Custom security mechanism in Java EE 6 / 7 applications

Java

I want to create (by myself) an authentication mechanism

As far as I know, I have to implement loginmodule and connect this implementation to the container mechanism in some way But the problem is that I don't know what to do Maybe you know where I can find sample code or tutorials?

In other words, I want to force the container to call my class when a method is called: call authentication, login, and logoff

Example implementation: HttpServletRequest The login method will successfully authenticate even alphanumeric users when logging in

Solution

After reading about JAAS, you should be based on org jboss. security. auth. spi. Abstractserverloginmodule (from org picket@R_795_2419 @ / picket@R_795_2419 @Maven artifact) implements your login module Then deploy the module using your application and in wildfly's standalone Create the appropriate security domain and realm in XML as follows:

<security-domain name="myDomain" cache-type="default">
  <authentication>
    <login-module code="com.example.TestLoginModule" flag="required" 
module="deployment.sample.jar"/>
  </authentication>
</security-domain>@H_301_29@ 
 
 
 
 
 
<security-realm name="MyRealm">
 <authentication>
   <jaas name="myDomain"/>
 </authentication>
</security-realm>@H_301_29@ 
 
注意不同JBoss AS版本的不同行为. 7.1.1将不允许您部署登录模块,您必须创建一个单独的jboss模块并将其与org.picket@R_795_2419@和jboss.security模块绑定.
 
 
补充阅读:
https://docs.jboss.org/author/display/WFLY8/Security+subsystem+configuration
 
 
https://docs.jboss.org/author/display/WFLY8/Security+Realms
 
 
http://java.dzone.com/articles/creating-custom-login-modules(它有点过时了,但是给出了主要的想法)
The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>