我正在尝试使用需要特定角色的 servlet 运行基本项目。
在 standalone.xml 配置文件中,我添加了一个数据源,该数据源具有与 derby DB 的 JDBC 绑定,其中包含启用身份验证和授权的表,该表是在我在同一文件中添加的特定安全域中定义的
<datasource jndi-name="java:jboss/datasources/TestDS" pool-name="TestDS" enabled="true">
<connection-url>jdbc:derby://localhost:1527/JPADB</connection-url>
<driver-class>org.apache.derby.jdbc.ClientDriver</driver-class>
<driver>derbyclient.jar</driver>
<transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation>
<pool>
<min-pool-size>10</min-pool-size>
<max-pool-size>100</max-pool-size>
<prefill>true</prefill>
</pool>
<security>
<user-name>user</user-name>
<password>passw0rd</password>
</security>
<statement>
<prepared-statement-cache-size>32</prepared-statement-cache-size>
<share-prepared-statements>true</share-prepared-statements>
</statement>
</datasource>
...
<security-domains>
<security-domain name="testDomain" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/TestDS"/>
<module-option name="rolesQuery" value="SELECT role, 'Roles' FROM users WHERE username=?"/>
<module-option name="hashAlgorithm" value="MD5"/>
<module-option name="hashEncoding" value="hex"/>
<module-option name="principalsQuery" value="SELECT password from users WHERE username=?"/>
</login-module>
</authentication>
<authorization>
<policy-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/school"/>
<module-option name="rolesQuery" value="SELECT role, 'Roles' FROM users WHERE username=?"/>
<module-option name="hashAlgorithm" value="MD5"/>
<module-option name="hashEncoding" value="hex"/>
<module-option name="principalsQuery" value="SELECT password from users WHERE username=?"/>
</policy-module>
</authorization>
</security-domain>
现在我已经部署了一个动态 Web 项目,并在 /WebContent/WEB-INF 文件夹中创建了一个 jboss-web.xml 文件
有此内容
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>testDomain</security-domain>
</jboss-web>
以及包含此内容的 web.xml 文件
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1">
<display-name>WebApp</display-name>
<welcome-file-list>
<welcome-file>/webappname/index.xhtml</welcome-file>
</welcome-file-list>
<!--Defining security constraint for type of roles available-->
<security-constraint>
<web-resource-collection>
<web-resource-name>administrator</web-resource-name>
<url-pattern>/webappname/MyServlet/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>ADMINISTRATOR</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>school</realm-name>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/error.xhtml</form-error-page>
</form-login-config>
</login-config>
<!--Defining type of authenitcation mechanism-->
<!--Denining security role-->
<security-role>
<role-name>ADMINISTRATOR</role-name>
</security-role>
<security-role>
<role-name>USER</role-name>
</security-role>
<!--Denining security role-->
</web-app>
服务器启动时没有任何错误。问题是,当我尝试访问 servlet url 时http://127.0.0.1:8080/webapp名称/MyServlet页面已正确呈现,无需身份验证。