 |
Java开发网 |
|
注册 |
登录 |
帮助 |
搜索 |
排行榜 |
发帖统计
|
| 您没有登录 |
» Java开发网 » Java Security
 打印话题
寄给朋友
订阅主题
|
    
|
| 作者 | Integrate security infrastructures with JBossSX疑问 |
yekai
 
发贴: 256 积分: 50 
|
 于 2005-02-08 05:12
    
我从下面的网页下载了JAAS Howto,但是我又个问题,在Inside the JBossSX JassSecurityManager -> The security check里,Client side 和Server side各有个LoginContext,为什么? http://sourceforge.net/docman/display_doc.php?docid=18240&group_id=22866 |
| 作者 | Re:Integrate security infrastructures with JBossSX疑问 [Re:yekai] |
floater
Java Jedi 总版主 
发贴: 3233 积分: 421
|
于 2005-02-15 05:14
This is to illustrate the flexibility of the JAAS's LoginModule. On the client side, the LoginModule could be NT login or unix login(so users don't need to type in username & password). On the server side, the LoginModule could be others, like relational db. The ejb would do the magic for passing the credentials. This is not a b/s scenario, this is more like swing --> ejb case, mostly used in financial firms here. I personally think this is the only valid usage of JAAS. Without EJB, JAAS doesn't fit into B/S model well. My 2 cents. "Any fool can write code that a computer can understand. Good programmers write code that humans can understand." - Martin Fowler, Refactoring - Improving the Design of Existing Code |
| 作者 | Re:Integrate security infrastructures with JBossSX疑问 [Re:yekai] |
|
yekai
发贴: 256 积分: 50
|
于 2005-02-16 06:54
我试着运行了一下他的程序: http://localhost:8080/jaas-example1/index.html,我点了第一个链接,输入了 user name -> java 和 password -> echoman,但是得到了下面的 ERROR: 23:48:16,599 ERROR [SecurityInterceptor] Authentication exception, principal=caller_java 23:48:16,649 ERROR [Engine] StandardWrapperValve[SecureServlet]: Servlet.service() for servlet SecureServlet threw exception java.rmi.AccessException: SecurityException; nested exception is: java.lang.SecurityException: Authentication exception, principal=caller_java at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:369) at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:124) at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93) at org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessSessionContainer.java:319) at org.jboss.ejb.Container.invoke(Container.java:729) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60) at org.jboss.mx.server.Invocation.dispatch(Invocation.java:62) at org.jboss.mx.server.Invocation.dispatch(Invocation.java:54) at org.jboss.mx.server.Invocation.invoke(Invocation.java:82) at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:197) at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473) at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:97) at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90) at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46) at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55) at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173) at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85) at $Proxy50.create(Unknown Source) at org.jboss.docs.jaas.howto.EJBServlet.createBean(EJBServlet.java:173) at org.jboss.docs.jaas.howto.EJBServlet.callEcho(EJBServlet.java:68) at org.jboss.docs.jaas.howto.EJBServlet.processRequest(EJBServlet.java:31) at org.jboss.docs.jaas.howto.EJBServlet.doGet(EJBServlet.java:41) at javax.servlet.http.HttpServlet.service(HttpServlet.java:697) at javax.servlet.http.HttpServlet.service(HttpServlet.java:810) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:75) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:186) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrincipalValve.java:66) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:158) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683) at java.lang.Thread.run(Thread.java:534) Caused by: java.lang.SecurityException: Authentication exception, principal=caller_java at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:155) at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:74) at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120) ... 59 more |
| 作者 | Re:Integrate security infrastructures with JBossSX疑问 [Re:yekai] |
|
floater
Java Jedi 总版主
发贴: 3233 积分: 421
|
于 2005-02-17 22:50
The error is Authentication exception, this usually means login failed. From the stack, it seems the login is from the client side to ejb. So check your ejb security setting. "Any fool can write code that a computer can understand. Good programmers write code that humans can understand." - Martin Fowler, Refactoring - Improving the Design of Existing Code |
|
|
已读帖子 新的帖子 被删除的帖子 |
|
 |
Powered by Jute Powerful Forum® Version Jute 1.5.6 Ent Copyright © 2002-2021 Cjsdn Team. All Righits Reserved. 闽ICP备05005120号-1 客服电话 18559299278 客服信箱 714923@qq.com 客服QQ 714923 |