我用jboss sso和oracle实现的小例子(没有使用jaas) 1、jboss-sso.sar/conf/sso.cfg.xml部分配置 : (这里的数据库连接是OracleLoginProvider,也要注意property name="trustServer"写的正确) jboss-sso identity-management login provider id="si:my:oracl
我用jboss sso和oracle实现的小例子(没有使用jaas)
1、jboss-sso.sar/conf/sso.cfg.xml部分配置:
(这里的数据库连接是OracleLoginProvider,也要注意
2、确保context.xml在WAR文件的WEB-INF下配置
这是使用自己的认证机制指示Web应用程序:
This valve eliminates the need for cross domain federation links
to be of the form /federate?target={some link in the other domain}
With this link, your link can be straight to the resource in the
other domain
provider="si:my:oracle:login"是sso.cfg.xml中provider的id
-->
注:
1)当用例执行验证您的Web应用程序内通过登录屏幕或其他一些机制的一部分,执行这一过程中,当登录成功,发送通知的这个事件,在SSO引擎使用以下API调用:
org.jboss.security.saml.SSOManager. processManualLoginNotification(HttpServletRequest request,String user)
2)当SSOEngine执行自动登入响应一个值得信赖SSOToken ,它将把下列通知您LoginProvider :
processSSOLoginNotification(LoginContext)
在这里,你可以处理任何Web应用程序所需的环境设置的身份验证的用户session
注意:当使用此方式的认证, Web应用程序将能够获得特等登录到该系统使用以下API呼叫:
org.jboss.security.saml.SSOManager.getUserPrincipal(HttpServletRequest)
3、jboss-federation-server.ear/jboss-federation-server.sar/conf下server.cfg.xml
partners configuration of the federation server...
partners are the collection of sites which are part of the Single Sign On Federation
it lists the web domains and their corresponding federation servers in this domain
-->
注:不要忘了把OracleLoginProvider.class打成jar包放在jboss-sso.sar/下,当然还有oracle数据库驱动
4、
在C:/WINDOWS/system32/drivers/etc下加入:
127.0.0.1 zjftest1.jboss.com
127.0.2.1 zjftest2.jboss.com
5、在jboss-sso-testoralce.ear/META-INF/下的application.xml里
是ear下war包的名字,如果修改了,不要忘记该哟。
6、我的OracleLoginProvider源代码如下:
package test.post;
import java.security.Principal;
import java.sql.*;
import java.util.Collection;
import java.util.Properties;
import org.jboss.security.idm.Identity;
import org.jboss.security.idm.IdentityException;
import org.jboss.security.idm.LoginContext;
import org.jboss.security.idm.LoginProvider;
public class OracleLoginProvider implements LoginProvider{
static { // is there a better way to do this?
try {
java.sql.DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
} catch (SQLException e) {
e.printStackTrace();
}
}
private Properties props;
private String id;
public OracleLoginProvider() {
}
public void setId(String id) throws IdentityException {
this.id=id;
}
public String getId() throws IdentityException {
return this.id;
}
public boolean exists(Principal principal) throws IdentityException {
return exists(principal.getName());
}
public boolean exists(String username) throws IdentityException {
Connection conn = connect();
// username and existsQuery are set in sso.cfg.xml
String username1 = props.getProperty("username");
String sql = props.getProperty("existsSQL");
System.out.println("-----------existsSQL:"+sql);
try {
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, username);
ResultSet rs = ps.executeQuery();
System.out.println("---------exists----------------");
return rs.next();
} catch (SQLException e) {
e.printStackTrace();
}
finally {
try {
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
return false;
}
public Identity read(Principal principal) throws IdentityException {
return read(principal.getName());
}
public Identity read(String username) throws IdentityException {
Identity ident = new Identity();
ident.setUserName(username);
// need to set roles too.
return ident;
}
public boolean login(Principal principal, byte[] password) throws IdentityException {
return false;
}
public boolean login(String username, byte[] password) throws IdentityException {
//在这里只是验证了用户名
return exists(username);
}
public void processSSOLoginNotification(LoginContext loginContext) throws IdentityException {
}
public Collection readAllRoles() throws IdentityException {
return null;
}
public void setProperties(Properties properties) throws IdentityException {
this.props = properties;
}
private java.sql.Connection connect () {
// connectionURL, username and password are set in sso.cfg.xml
String url = this.props.getProperty("connectionURL");
String username = this.props.getProperty("username");
String password = this.props.getProperty("password");
try {
return DriverManager.getConnection(url, username, password);
} catch (SQLException e) {
e.printStackTrace();
}
return null;
}
}
Copyright © 2019-2025 51dongshi.net 版权所有
违法及侵权请联系:TEL:177 7030 7066 E-MAIL:11247931@qq.com 本站由北京市万商天勤律师事务所王兴未律师提供法律服务
