2. 질의 응답
  3. Jboss AS 6을 WildFly 10 (UsersRolesLoginModule, CallerIdentityLoginModule, <security-domain> IG_CallerDS</ security-domain>)으로 마이그레이션 하시겠습니까?

Jboss AS 6을 WildFly 10 (UsersRolesLoginModule, CallerIdentityLoginModule, <security-domain> IG_CallerDS</ security-domain>)으로 마이그레이션 하시겠습니까?

2016-12-01 1 views
0

WildFly 10의 Jboss AS 6에서 애플리케이션을 마이그레이션하는 방법을 알려주십시오. (죄송합니다. 영어).Jboss AS 6을 WildFly 10 (UsersRolesLoginModule, CallerIdentityLoginModule, <security-domain> IG_CallerDS</ security-domain>)으로 마이그레이션 하시겠습니까?

대상 - 사용자는 제이보스에서 구현 가능한 경우

정말, 6 AS 제이 보스의 가능성을 실현하는 예를 읽을 수 제이보스에 사용되는 사용자 이름과 암호를 사용하여 데이터베이스에 연결해야합니다 6 AS

구성 제이 보스 :

<application-policy name = "IGRoles"> 
    <authentication> 
     <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" 
     flag = "required"> 
     <module-option name="usersProperties">IG_users.properties</module-option> 
     <module-option name="rolesProperties">IG_roles.properties</module-option> 
     </login-module> 
    </authentication> 
</application-policy> 

      <application-policy name = "IG_CallerDS"> 
    <authentication> 
     <login-module code = "org.jboss.resource.security.CallerIdentityLoginModule" 
     flag = "required"> 
     <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=OraDSIG</module-option> 
     </login-module> 
    </authentication> 
</application-policy> 

<datasources> 
    <local-tx-datasource> 
    <jndi-name>OraDSIG</jndi-name> 
<connection-url>jdbc:oracle:thin:@localhost:1521:olg1</connection-url> 
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class> 
<security-domain>IG_CallerDS</security-domain> 
<exception-sorter-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter</exception-sorter-class-name> 
</local-tx-datasource> 
</datasources>

구성 제이보스 10 : 테스트 한 다음 standalone.xml

 <security-domain name="ejb-security-domain33" cache-type="default"> 
      <authentication> 
       <login-module code="Remoting" flag="optional"> 
        <module-option name="password-stacking" value="useFirstPass"/> 
       </login-module> 
       <login-module code="UsersRoles" flag="required"> 
        <module-option name="defaultUsersProperties" value="${jboss.server.config.dir}/ejb-users.properties"/> 
        <module-option name="defaultRolesProperties" value="${jboss.server.config.dir}/ejb-roles.properties"/> 
        <module-option name="usersProperties" value="${jboss.server.config.dir}/ejb-users.properties"/> 
        <module-option name="rolesProperties" value="${jboss.server.config.dir}/ejb-roles.properties"/> 
        <module-option name="password-stacking" value="useFirstPass"/> 
       </login-module> 
      </authentication> 
     </security-domain>

암호 만 파일 EJB-users.propertis 내가 변종을 많이 선택하지만 오류가

 <security-domain name="ejb-security-domain" cache-type="default"> 
      <authentication> 
       <login-module code="Remoting" flag="optional"> 
        <module-option name="password-stacking" value="useFirstPass"/> 
       </login-module> 
       <login-module code="RealmDirect" flag="required"> 
        <module-option name="password-stacking" value="useFirstPass"/> 
       </login-module> 
       <login-module code="DatabaseUsers" flag="required"> 
        <module-option name="dsJndiName" value="java:jboss/OraDSIG"/> 
        <module-option name="principalsQuery" value="select passwd AS PASSWORD from IG.USERS where login=?"/> 
        <module-option name="rolesQuery" value="select role 'Roles', RoleGroup from IG.USER_ROLES where login=?"/> 
       </login-module> 
      </authentication> 
     </security-domain>

필요로 전송하지 않습니다 항상이 :

2016-12-01 10:46:14,472 TRACE [org.jboss.security] (default task-2) PBOX00236: Begin initialize method 
2016-12-01 10:46:14,472 TRACE [org.jboss.security] (default task-2) PBOX00240: Begin login method 
2016-12-01 10:46:14,472 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (default task-2) Storing username 'ejbUser' 
2016-12-01 10:46:14,472 TRACE [org.jboss.security] (default task-2) PBOX00236: Begin initialize method 
2016-12-01 10:46:14,472 TRACE [org.jboss.security] (default task-2) PBOX00240: Begin login method 
2016-12-01 10:46:14,473 TRACE [org.jboss.security] (default task-2) PBOX00236: Begin initialize method 
2016-12-01 10:46:14,473 TRACE [org.jboss.security] (default task-2) PBOX00262: Module options [dsJndiName: java:jboss/OraDSIG, principalsQuery: select passwd AS PASSWORD from IG.USERS where login=?, rolesQuery: select role 'Roles', RoleGroup from IG.USER_ROLES where login=?, suspendResume: true] 
2016-12-01 10:46:14,474 TRACE [org.jboss.security] (default task-2) PBOX00240: Begin login method 
2016-12-01 10:46:15,283 TRACE [org.jboss.security] (default task-2) PBOX00263: Executing query select passwd AS PASSWORD from IG.USERS where login=? with username ejbUser 
2016-12-01 10:46:15,618 DEBUG [org.jboss.security] (default task-2) PBOX00283: Bad password for username ejbUser 
2016-12-01 10:46:15,619 TRACE [org.jboss.security] (default task-2) PBOX00244: Begin abort method, overall result: true 
2016-12-01 10:46:15,619 TRACE [org.jboss.security] (default task-2) PBOX00244: Begin abort method, overall result: true 
2016-12-01 10:46:15,619 TRACE [org.jboss.security] (default task-2) PBOX00244: Begin abort method, overall result: false 
2016-12-01 10:46:15,619 DEBUG [org.jboss.security] (default task-2) PBOX00206: Login failure: javax.security.auth.login.FailedLoginException: PBOX00070: Password invalid/Password required 



       <datasource jta="false" jndi-name="java:jboss/OraDSIG" pool-name="OraDSIG" enabled="true" use-ccm="false"> 
<connection-url>jdbc:oracle:thin:@localhost:1521:olg1</connection-url> 
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class> 
<driver>oracle</driver> 
        <security> 
          <user-name>ig</user-name> 
         <password>abcd</password> 
        </security> 
        <validation> 
<valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.oracle.OracleValidConnectionChecker"/> 
<background-validation>true</background-validation> 
<stale-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.oracle.OracleStaleConnectionChecker"/> 
         <exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.oracle.OracleExceptionSorter"/> 
        </validation> 
       </datasource> 

<driver name="oracle" module="com.oracle.jdbc"> 
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class> 
</driver>

클라이언트 제이보스 (10)

CallerRemote remote=IGGetEJB.getEJBAccess3("ejbUser","1","127.0.0.1","8080"); 

    public static CallerRemote getEJBAccess3(String uName, String uPass,String serverHost, String serverPort) { 


    String serverUrl = "http-remoting://" + serverHost + ":" + serverPort; // serverPort обычно 4447 
    Hashtable<String, Object> params = new Hashtable<String, Object>(); 
    params.put(Context.PROVIDER_URL, serverUrl); 
    params.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming"); 
    params.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory"); 
    params.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "true"); 
// params.put(Context.SECURITY_PRINCIPAL, uName); //java.naming.security.principal 
// params.put(Context.SECURITY_CREDENTIALS, uPass);//java.naming.security.credentials 


    Properties clientProp = new Properties(); 
    clientProp.put("remote.connections", "default"); 
    clientProp.put("remote.connection.default.host", serverHost); 
    clientProp.put("remote.connection.default.port", serverPort); 
    clientProp.put("remote.connection.default.username", uName); 
// clientProp.put("remote.connection.default.password",uPass); 

    /* try { 
    MessageDigest md = MessageDigest.getInstance("SHA-256"); 
    byte[] passwordBytes = uPass.getBytes(); 
    byte[] hash = md.digest(passwordBytes); 
    String passwordHash = Base64.getEncoder().encodeToString(hash); 
    System.out.println("password hash: "+passwordHash);  
    clientProp.put("remote.connection.default.password", "a4ayc/80/OGda4BO/1o/V0etpOqiLx1JwB5S3beHW0s="); 
    } catch (NoSuchAlgorithmException e1) { 
    // TODO Auto-generated catch block 
    e1.printStackTrace(); 
    }*/ 


    clientProp.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "true"); 
// clientProp.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS","JBOSS-LOCAL-USER"); 
    clientProp.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true"); 

    EJBClientConfiguration cc = new PropertiesBasedEJBClientConfiguration(clientProp); 
    ContextSelector<EJBClientContext> selector = new ConfigBasedEJBClientContextSelector(cc); 
    EJBClientContext.setSelector(selector); 
// EJBClientContext.getCurrent().registerInterceptor(0, new ClientInterceptor()); 

    try { 
    InitialContext context = new InitialContext(params);  

    final String jndiName = "/TestRemoteEJBEAR/CallerBean!remote.CallerRemote"; 
    CallerRemote remote = (CallerRemote) context.lookup(jndiName); 
// CallerRemote remote = connectEjb(context, jndiName); 
    return remote; 
    } catch (NamingException e) { 
    // TODO Auto-generated catch block 
    e.printStackTrace(); 
    } 
    return null; 
    }

/////////////////////////////////////////// ///////////////////////

변경됨 - public abstract class UsernamePasswordLoginModule은 AbstractServerLoginModule을 확장합니다.

public boolean login() throws LoginException 
    { 
    System.out.println("1______________super.login()="+super.login()); 
     // See if shared credentials exist 
     if(super.login() == true) 
     {
작동합니다, 클라이언트에서 암호를받을 경우 (super.login() == true)가, 그러나 그는 항상 false

,932을

10 데이터베이스 (super.login() == false)를 다음 암호 항상 = passw[email protected]b986e1과 같지 암호

2016-12-05 15:26:22,080 INFO [stdout] (default task-10) 11______________expectedPassword=Pass_BD 
2016-12-05 15:26:22,081 INFO [stdout] (default task-10) 12______________passw[email protected]b986e1 



     super.loginOk = false; 
     String[] info = getUsernameAndPassword(); 
... 
    protected String[] getUsernameAndPassword() throws LoginException 
    { 
     String[] info = {null, null}; 
     // prompt for a username and password 
     if(callbackHandler == null) 
     { 
     throw PicketBoxMessages.MESSAGES.noCallbackHandlerAvailable(); 
     } 

     NameCallback nc = new NameCallback(PicketBoxMessages.MESSAGES.enterUsernameMessage(), "guest"); 
     PasswordCallback pc = new PasswordCallback(PicketBoxMessages.MESSAGES.enterPasswordMessage(), false);

I 원하는 경우 고객이 비밀번호를 전송 했습니까? 내가 EJB 클라이언트에서 login()을 호출 할 때?

말해주십시오.

출처

2016-12-01 Oleg Burakov

+0

안녕하세요! My EJB는 사용자 이름과 암호를 사용하여 데이터베이스를 인증합니다. Java 클라이언트에 입력 한 사용자 이름과 암호. 클라이언트에서 EJB Java로 암호를 전달하는 방법을 알려주십시오. WildFly 사용. EJB 매개 변수를 전달하는 옵션 만 있습니까? –

답변

0

remoute 자바 클라이언트는이 코드

public static CallerRemote getEJBAccessOK(String uName, String uPass,String serverHost, String serverPort) { 


    String serverUrl = "http-remoting://" + serverHost + ":" + serverPort; // serverPort обычно 4447 

    Hashtable<String, Object> params = new Hashtable<String, Object>(); 
    params.put(Context.PROVIDER_URL, serverUrl); 
    params.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming"); 
    params.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory"); 
    params.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false"); 
    params.put(Context.SECURITY_PRINCIPAL, uName); 
    params.put(Context.SECURITY_CREDENTIALS, uPass); 


    Properties clientProp = new Properties(); 
    clientProp.put("remote.connections", "default"); 
    clientProp.put("remote.connection.default.host", serverHost); 
    clientProp.put("remote.connection.default.port", serverPort); 
    clientProp.put("remote.connection.default.username", uName); 
    clientProp.put("remote.connection.default.password",uPass); 
    clientProp.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false"); 

    EJBClientConfiguration cc = new PropertiesBasedEJBClientConfiguration(clientProp); 
    ContextSelector<EJBClientContext> selector = new ConfigBasedEJBClientContextSelector(cc); 
    EJBClientContext.setSelector(selector); 
    try { 
    InitialContext context = new InitialContext(params);  
    final String jndiName = "/TestRemoteEJBEAR/CallerBean!remote.CallerRemote"; 
    CallerRemote remote = (CallerRemote) context.lookup(jndiName); 
    return remote; 
    } catch (NamingException e) { 
    // TODO Auto-generated catch block 
    e.printStackTrace(); 
    } 
    return null; 
}

TABLE "IG를"CREATE와 함께 작동합니다."USER_ROLES"
("로그인"VARCHAR2 (64 BYTE)
"ROLE"VARCHAR2 (32 BYTE)
"ROLEGROUP"VARCHAR2 (80 BYTE)
)
(USER_ROLES 내로 삽입 LOGIN, 역할 ROLEGROUP) 값 ('ejbUser', 'ejbRole', 'Roles');

출처

2017-01-16 08:28:37

+0

트릭을 조금 더 써주시겠습니까? 당신의 대답의 핵심 포인트는 무엇입니까? 그리고 그 questino 끝에있는 SQL 코드는 무엇입니까? –

관련 문제

 관련 문제