如何在 GlassFish 3.1 中使用自定义领域？

Question

我想在 glassfish 3.1 中使用自定义领域

我从这个主题中拿了两个文件来尝试。 Custom Glassfish Security Realm does not work (unable to find LoginModule)

CustomRealm.java

package com.company.security.realm;
import com.sun.appserv.security.AppservRealm;
import com.sun.enterprise.security.auth.realm.BadRealmException;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchRealmException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import java.util.Enumeration;
import java.util.Properties;
import java.util.Vector;

public class CustomRealm extends AppservRealm
{
Vector<String> groups = new Vector<String>();

private String jaasCtxName;

private String startWith;

@Override
public void init(Properties properties)
throws BadRealmException, NoSuchRealmException {
    jaasCtxName = properties.getProperty("jaas-context", "customRealm");
    startWith = properties.getProperty("startWith", "z");
    groups.add("dummy");
}

@Override
public String getAuthType()
{
    return "Custom Realm";
}

public String[] authenticate(String username, char[] password) 
{
    // if (isValidLogin(username, password))
    return (String[]) groups.toArray();
}

@Override
public Enumeration getGroupNames(String username) 
throws InvalidOperationException, NoSuchUserException 
{
    return groups.elements();
}

@Override 
public String getJAASContext()
{
    return jaasCtxName;
}

public String getStartWith()
{
    return startWith;
}
}

还有自定义登录模块

package com.company.security.realm;

import com.sun.appserv.security.AppservPasswordLoginModule;
import com.sun.enterprise.security.auth.login.common.LoginException;
import java.util.Set;
import org.glassfish.security.common.PrincipalImpl;

public class CustomLoginModule extends AppservPasswordLoginModule
{    
    @Override
protected void authenticateUser() throws LoginException
{
    _logger.info("CustomRealm : authenticateUser for " +  _username);
    final CustomRealm realm = (CustomRealm)_currentRealm;

    if ( (_username == null) || (_username.length() == 0) || !_username.startsWith(realm.getStartWith())) 
        throw new LoginException("Invalid credentials");

    String[] grpList = realm.authenticate(_username, getPasswordChar()); 
    if (grpList == null) { 
        throw new LoginException("User not in groups");
    }

    _logger.info("CustomRealm : authenticateUser for " +  _username);

    Set principals = _subject.getPrincipals();
    principals.add(new PrincipalImpl(_username));

    this.commitUserAuthentication(grpList);

}
}

我也将模块添加到 conf 文件中

customRealm {
com.company.security.realm.CustomLoginModule required;
};

然后我将我的 2 .class 复制到 glassfish3/glassfish/domains/domain1/lib/classes/ 以及 glassfish3/glassfish/lib

每次我想创建一个新领域时，我都会遇到同样的错误。

 ./asadmin --port 4949 create-auth-realm --classname com.company.security.realm.CustomRealm --property jaas-context=customRealm:startWith=a customRealm     

remote failure: Creation of Authrealm customRealm failed.  com.sun.enterprise.security.auth.realm.BadRealmException: java.lang.ClassNotFoundException: com.company.security.realm.CustomRealm not found by org.glassfish.security [101]

com.sun.enterprise.security.auth.realm.BadRealmException: java.lang.ClassNotFoundException: com.company.security.realm.CustomRealm not found by org.glassfish.security [101]
Command create-auth-realm failed.

我想我真的不明白如何以正确的方式将我的两个文件添加到 glassfish。

这两个文件是从eclipse创建和编译的。我创建了一个 java 项目成功登录。

有人可以帮忙吗？

提前致谢， 洛伊克

Answer 1

您是否将其打包为 OSGi 模块（请参阅您引用的帖子中的答案）？如果是这样，不要将 jar 文件复制到 $GF_HOME/lib 或任何东西，而是将其部署为 OSGi 模块：

asadmin deploy --type osgi /path/to/CustomRealm.jar

然后添加 login.conf 设置。为了安全起见，我会重新启动 GF (asadmin restart-domain)，然后您可以使用那里的命令创建领域。