- 浏览: 236497 次
- 性别:
- 来自: 北京
文章分类
最新评论
-
akka_li:
学习了!但是为什么后续的没有了?!
EJB4:RMI和RMI-IIOP -
springaop_springmvc:
apache lucene开源框架demo使用实例教程源代码下 ...
Lucene学习笔记(一)Lucene入门实例 -
qepipnu:
求solr 客户端 jar包
Solr学习笔记(三)Solr客户端开发实例 -
zhangbc:
是这问题,赞!
Oracle Start Up 2 Oracle 框架构件、启动、解决一个问题 -
feilian09:
查询 select hibernate jdbc 那个效率快
Hibernate,JDBC性能探讨
Jboss has a series of implementation of InitialContext Factory, but this blog only concentrated on org.jboss.security.jndi.LoginInitialContextFactory, and I was planned to prestent this issue as Two main part, Part One: Theroy-based(including some definition of LoginInitialContextFactory, InitialContext Properties description), and Part Two: Demo-based(Complete a simple demo which use LoginInitialContextFactory).
PART ONE: The Login InitialContext Factory Implementation
1. why LoginInitialContextFactory?
JAAS is the preferred method for authenticating a remote client to JBoss. However, for simplicity and to ease the migration from other application server environment that does not use JAAS, JBoss allows you the security credentials to be passed through the InitialContext, so the LoginInitialContextFactory came out.
2. Originally or Old version JBoss DO NOT support LoginInitialContextFactory.
Historically JBoss has not supported providing login information via the InitialContext factory environment. The reason being that is JAAS provides a much more flexible framework. For simplicity and migration from other application server environment that do make use of this mechanism, since jboss-3.0.3 there has been an InitialContext factory implementation that allow this.
3. How the LoginInitialContextFactory work(authenticating clients through JAAS)?
Authough this kinds of authentication is thought as J2EE JAAS, but there is no manifest use of the JAAS interface in the client application, Only be taken placed in Server which we can say what JAASis used under the covers.
What this basically does is that when the client is trying to download the naming proxy on the client side, JAAS login is performed with the login configuration name to be equal to the name passed in Context.SECURITY_PROTOCOL, username and credential from the context information. Only after the login succeeds, will the naming proxy be returned.
4. InitialContext environment properties for LoginInitialContextFactory
The factory class that provides this capability is the org.jboss.security.jndi.LoginInitialContextFactory. The complete set of supported InitialContext environment properties for this factory as the below Table:
java.naming.factory.initial (Context.INITIAL_CONTEXT_FACTORY ) java.naming.provider.url (java.naming.provider.url ) java.naming.security.principal (Context.SECURITY_PRINCIPAL ) java.naming.security.credentials (Context.SECURITY_CREDENTIALS ) java.naming.security.protocol (Context.SECURITY_PROTOCOL)
Name
Description
Value
The name of the environment property for specifying the initial context factory,
org.jboss.security.jndi.LoginInitialContextFactory
The principal to authenticate
This may be either a java.security.Principal implementation or a string representing the name of a principal.
The credentials that should be used to authenticate the principal
java.naming.factory.url.pkgs
For all JBoss JNDI provider this must be
org.jboss.naming:org.jnp.interfaces
This gives the name of the
JAAS login module to use for the authentication of the principal and credentials.
Sample Java Code for this properties:
Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.security.jndi.LoginInitialContextFactory"); env.put(Context.PROVIDER_URL, "jnp://192.168.68.83"); env.put(Context.SECURITY_PRINCIPAL, "principal "); env.put(Context.SECURITY_CREDENTIALS, "credentials "); new InitialContext(env);
PART TWO: a simple Demo to use The Login InitialContext Factory Implementation
1. deploy a ejb on JBoss, the session bean class and remote interfaces as following:
public interface TestService { public abstract String ping(); public abstract String getDate(); }
public interface TestServiceLocal extends TestService { }
@Stateless @Remote(TestService.class) @Local(TestServiceLocal.class) @TransactionManagement(TransactionManagementType.CONTAINER) @TransactionAttribute(TransactionAttributeType.REQUIRED) @PermitAll public class LoginInitialContextFactoryTestSession implements TestServiceLocal{ public String ping() { return "Ping LoginInitialContextFactoryTestSession suceessful..."; } public String getDate() { return "[" + new SimpleDateFormat("yyyy-MM-dd'T'kk:mm:ss").format(new Date()) + "]"; } }
as depicted: LoginInitialContextFactoryTestSession is a stateless seeion bean, it own a remote interface and local interface, also need transaction attribute and security setting. when we complete the deploy we can use LoginInitialContextFactory as factoty and pass the princial and credencials what to execute JAAS authentication and authrization, as fllowing code:
File authFile = new File("D:/dev-tools/jboss-eap-4.3/jboss-as/client/auth.conf"); System.setProperty("java.security.auth.login.config", "file:///" + authFile.getAbsolutePath()); Properties properties = new Properties(); properties.setProperty(Context.INITIAL_CONTEXT_FACTORY , "org.jboss.security.jndi.LoginInitialContextFactory"); properties.setProperty(Context.PROVIDER_URL, "jnp://192.168.68.83:1099"); properties.setProperty(Context.SECURITY_PRINCIPAL, "homeTest"); properties.setProperty(Context.SECURITY_CREDENTIALS, "kylin"); Context ctx = new InitialContext(properties); TestService stub = (TestService) ctx.lookup("home-test-v2/LoginInitialContextFactoryTestSession/remote"); System.out.println(stub); System.out.println(stub.ping()); System.out.println(stub.getDate());
run the method the output stream will print:
jboss.j2ee:ear=home-test-v2.ear,jar=LoginInitialContextFactoryTestSession.jar,name=LoginInitialContextFactoryTestSession,service=EJB3 Ping LoginInitialContextFactoryTestSession suceessful... [2011-05-19T16:28:36]
ENDING...
发表评论
-
Oracle - Add Exist Validation Before Create Table
2011-11-07 13:49 1406Usually we need to check the ta ... -
JMX Architecture & "Hello Word" the JMX way
2011-10-25 20:07 1752JMX Architecture Overview: JMX ... -
Jboss-eap-5.1 Messaging
2011-08-02 21:50 2404This section I will concertate ... -
Jboss-eap-5.1 starting up note
2011-07-26 22:46 2548Jboss enterprise platform 5 hav ... -
EJB Security & JAAS Demo
2011-05-21 19:39 1580PROLOGUE: When deploying ... -
Jboss Reference Exception Gallery
2011-04-27 14:08 28541. Unable to locate a login con ... -
Hibernate Annotation 的一个问题,给点意见
2011-03-10 12:43 22问题:org.hibernate.annotations. ... -
大家说说BBC的网站用的是什么技术做的
2011-02-22 05:01 1398最近在英国出差,发现这里的一些网站做的相当有特色,有些网站不是 ... -
Hibernate OneToMany 单向和双向配置对数据存取性能的比较
2011-02-08 17:06 22471. 开篇说明:今天是春 ... -
对Hibernate属性(CascadeType、JoinColumn、JoinTable、ForeignKey等)的研究
2010-12-26 15:45 16610本文列出几个“EJB 学习阶段总结:JBoss下发布一个Toy ... -
EJB 学习阶段总结:JBoss下发布一个Toy企业应用
2010-12-25 12:11 2553解释题目:为什 ... -
EJB7: Message Driven Bean
2010-12-21 22:42 2101在企业系统中需要使用 ... -
EJB6: EntityBean例子
2010-11-26 14:48 1446本例子描述向EJB容器(JBoss)部署http: ... -
JPA dev: 几个问题总结(续)
2010-11-25 18:02 24082. 如何由PoJo类生成数据库中的表 首先可以根据实体间关 ... -
JPA dev: 几个问题总结
2010-11-25 16:56 3359最近工作中遇到几个与JPA相关的问题,本文通过一个例子总结一下 ... -
JAXB学习
2010-11-24 22:35 01 什么是JAXB? JAXB全称Java Ar ... -
EJB5: JPA扩展-J2SE环境下使用EntityManager
2010-11-10 19:07 2648好久没有写博客了,最近比较忙,今天抽时间写点,最近 ... -
EJB4:RMI和RMI-IIOP
2010-11-02 21:14 4073计划提纲:引入→RMI概念→RMI HelloWorld程序→ ... -
EJB3: JBOSS 企业版、JBOSS服务器构架、EJB2.0 HelloWrold实例
2010-10-26 22:43 6421本文的研究基于jboss-eap- ... -
jboss-eap-4.3 启动停止在Configuring from URL: resource:jboss-log4j.xml 问题
2010-10-25 14:49 4016如题,我改用jboss-eap-4.3, 启动时停止在Conf ...
相关推荐
JBoss完全实现了J2EE的服务栈: EJB (Enterprise JavaBeans) JMS (Java Message Service) JTS/JTA (Java Transaction Service / Java Transaction API) Servlet and JSP (JavaServer Pages) JNDI (Java Naming and ...
JBOSS,JBoss安装部署 JBOSS,JBoss安装部署
JBoss启动JBoss启动JBoss启动JBoss启动JBoss启动JBoss启动JBoss启动JBoss启动 JBoss启动
JavaEE源代码 jboss-commonJavaEE源代码 jboss-commonJavaEE源代码 jboss-commonJavaEE源代码 jboss-commonJavaEE源代码 jboss-commonJavaEE源代码 jboss-commonJavaEE源代码 jboss-commonJavaEE源代码 jboss-...
jboss 下载(httpwww.jboss.org)
某大牛写的jboss-exp 1. 查看系统名称 java -jar jboss_exploit_fat.jar -i http://192.168.7.84:10081/invoker/JMXInvokerServlet get jboss.system:type=ServerInfo OSName 2. 查看系统版本 java -jar jboss_...
JBOSS使用指南JBOSS使用指南JBOSS使用指南JBOSS使用指南JBOSS使用指南JBOSS使用指南JBOSS使用指南JBOSS使用指南
赠送jar包:jboss-logging-3.3.2.Final.jar; 赠送原API文档:jboss-logging-3.3.2.Final-javadoc.jar; 赠送源代码:jboss-logging-3.3.2.Final-sources.jar; 赠送Maven依赖信息文件:jboss-logging-3.3.2.Final....
Jboss项目部署文档
帮你设置jboss安全性问题。Jboss安全设置 jboss安全性 jboss设置安全性Jboss安全设置 jboss安全性 jboss设置安全性
赠送jar包:jboss-threads-3.1.0.Final.jar; 赠送原API文档:jboss-threads-3.1.0.Final-javadoc.jar; 赠送源代码:jboss-threads-3.1.0.Final-sources.jar; 赠送Maven依赖信息文件:jboss-threads-3.1.0.Final....
jboss热部署,jboss热部署,jboss热部署,jboss热部署,jboss热部署,jboss热部署,jboss热部署,jboss热部署,jboss热部署,jboss热部署,jboss热部署,jboss热部署
赠送jar包:jboss-logging-3.4.1.Final.jar; 赠送原API文档:jboss-logging-3.4.1.Final-javadoc.jar; 赠送源代码:jboss-logging-3.4.1.Final-sources.jar; 赠送Maven依赖信息文件:jboss-logging-3.4.1.Final....
如何在MyEclipse配置Jboss
linux 环境jboss 7.1 (注jdk不要用1.8 否则不能启动)
之前学习jboss rules 只能自己一点点的啃英文用户指南,后来终于找到了中文版的翻译版本,真是高兴,立即奉献给大家,让对规则引擎感兴趣的朋友也能一堵为快。 内容摘要:JBoss Rules 的前身是Codehaus的一个开源...
Jboss配置虚拟路径
jboss服务器配置https环境的详细方法
jboss jbpm 5.0 最新版jboss jbpm 5.0 最新版jboss jbpm 5.0 最新版jboss jbpm 5.0 最新版jboss jbpm 5.0 最新版jboss jbpm 5.0 最新版jboss jbpm 5.0 最新版