1
私は、Wildfly 10コンテナのプロジェクトでデータベースログインモジュールを使用しようとしています。wildfly 10データベースログインモジュール
私はこのチュートリアル続いている:https://www.examsmyantra.com/article/119/javaee/form-based-login-authentication-in-javaee7-with-wildfly-and-mysql
そして、それはちょっと働いていますが。
私はEJBモジュールとWebモジュール(戦争)を持つEARプロジェクトを持っています。戦争にはリモート参照を使用してアクセスするEJBは含まれていません。
私はWARの限られた部分にアクセスすると、私は正しくログインフォーム()に送信します。
私がログインすると、制限された部分が見えます。
私は自分のユーザーであるservetにログインして、特定の役割を持っているかどうかを確認しても機能します。 サーブレットコード:
final String username = request.getUserPrincipal().getName();
logger.info("Current username acourding to the WEB: {}", request.getUserPrincipal().getName());
logger.info("User has Role user acourding to the WEB: {}", request.isUserInRole("user"));
logger.info("User has Role admin acourding to the WEB: {}", request.isUserInRole("admin"));
ログイン:
INFO [com.example.web.servlet.DatasetServlet] (default task-5) Current username acourding to the WEB: user
INFO [com.example.web.servlet.DatasetServlet] (default task-5) User has Role user acourding to the WEB: true
INFO [com.example.web.servlet.DatasetServlet] (default task-5) User has Role admin acourding to the WEB: true
INFO [com.example.business.remote.DatasetEJB] (default task-5) Get active dataset for the user: user
が、私はこのようなEJB Beanを入力したとき:
final String dataset = remote.getActiveDataset(); // this is still the servlet (WAR)
EJB:
final String username = this.ejbContext.getCallerPrincipal().getName();
logger.info("Get active dataset for the user: " + username);
logger.info("User has role 'user' {}", this.ejbContext.isCallerInRole("user"));
logger.info("User has role 'admin' {}", this.ejbContext.isCallerInRole("admin"));
私が取得:
をException caught: javax.naming.NameNotFoundException: policyRegistration -- service jboss.naming.context.java.policyRegistration
PBOX00326: isCallerInRole processing failed: java.lang.IllegalStateException: PBOX00071: Failed to instantiate interface org.jboss.security.authorization.AuthorizationModule class
Exception:=PBOX00071: Failed to instantiate interface org.jboss.security.authorization.AuthorizationModule
完全なログは、この例を示します
TRACE [org.jboss.security] (default task-5) PBOX00354: Setting security roles ThreadLocal: {}
INFO [com.example.business.remote.DatasetEJB] (default task-5) Get active dataset for the user: user
TRACE [org.jboss.security] (default task-5) PBOX00354: Setting security roles ThreadLocal: {}
2016-09-16 22:53:52,724 DEBUG [org.jboss.security] (default task-5) PBOX00293: Exception caught: javax.naming.NameNotFoundException: policyRegistration -- service jboss.naming.context.java.policyRegistration
at org.jboss.as.naming.ServiceBasedNamingStore.lookup(ServiceBasedNamingStore.java:106)
at org.jboss.as.naming.NamingContext.lookup(NamingContext.java:207)
at org.jboss.as.naming.InitialContext$DefaultInitialContext.lookup(InitialContext.java:235)
at org.jboss.as.naming.NamingContext.lookup(NamingContext.java:193)
at org.jboss.as.naming.NamingContext.lookup(NamingContext.java:189)
at javax.naming.InitialContext.lookup(InitialContext.java:417)
at javax.naming.InitialContext.lookup(InitialContext.java:417)
at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.getPolicyRegistrationFromJNDI(EJBAuthorizationHelper.java:353)
at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.isCallerInRole(EJBAuthorizationHelper.java:170)
at org.jboss.as.security.service.SimpleSecurityManager.isCallerInRole(SimpleSecurityManager.java:229)
at org.jboss.as.ejb3.component.EJBComponent.isCallerInRole(EJBComponent.java:400)
at org.jboss.as.ejb3.context.EJBContextImpl.isCallerInRole(EJBContextImpl.java:115)
at com.example.business.remote.DatasetEJB.getActiveDataset(DatasetEJB.java:225)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
...
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
2016-09-16 22:53:52,727 DEBUG [org.jboss.security] (default task-5) PBOX00282: Failed to instantiate class Database: java.lang.ClassNotFoundException: Database from [Module "deployment.ear.ear.business-ejb-assignment-SNAPSHOT.jar:main" from Service Module Loader]
at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:198)
at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:363)
at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:351)
at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:93)
at org.jboss.security.plugins.authorization.JBossAuthorizationContext.instantiateModule(JBossAuthorizationContext.java:326)
at org.jboss.security.plugins.authorization.JBossAuthorizationContext.initializeModules(JBossAuthorizationContext.java:205)
at org.jboss.security.plugins.authorization.JBossAuthorizationContext.authorize(JBossAuthorizationContext.java:141)
at org.jboss.security.plugins.JBossAuthorizationManager.internalAuthorization(JBossAuthorizationManager.java:438)
at org.jboss.security.plugins.JBossAuthorizationManager.authorize(JBossAuthorizationManager.java:115)
at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.isCallerInRole(EJBAuthorizationHelper.java:187)
at org.jboss.as.security.service.SimpleSecurityManager.isCallerInRole(SimpleSecurityManager.java:229)
at org.jboss.as.ejb3.component.EJBComponent.isCallerInRole(EJBComponent.java:400)
at org.jboss.as.ejb3.context.EJBContextImpl.isCallerInRole(EJBContextImpl.java:115)
at com.example.business.remote.DatasetEJB.getActiveDataset(DatasetEJB.java:225)
...
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
2016-09-16 22:53:52,728 DEBUG [org.jboss.security] (default task-5) PBOX00326: isCallerInRole processing failed: java.lang.IllegalStateException: PBOX00071: Failed to instantiate interface org.jboss.security.authorization.AuthorizationModule class
at org.jboss.security.plugins.authorization.JBossAuthorizationContext.instantiateModule(JBossAuthorizationContext.java:336)
at org.jboss.security.plugins.authorization.JBossAuthorizationContext.initializeModules(JBossAuthorizationContext.java:205)
at org.jboss.security.plugins.authorization.JBossAuthorizationContext.authorize(JBossAuthorizationContext.java:141)
at org.jboss.security.plugins.JBossAuthorizationManager.internalAuthorization(JBossAuthorizationManager.java:438)
at org.jboss.security.plugins.JBossAuthorizationManager.authorize(JBossAuthorizationManager.java:115)
at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.isCallerInRole(EJBAuthorizationHelper.java:187)
at org.jboss.as.security.service.SimpleSecurityManager.isCallerInRole(SimpleSecurityManager.java:229)
at org.jboss.as.ejb3.component.EJBComponent.isCallerInRole(EJBComponent.java:400)
at org.jboss.as.ejb3.context.EJBContextImpl.isCallerInRole(EJBContextImpl.java:115)
at com.example.business.remote.DatasetEJB.getActiveDataset(DatasetEJB.java:225)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
...
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
TRACE [org.jboss.security.audit] (default task-5) [Error]Resource:=[org.jboss.security.authorization.resources.EJBResource:contextMap={roleRefPermissionCheck=true, roleName=user, policyRegistration=null}:method=null:ejbMethodInterface=null:ejbName=DatasetEJB:ejbPrincipal=org.w[email protected]36ebcb:MethodRoles=null:securityRoleReferences=[]:callerSubject=Subject:
Principal: user
Principal: Roles(members:user,admin)
Principal: CallerPrincipal(members:user)
:callerRunAs=null:callerRunAs=null:ejbRestrictionEnforcement=false:ejbVersion=2.0];Action=authorization;roleRefPermissionCheck=true;Exception:=PBOX00071: Failed to instantiate interface org.jboss.security.authorization.AuthorizationModule class;roleName=user;Source=org.jboss.security.plugins.javaee.EJBAuthorizationHelper;policyRegistration=null;
TRACE [org.jboss.security] (default task-5) PBOX00354: Setting security roles ThreadLocal: {}
INFO [com.example.business.remote.DatasetEJB] (default task-5) User has role 'user' false
そして私はなぜ理解していません。
セキュリティドメインが正しく構成されていると思います。そうしなければ、戦争が起こらないからです。だから、EJBに欠けている設定と何か関係があるはずです。
いくつかの追加情報:standalone.xmlで
私はこれらの設定を持っている:
<subsystem xmlns="urn:jboss:domain:ejb3:4.0">
...
<default-security-domain value="jdbcejbrick"/>
<default-missing-method-permissions-deny-access value="false"/>
<log-system-exceptions value="true"/>
</subsystem>
そして
<security-domain name="jdbcejbrick" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/poc-ejb-alg"/>
<module-option name="rolesQuery" value="SELECT a.NAME, 'Roles' FROM AUTHORIZATIONS a LEFT JOIN AUTHORIZATION_USER au on au.AUTHORIZATION_ID = a.ID LEFT JOIN AUTHORIZATION_USER_GROUP aug on aug.AUTHORIZATION_ID = a.ID LEFT JOIN USER_GROUPS ug on aug.GROUP_ID = ug.ID LEFT JOIN USER_USER_GROUP uug on ug.ID = uug.GROUP_ID LEFT JOIN USERS u on (au.USER_ID = u.ID) or (uug.USER_ID = u.ID) WHERE u.NAME=?"/>
<module-option name="principalsQuery" value="select PASSWORD from USERS where NAME=?"/>
</login-module>
</authentication>
<authorization>
<policy-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/poc-ejb-alg"/>
<module-option name="rolesQuery" value="SELECT a.NAME, 'Roles' FROM AUTHORIZATIONS a LEFT JOIN AUTHORIZATION_USER au on au.AUTHORIZATION_ID = a.ID LEFT JOIN AUTHORIZATION_USER_GROUP aug on aug.AUTHORIZATION_ID = a.ID LEFT JOIN USER_GROUPS ug on aug.GROUP_ID = ug.ID LEFT JOIN USER_USER_GROUP uug on ug.ID = uug.GROUP_ID LEFT JOIN USERS u on (au.USER_ID = u.ID) or (uug.USER_ID = u.ID) WHERE u.NAME=?"/>
<module-option name="principalsQuery" value="select PASSWORD from USERS where NAME=?"/>
</policy-module>
</authorization>
</security-domain>
私は/メインのsrc /にあるjboss-ejb3.xmlを持っていますEJBのリソース/ META-INF
<?xml version="1.0"?>
<jboss:ejb-jar xmlns:jboss="http://www.jboss.com/xml/ns/javaee" xmlns:sec="urn:security" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-2_0.xsd
http://java.sun.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-spec-2_0.xsd
urn:security urn:security"
version="3.1" impl-version="2.0">
<assembly-descriptor>
<sec:security>
<ejb-name>*</ejb-name>
<sec:security-domain>jdbcejbrick</sec:security-domain>
</sec:security>
</assembly-descriptor>
</jboss:ejb-jar>
<?xml version="1.0" encoding="UTF-8"?>
<ejb-jar>
<assembly-descriptor>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</assembly-descriptor>
</ejb-jar>
私は本当の近くのだということを感じているのはsrc /メイン/リソース/ META-INFのejb-jar.xmlのを持っているので助けてください。 S を、私は、ユーザー名がEJB
とエラーですでに大丈夫だったので、それは政策の問題だったことに気づき、問題を説明しながら、「クラスのデータベースをインスタンス化に失敗しました:私はここにダッキングラバーたオーケー
警告/エラーメッセージが価値があると思われる場合は、これについてJiraを作成してください。 – ehsavoie