javax.security.auth.login.LoginException: исключение безопасности
Я пытаюсь настроить управляемую контейнером безопасность с помощью GlassFish v3.1.2 и JSF 2.1 и primeFaces 3.4.2
Значение HexValue и база данных совпадают, но получают следующее исключение
Я пробовал кодировщик Base64, но тот же результат. Расчетное значение и пароль в порядке, что-то еще, что я пропустил ... есть ли другие настройки, которые я пропускаю esp в файле glassfish или login.xhtml
имя пользователя: admin1 pass: admin
используя следующий SHAConverter.java
Used org.apache.commons.codec.digest.DigestUtils; for calculating HEX
final MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
final byte bin[] = messageDigest.digest((value.getBytes("UTF-8")));
final String hash = DigestUtils.sha256Hex(bin);
System.out.println("hex : " + hash);
<pre><code> FINE: [Web-Security] Setting Policy Context ID: old = null ctxID = PrimeJSF-EJB-JPA-2/PrimeJSF-EJB-JPA-2
FINE: [Web-Security] hasUserDataPermission perm: ("javax.security.jacc.WebUserDataPermission" "/Login.xhtml" "POST")
FINE: [Web-Security] hasUserDataPermission isGranted: true
INFO: VALUE ------------- admin
INFO: hex : dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO: request.isRequestedSessionIdValid() true
INFO: user : admin1 >> dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO: false
FINEST: Processing login with credentials of type: class com.sun.enterprise.security.auth.login.common.PasswordCredential
FINE: Logging in user [admin1] into realm: myRealm using JAAS module: jdbcRealm
FINE: Login module initialized: class com.sun.enterprise.security.auth.login.JDBCLoginModule
FINE: JAAS authentication aborted.
FINEST: doPasswordLogin fails
javax.security.auth.login.LoginException: Security Exception
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:870)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:382)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:240)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:153)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:514)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:455)
at org.apache.catalina.connector.Request.login(Request.java:1938)
at org.apache.catalina.connector.Request.login(Request.java:1901)
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
at javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
Caused by: java.lang.SecurityException
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:871)
... 64 more
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
SEVERE: IOException, Login Controller: The username or password you provided does not match our records.
SEVERE: javax.servlet.ServletException: Exception thrown while attempting to authenticate for user: admin1
at org.apache.catalina.connector.Request.login(Request.java:1970)
at org.apache.catalina.connector.Request.login(Request.java:1901)
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
at javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1
at org.apache.catalina.connector.Request.login(Request.java:1941)
... 52 more
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1970)
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1901)
SEVERE: at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
SEVERE: at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
SEVERE: at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
SEVERE: at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
SEVERE: at java.lang.reflect.Method.invoke(Method.java:601)
SEVERE: at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
SEVERE: at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
SEVERE: at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
SEVERE: at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
SEVERE: at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
SEVERE: at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
SEVERE: at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
SEVERE: at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
SEVERE: at javax.faces.component.UICommand.broadcast(UICommand.java:300)
SEVERE: at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
SEVERE: at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
SEVERE: at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
SEVERE: at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
SEVERE: at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
SEVERE: at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
SEVERE: at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
SEVERE: at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
SEVERE: at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
SEVERE: at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
SEVERE: at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
SEVERE: at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
SEVERE: at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
SEVERE: at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
SEVERE: at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
SEVERE: at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
SEVERE: at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
SEVERE: at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
SEVERE: at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
SEVERE: at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
SEVERE: at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
SEVERE: at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
SEVERE: at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
SEVERE: at java.lang.Thread.run(Thread.java:722)
SEVERE: Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1941)
SEVERE: ... 52 more
</code></pre>
Вот настройки Glassfish
Configuration Name: server-config
Realm Name: myRealm
Class Name: com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm
JAAS Context: jdbcRealm
JNDI: jdbc/myDatasource
User Table: user_role_view
User Name Column: username
Password Column: password
Group Table: user_role_view
Group Table User Name Column:---
Group Name Column: rolename
Assign Groups:---
Database User:---
Database Password:---
Digest Algorithm: SHA-256
Password Encryption Algorithm:---
Encoding:Hex
Charset:UTF-8
Мой логин.xhtml
Login Panel
Мой web.xml
Administrator
Admin Area
/admin/*
Administrator
Administrator
Manager
Manager Area
/manager/*
Manager
Manager
Administrator
User
User Operations
/user/*
User
Manager
Administrator
User
FORM
myRealm
/Login.xhtml
/Login.xhtml
Administrator
Manager
User
мой glassfish-web.xml
Administrator
Administrators
Manager
Managers
User
Users
Я использовал эту форму сообщения, но у этого был несоответствие расчета, но моя проблема, кажется, что-то другое, чем вычисление