我有以下JSF 2.1的登录表单,在Glassfish的3.1运行
I have the following JSF 2.1 login form, running in Glassfish 3.1
<h:form id="loginForm"> <h:panelGrid columns="2" cellspacing="5"> <h:outputText value="Username" /> <h:inputText value="#{loginHandler.username}" /> <h:outputText value="Password:" /> <h:inputText value="#{loginHandler.password}" /> <h:outputLabel value="" /> <h:commandButton value="Login" action="#{loginHandler.login}" /> </h:panelGrid> </h:form>和下面的支持Bean。
And the following backing bean.
public String login() throws IOException, LoginException { log.debug("Trying to login with username " + username); HttpSession session = getRequest().getSession(true); try { getRequest().login(username, password); // if OK, add Roles ???????? ................... } catch (ServletException e) { // TODO Auto-generated catch block e.printStackTrace(); } log.debug("USER principal === " + getRequest().getUserPrincipal()); return "home"; }现在的问题是,我怎么能成功登录后编程方式添加角色到UserPrincipal?
The question is, how can I add roles programmatically to the UserPrincipal after successful login?
更新1:我就先通过以下code,但主题的主题== NULL
Update 1: I tried to get the Subject by using the following code but subject == null.
Subject thisSubject = Subject.getSubject(AccessController .getContext());谢谢,科恩
Thanks, Coen
推荐答案我想出了以下解决方案登录后以编程方式添加角色,其工作方式,至少在GlassFish 3.1.2版本23。
I came up with the following solution to add roles programmatically after login, which works at least on GlassFish 3.1.2 build 23.
import com.sun.enterprise.security.SecurityContext; import com.sun.enterprise.security.web.integration.PrincipalGroupFactory; import java.security.Principal; import java.util.Set; import javax.security.auth.Subject; import org.glassfish.securitymon.Group; public class GlassFishUtils { public static void addGroupToCurrentUser(String groupName, String realmName) { Subject subject = SecurityContext.getCurrent().getSubject(); Set<Principal> principals = subject.getPrincipals(); Group group = PrincipalGroupFactory.getGroupInstance(groupName, realmName); if (!principals.contains(group)) principals.add(group); } }您将需要添加 security.jar 和共util.jar 从GlassFish在您的项目库。
You will need to add security.jar and common-util.jar from GlassFish to your project libraries.
和不要忘了创建一个&LT;安全角色的方式&gt; 在web.xml您要添加的角色栏目
And don't forget to create a <security-role> section in your web.xml for the roles you wish to add.
请注意,我用它不似乎是一个稳定的公布API的一部分功能,所以没有保证,这将保持在GlassFish中的未来版本中工作。
Note that I am using functionality which does not appear to be part of a published stable API, so there is no guarantee that this will keep working in future releases of GlassFish.
我如何从来源$ C $ C的GlassFish sun.appserv.security.AppservPasswordLoginModulemit()添加角色的信息。如果未来发布的GlassFish我突破code,这个功能将是为了找出如何解决它开始的好地方。
I got the information on how to add roles from the source code of sun.appserv.security.AppservPasswordLoginModulemit() of GlassFish. If a future GlassFish release breaks my code, this function would be a good place to start in order to find out how to fix it.
更多推荐
编程认证之后添加角色
发布评论