问题描述
我有以下JSF 2.1的登录表单,在Glassfish的3.1运行
I have the following JSF 2.1 login form, running in Glassfish 3.1
<h:form id="loginForm">
<h:panelGrid columns="2" cellspacing="5">
<h:outputText value="Username" />
<h:inputText value="#{loginHandler.username}" />
<h:outputText value="Password:" />
<h:inputText value="#{loginHandler.password}" />
<h:outputLabel value="" />
<h:commandButton value="Login" action="#{loginHandler.login}" />
</h:panelGrid>
</h:form>
和下面的支持Bean。
And the following backing bean.
public String login() throws IOException, LoginException {
log.debug("Trying to login with username " + username);
HttpSession session = getRequest().getSession(true);
try {
getRequest().login(username, password);
// if OK, add Roles
????????
...................
} catch (ServletException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
log.debug("USER principal === " + getRequest().getUserPrincipal());
return "home";
}
现在的问题是,我怎么能成功登录后编程方式添加角色到UserPrincipal?
The question is, how can I add roles programmatically to the UserPrincipal after successful login?
更新1:我就先通过以下code,但主题的主题== NULL
Update 1: I tried to get the Subject by using the following code but subject == null.
Subject thisSubject = Subject.getSubject(AccessController
.getContext());
谢谢,
科恩
Thanks,Coen
推荐答案
我想出了以下解决方案登录后以编程方式添加角色,其工作方式,至少在GlassFish 3.1.2版本23。
I came up with the following solution to add roles programmatically after login, which works at least on GlassFish 3.1.2 build 23.
import com.sun.enterprise.security.SecurityContext;
import com.sun.enterprise.security.web.integration.PrincipalGroupFactory;
import java.security.Principal;
import java.util.Set;
import javax.security.auth.Subject;
import org.glassfish.security.common.Group;
public class GlassFishUtils {
public static void addGroupToCurrentUser(String groupName, String realmName) {
Subject subject = SecurityContext.getCurrent().getSubject();
Set<Principal> principals = subject.getPrincipals();
Group group = PrincipalGroupFactory.getGroupInstance(groupName, realmName);
if (!principals.contains(group))
principals.add(group);
}
}
您将需要添加 security.jar
和共util.jar
从GlassFish在您的项目库。
You will need to add security.jar
and common-util.jar
from GlassFish to your project libraries.
和不要忘了创建一个&LT;安全角色的方式&gt;
在web.xml您要添加的角色栏目
And don't forget to create a <security-role>
section in your web.xml for the roles you wish to add.
请注意,我用它不似乎是一个稳定的公布API的一部分功能,所以没有保证,这将保持在GlassFish中的未来版本中工作。
Note that I am using functionality which does not appear to be part of a published stable API, so there is no guarantee that this will keep working in future releases of GlassFish.
我如何从来源$ C $ C的GlassFish sun.appserv.security.AppservPasswordLoginModule.commit()
添加角色的信息。
如果未来发布的GlassFish我突破code,这个功能将是为了找出如何解决它开始的好地方。
I got the information on how to add roles from the source code of sun.appserv.security.AppservPasswordLoginModule.commit()
of GlassFish.If a future GlassFish release breaks my code, this function would be a good place to start in order to find out how to fix it.
这篇关于编程认证之后添加角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!