如何解决基于表单的身份验证在WildFly 21中不再起作用
这是我的配置。
Web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" metadata-complete="false" version="3.1">
<login-config>
<auth-method>FORM</auth-method>
<realm-name>realm</realm-name>
<form-login-config>
<form-login-page>/authentication/toegangvragen.xhtml</form-login-page>
<form-error-page>/authentication/toeganggeweigerd.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>default</web-resource-name>
<url-pattern>/member/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>member</role-name>
</security-role>
</web-app>
jboss-web.xml:
<jboss-web xmlns="http://www.jboss.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-web_6_0.xsd" version="6.0">
<security-domain>local-domain</security-domain>
</jboss-web>
beans.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans version="2.0" bean-discovery-mode="annotated"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/beans_2_0.xsd"
>
</beans>
faces-config.xml:
<?xml version="1.0" encoding="UTF-8"?>
<faces-config version="2.3"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-facesconfig_2_3.xsd"
>
</faces-config>
toegangvragen.xhtml:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html">
<h:head></h:head>
<h:body>
<h:form id="loginForm"
onsubmit="document.loginForm.action = 'j_security_check';"
prependId="false">
<h:panelGrid columns="1" >
<h:outputLabel value="Username" />
<h:inputText id="j_username" required="true" />
<h:outputLabel value="Password" />
<h:inputSecret id="j_password" required="true" />
<!-- id is mandatory and ajax must be false -->
<h:commandButton value="Submit"/>
</h:panelGrid>
<br />
</h:form>
</h:body>
</html>
toeganggeweigerd.xhtml:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html">
<h:head></h:head>
<h:body>
Nope!
</h:body>
</html>
member.xhtml:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html">
<h:head></h:head>
<h:body>
Hey member
</h:body>
</html>
persistence.xml:
<?xml version="1.0" encoding="UTF-8"?>
<persistence version="2.2" xmlns="http://xmlns.jcp.org/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/persistence http://xmlns.jcp.org/xml/ns/persistence/persistence_2_2.xsd">
<persistence-unit name="local">
<jta-data-source>java:/local</jta-data-source>
<properties>
<property name="javax.persistence.schema-generation.database.action" value="none" />
<property name="hibernate.enable_lazy_load_no_trans" value="true" />
<property name="hibernate.format_sql" value="true" />
</properties>
</persistence-unit>
</persistence>
然后在standalone.xml中,相关部分:
<subsystem xmlns="urn:jboss:domain:datasources:6.0">
<datasources>
<datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true" statistics-enabled="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}">
<connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url>
<driver>h2</driver>
<security>
<user-name>sa</user-name>
<password>sa</password>
</security>
</datasource>
<datasource jndi-name="java:/local" pool-name="local">
<connection-url>jdbc:mysql://localhost:3306/local_scheme?serverTimezone=UTC</connection-url>
<driver-class>com.mysql.cj.jdbc.Driver</driver-class>
<driver>mysql</driver>
<security>
<user-name>root</user-name>
<password>rootpassword</password>
</security>
<validation>
<valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLValidConnectionChecker"/>
<background-validation>true</background-validation>
<exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLExceptionSorter"/>
</validation>
</datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
<driver name="mysql" module="com.mysql">
<driver-class>com.mysql.cj.jdbc.Driver</driver-class>
</driver>
</drivers>
</datasources>
</subsystem>
<subsystem xmlns="urn:jboss:domain:security:2.0">
<security-domains>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmDirect" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="jboss-web-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
<security-domain name="jaspitest" cache-type="default">
<authentication-jaspi>
<login-module-stack name="dummy">
<login-module code="Dummy" flag="optional"/>
</login-module-stack>
<auth-module code="Dummy"/>
</authentication-jaspi>
</security-domain>
<security-domain name="jboss-ejb-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
<security-domain name="local-domain" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:/local"/>
<module-option name="principalsQuery" value="select member_password from members where member_username=?"/>
<module-option name="rolesQuery" value="select role,'Roles' from members where member_username=?"/>
<module-option name="hashAlgorithm" value="SHA-256"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
我以前使用EAP 7.1,并且在那里使用完全相同的配置(成功登录到member.xhtml)。我测试了我想切换到WildFly 21,但没有用。同样对于WildFly 20、19和18,它也没有用。所以我不知道我在做什么错...
在进入会员页面之前,我会收到以下消息:
18:10:11,106 WARN [org.jboss.weld.Servlet] (default task-1) WELD-000717: Unable to deactivate context org.jboss.weld.module.web.context.http.LazyHttpConversationContextImpl@59d0c478 when destroying request HttpServletRequestImpl [ GET /website/authentication/toegangvragen.xhtml ]
尝试登录后,我收到以下消息:
18:10:22,426 WARN [org.jboss.weld.Conversation] (default task-1) WELD-000335: Conversation context is already active,most likely it was not cleaned up properly during previous request processing: HttpServletRequestImpl [ POST /website/member/j_security_check ]
我对此实在感到绝望...我无法再使用EAP 7.1,我需要最新的WildFly,因为当前项目的云托管中仅提供它们...
几天前,我一直在互联网上寻找类似的问题,并且我发现有些人也遇到类似的问题。由于没有提供明确的解决方案,因此我在这里问自己这个问题。
希望有人会这么乐于助人吗?
谢谢。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。