i have java ee 6 project jsf , wildfly application server.
i want realize jdbc realm authentication, got login failed exception (javax.servlet.servletexception)
this login.xhtml page:
<!doctype html public "-//w3c//dtd xhtml 1.0 transitional//en" "http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:h="http://java.sun.com/jsf/html" xmlns:f="http://java.sun.com/jsf/core" xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:p="http://primefaces.org/ui"> <ui:composition template="/web-inf/templates/main.xhtml"> <ui:param name="nologin" value="true" /> <ui:define name="insert-title"> <h:outputtext value="kundenverwaltung - login"/> </ui:define> <ui:define name="insert-content"> <h:form> <h:panelgrid columns="2"> <p:outputlabel for="j_username" value="username" /> <p:inputtext type="text" id="j_username" name="j_username" value="#{securitystatus.username}" /> <p:outputlabel for="j_password" value="password" /> <p:inputtext type="password" id="j_password" name="j_password" value="#{securitystatus.password}" /> <p:commandbutton name="login" id="login" value="login" action="#{securityactions.login}" ajax="false" /> </h:panelgrid> </h:form> </ui:define> </ui:composition> </html> this securityaction bean: class exception loginfail in catch block of servletexception
public string login() { httpservletrequest servletrequest = gethttprequest(); try { servletrequest.login( securitystatus.getusername(), securitystatus.getpassword() ); securitystatus.setloggedin( true ); logger.debug( "user has logged in." ); return path_views_project + view_project_overview; } catch ( servletexception e ) { system.out.println(e.getlocalizedmessage()); e.printstacktrace(); securitystatus.setloggedin( false ); logger.debug( "user not logged in." ); return path_views_security + view_login; } } this web.xml
<?xml version="1.0" encoding="utf-8"?> <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1"> <display-name>web</display-name> <servlet> <servlet-name>faces servlet</servlet-name> <servlet-class>javax.faces.webapp.facesservlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <!-- general faces mapping --> <servlet-mapping> <servlet-name>faces servlet</servlet-name> <url-pattern>/faces/*</url-pattern> </servlet-mapping> <!-- special faces mapping, needed welcome file. see http://stackoverflow.com/questions/4616493/how-to-set-jsf2-welcome-file-with-faces-servlet-mapping --> <servlet-mapping> <servlet-name>faces servlet</servlet-name> <url-pattern>*.faces</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>faces servlet</servlet-name> <url-pattern>*.xhtml</url-pattern> </servlet-mapping> <welcome-file-list> <welcome-file>/views/security/login.faces</welcome-file> <!-- <welcome-file>/views/project/project-input.xhtml</welcome-file> --> <!-- <welcome-file>index.html</welcome-file> --> </welcome-file-list> <security-constraint> <!-- handles "no authenticator available programmatic login" on jboss --> <web-resource-collection> <web-resource-name>all-pages</web-resource-name> <description>sicherheitsumgebung für alle seiten</description> <url-pattern>/faces/views/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <security-role> <description>normal users, have read-only access data</description> <role-name>user</role-name> </security-role> <security-role> <description>privileged admins, have full access data</description> <role-name>admin</role-name> </security-role> <login-config> <auth-method>form</auth-method> <realm-name>jaas-realm</realm-name> <form-login-config> <form-login-page>/views/security/login.xhtml</form-login-page> <form-error-page>/faces/views/security/not-logged-in.xhtml</form-error-page> </form-login-config> </login-config> <error-page> <error-code>403</error-code> <location>/faces/views/security/not-logged-in.xhtml</location> </error-page> this jboss-web.xml
<?xml version="1.0" encoding="utf-8"?> <jboss> <security-domain>jaas-realm</security-domain> </jboss> and security domain configuration in standalone-full.xml of jboss
<security-domain name="jaas-realm"> <authentication> <login-module code="database" flag="required"> <module-option name="dsjndiname" value="java:/mydb"/> <module-option name="principalsquery" value="select password person emailaddress=?"/> <module-option name="rolesquery" value="select rolename, 'roles' userrole emailaddress=?"/> <module-option name="hashalgorithm" value="sha-256"/> <module-option name="hashencoding" value="base64"/> </login-module> </authentication> </security-domain> the securityaction can not method successfully:
servletrequest.login( securitystatus.getusername(), securitystatus.getpassword() ); and got following stack-trace:
[io.undertow.servlet.spec.httpservletrequestimpl.login(httpservletrequestimpl.java:440) de.web.actions.security.securityactions.login(securityactions.java:42) sun.reflect.nativemethodaccessorimpl.invoke0(native method) sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:57) sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43) java.lang.reflect.method.invoke(method.java:606) com.sun.el.parser.astvalue.invoke(astvalue.java:292) com.sun.el.methodexpressionimpl.invoke(methodexpressionimpl.java:304) org.jboss.weld.util.el.forwardingmethodexpression.invoke(forwardingmethodexpression.java:40) org.jboss.weld.el.weldmethodexpression.invoke(weldmethodexpression.java:50) org.jboss.weld.util.el.forwardingmethodexpression.invoke(forwardingmethodexpression.java:40) org.jboss.weld.el.weldmethodexpression.invoke(weldmethodexpression.java:50) com.sun.faces.facelets.el.tagmethodexpression.invoke(tagmethodexpression.java:105) javax.faces.component.methodbindingmethodexpressionadapter.invoke(methodbindingmethodexpressionadapter.java:87) com.sun.faces.application.actionlistenerimpl.processaction(actionlistenerimpl.java:102) javax.faces.component.uicommand.broadcast(uicommand.java:315) javax.faces.component.uiviewroot.broadcastevents(uiviewroot.java:790) javax.faces.component.uiviewroot.processapplication(uiviewroot.java:1282) com.sun.faces.lifecycle.invokeapplicationphase.execute(invokeapplicationphase.java:81) com.sun.faces.lifecycle.phase.dophase(phase.java:101) com.sun.faces.lifecycle.lifecycleimpl.execute(lifecycleimpl.java:198) javax.faces.webapp.facesservlet.service(facesservlet.java:646) io.undertow.servlet.handlers.servlethandler.handlerequest(servlethandler.java:85) io.undertow.servlet.handlers.filterhandler$filterchainimpl.dofilter(filterhandler.java:130) de.web.web.filters.characterencodingfilter.dofilter(characterencodingfilter.java:21) io.undertow.servlet.core.managedfilter.dofilter(managedfilter.java:60) io.undertow.servlet.handlers.filterhandler$filterchainimpl.dofilter(filterhandler.java:132) io.undertow.servlet.handlers.filterhandler.handlerequest(filterhandler.java:85) io.undertow.servlet.handlers.security.servletsecurityrolehandler.handlerequest(servletsecurityrolehandler.java:61) io.undertow.servlet.handlers.servletdispatchinghandler.handlerequest(servletdispatchinghandler.java:36) org.wildfly.extension.undertow.security.securitycontextassociationhandler.handlerequest(securitycontextassociationhandler.java:78) io.undertow.server.handlers.predicatehandler.handlerequest(predicatehandler.java:43) io.undertow.servlet.handlers.security.sslinformationassociationhandler.handlerequest(sslinformationassociationhandler.java:131) io.undertow.servlet.handlers.security.servletauthenticationcallhandler.handlerequest(servletauthenticationcallhandler.java:56) io.undertow.server.handlers.predicatehandler.handlerequest(predicatehandler.java:43) io.undertow.security.handlers.authenticationconstrainthandler.handlerequest(authenticationconstrainthandler.java:51) io.undertow.security.handlers.abstractconfidentialityhandler.handlerequest(abstractconfidentialityhandler.java:45) io.undertow.servlet.handlers.security.servletconfidentialityconstrainthandler.handlerequest(servletconfidentialityconstrainthandler.java:63) io.undertow.servlet.handlers.security.servletsecurityconstrainthandler.handlerequest(servletsecurityconstrainthandler.java:56) io.undertow.security.handlers.authenticationmechanismshandler.handlerequest(authenticationmechanismshandler.java:58) io.undertow.servlet.handlers.security.cachedauthenticatedsessionhandler.handlerequest(cachedauthenticatedsessionhandler.java:70) io.undertow.security.handlers.securityinitialhandler.handlerequest(securityinitialhandler.java:76) io.undertow.server.handlers.predicatehandler.handlerequest(predicatehandler.java:43) org.wildfly.extension.undertow.security.jacc.jacccontextidhandler.handlerequest(jacccontextidhandler.java:61) io.undertow.server.handlers.predicatehandler.handlerequest(predicatehandler.java:43) io.undertow.server.handlers.predicatehandler.handlerequest(predicatehandler.java:43) io.undertow.servlet.handlers.servletinitialhandler.handlefirstrequest(servletinitialhandler.java:261) io.undertow.servlet.handlers.servletinitialhandler.dispatchrequest(servletinitialhandler.java:247) io.undertow.servlet.handlers.servletinitialhandler.access$000(servletinitialhandler.java:76) io.undertow.servlet.handlers.servletinitialhandler$1.handlerequest(servletinitialhandler.java:166) io.undertow.server.connectors.executeroothandler(connectors.java:197) io.undertow.server.httpserverexchange$1.run(httpserverexchange.java:759) java.util.concurrent.threadpoolexecutor.runworker(threadpoolexecutor.java:1145) java.util.concurrent.threadpoolexecutor$worker.run(threadpoolexecutor.java:615) java.lang.thread.run(thread.java:745)]
Comments
Post a Comment