config provider-type="client" provider-id="ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule">
  <request-policy auth-source="content" /> 
  <response-policy auth-source="content" /> 
  <property name="encryption.key.alias" value="s1as" /> 
  <property name="signature.key.alias" value="s1as" /> 
  <property name="dynamic.username.password" value="false" /> 
  <property name="debug" value="false" /> 
  <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" /> 
  </provider-config>
- <provider-config provider-type="server" provider-id="XWS_ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
  <request-policy auth-source="content" /> 
  <response-policy auth-source="content" /> 
  <property name="encryption.key.alias" value="s1as" /> 
  <property name="signature.key.alias" value="s1as" /> 
  <property name="debug" value="false" /> 
  </provider-config>
- <provider-config provider-type="server" provider-id="ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule">
  <request-policy auth-source="content" /> 
  <response-policy auth-source="content" /> 
  <property name="encryption.key.alias" value="s1as" /> 
  <property name="signature.key.alias" value="s1as" /> 
  <property name="debug" value="false" /> 
  <property name="security.config" value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" /> 
  </provider-config>
  </message-security-config>
  </security-service>
  <transaction-service tx-log-dir="${com.sun.aas.instanceRoot}/logs" /> 
- <monitoring-service>
  <module-monitoring-levels /> 
  </monitoring-service>
- <java-config debug-options="-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=9009" system-classpath="" classpath-suffix="">
  <jvm-options>-XX:MaxPermSize=192m</jvm-options> 
  <jvm-options>-client</jvm-options> 
  <jvm-options>-XX:+UnlockDiagnosticVMOptions</jvm-options> 
  <jvm-options>-XX:+LogVMOutput</jvm-options> 
  <jvm-options>-XX:LogFile=${com.sun.aas.instanceRoot}/logs/jvm.log</jvm-options> 
  <jvm-options>-Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed</jvm-options> 
  <jvm-options>-Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy</jvm-options> 
  <jvm-options>-Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf</jvm-options> 
  <jvm-options>-Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as</jvm-options> 
  <jvm-options>-Xmx512m</jvm-options> 
  <jvm-options>-Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks</jvm-options> 
  <jvm-options>-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks</jvm-options> 
  <jvm-options>-Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext</jvm-options> 
  <jvm-options>-Djdbc.drivers=org.apache.derby.jdbc.ClientDriver</jvm-options> 
  <jvm-options>-DANTLR_USE_DIRECT_CLASS_LOADING=true</jvm-options> 
  <jvm-options>-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory</jvm-options> 
  <jvm-options>-Dosgi.shell.telnet.port=6666</jvm-options> 
  <jvm-options>-Dosgi.shell.telnet.maxconn=1</jvm-options> 
  <jvm-options>-Dosgi.shell.telnet.ip=127.0.0.1</jvm-options> 
  <jvm-options>-Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/</jvm-options> 
  <jvm-options>-Dfelix.fileinstall.poll=5000</jvm-options> 
  <jvm-options>-Dfelix.fileinstall.debug=1</jvm-options> 
  <jvm-options>-Dfelix.fileinstall.bundles.new.start=true</jvm-options> 
  <jvm-options>-Dorg.glassfish.web.rfc2109_cookie_names_enforced=false</jvm-options> 
  <jvm-options>-XX:NewRatio=2</jvm-options> 
  </java-config>
- <network-config>
- <protocols>
- <protocol name="http-listener-1">
- <http max-connections="250" default-virtual-server="server" server-name="">
  <file-cache enabled="false" /> 
  </http>
  </protocol>
- <protocol security-enabled="true" name="http-listener-2">
- <http max-connections="250" default-virtual-server="server" server-name="">
  <file-cache enabled="false" /> 
  </http>
  <ssl ssl3-enabled="false" cert-nickname="s1as" /> 
  </protocol>
- <protocol name="admin-listener">
- <http max-connections="250" default-virtual-server="__asadmin" server-name="">
  <file-cache enabled="false" /> 
  </http>
  </protocol>
  </protocols>
- <network-listeners>
  <network-listener port="8080" protocol="http-listener-1" transport="tcp" name="http-listener-1" thread-pool="http-thread-pool" /> 
  <network-listener port="8181" protocol="http-listener-2" transport="tcp" name="http-listener-2" thread-pool="http-thread-pool" /> 
  <network-listener port="4848" protocol="admin-listener" transport="tcp" name="admin-listener" thread-pool="http-thread-pool" /> 
  </network-listeners>
- <transports>
  <transport name="tcp" /> 
  </transports>
  </network-config>
- <thread-pools>
  <thread-pool name="http-thread-pool" /> 
  <thread-pool name="thread-pool-1" max-thread-pool-size="200" /> 
  </thread-pools>
  </config>
  </configs>
  <property name="administrative.domain.name" value="domain1" /> 
  </domain>

garcia-jj 4 de nov. de 2010

Olhei seu web.xml e seu domain.xml e parece estar tudo certo.

Creio que deva ser algo na base de dados mesmo. A senha do cliente está plana ou crifrada no banco? Tem um parametro chamado digest-algorithm onde você pode passar um algoritmo de criptografia.

sbb_20 4 de nov. de 2010

então cara, a senha esta plana e ja coloquei “none” neste atributo mas nada…

sbb_20 5 de nov. de 2010

Agora esta ao menos aparecendo um erro, já considero um avanço rs!!

coloco usuario e senha e aparece esse erro!!

[color=red]GRAVE: SEC1112: Cannot validate user [abc] for JDBC realm.
AVISO: Web login failed: Login failed: javax.security.auth.login.LoginException: Security Exception[/color]

alguém ai sabe o que pode ser?

tem que add algum jar??

sbb_20 5 de nov. de 2010

Putz, depois de exatos 5 dias consegui fazer funcionar!! acho que li e fiz uns 1000 tutoriais!!

alan.vribeiro 18 de out. de 2011

sbb_20

Estou com o mesmo problema relatado na sua ultima mensagem:

GRAVE: SEC1112: Cannot validate user [teste] for JDBC realm.
AVISO: Web login failed: Login failed: javax.security.auth.login.LoginException: Security Exception

Já fiz também uns 1000 tutoriais e tem umas duas semanas que estou lutando com isso, mas nada até agora... rsrsr Unica diferença que vi nos tutos é que meu banco está mapeado assim:

-------------------------------------------
                  usuario                             
-------------------------------------------
iduser: Long (PK)
...
loginuser: character varying(50)
senhauser: character varying(50)
...
idgrupo: Long (FK)
-------------------------------------------

-------------------------------------------
              grupousuario                             
-------------------------------------------
idgrupo: Long (PK)
nomegrupo: character varying(50) 
-------------------------------------------

Você disse que conseguiu resolver! Pode me ajudar???? Muito grato!

sbb_20 22 de out. de 2011

cara se vc fez as configurações tudo certinho conforme este tutorial
http://imasters.com.br/artigo/16466/java/autenticacao-e-autorizacao-jaas-com-jdbc-realm não tem como dar errado.

Pelo que vi vc tem q começar mudando seu esquema do banco para

USUARIO
iduser: Long (PK)
…
loginuser: caracter(50)
senhauser: caracter(50)
…
OBS.: não estou usando o campo idgrupo (FK)

GRUPOUSUARIO
usuario_loginuser: Long (FK) Referenciando iduser da tabela USUARIO
nomegrupo: caracter(50)

Obs.: quando vc mapeia os campos nas config do jaas vc usa apenas esses campos, ou seja, do jeito que vc estava relacionando as tabelas é como se não tivesse uma relação entre elas para o jaas. o jaas vai usar o loginuser e senhauser para verificar se as credenciais sao validas, feito isso ele busca na tabela de grupousuario onde loginuser = usuario_loginuser e retorna o nomegrupo para a aplicação.

Abraço.

espero ter ajudado, qlqr coisa da um toque!

alan.vribeiro 24 de out. de 2011

sbb_20,

Era isso mesmo!
Alterei a estrutura do banco e funcionou. O engraçado é este relacionamento que parece ser exigência da implementação JDBCRealm (Um grupo pode conter apenas um usuario e um usuário pode estar em vários grupos). Não está normalizada…

Mas obrigado pela dica!
Att,

Criado 2 de novembro de 2010

Ultima resposta 24 de out. de 2011

Respostas 13

Participantes 4

13 Respostas

Topicos relacionados