javax.security.auth.login.LoginException: Sicherheitsausnahme
Ich versuche, containergesteuerte Sicherheit mit GlassFish v3.1.2 und JSF 2.1 sowie primeFaces 3.4.2 einzurichten
Der Wert HexValue und die Datenbank stimmen überein, erhalten jedoch die folgende Ausnahme
Ich habe versucht Base64 Encoder aber das gleiche Ergebnis. Der berechnete Wert und das Passwort sind in Ordnung, etwas anderes habe ich verpasst. Gibt es eine andere Einstellung, die ich verpasse, insbesondere in der Datei glassfish oder login.xhtml?
Benutzername: admin1 Passwort: admin
mit folgenden SHAConverter.java
Used org.apache.commons.codec.digest.DigestUtils; for calculating HEX
final MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
final byte bin[] = messageDigest.digest((value.getBytes("UTF-8")));
final String hash = DigestUtils.sha256Hex(bin);
System.out.println("hex : " + hash);
<pre><code> FINE: [Web-Security] Setting Policy Context ID: old = null ctxID = PrimeJSF-EJB-JPA-2/PrimeJSF-EJB-JPA-2
FINE: [Web-Security] hasUserDataPermission perm: ("javax.security.jacc.WebUserDataPermission" "/Login.xhtml" "POST")
FINE: [Web-Security] hasUserDataPermission isGranted: true
INFO: VALUE ------------- admin
INFO: hex : dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO: request.isRequestedSessionIdValid() true
INFO: user : admin1 >> dd474e450473186ec733689b549a94a54a96f276dba76b29138c57b6afe15bf7
INFO: false
FINEST: Processing login with credentials of type: class com.sun.enterprise.security.auth.login.common.PasswordCredential
FINE: Logging in user [admin1] into realm: myRealm using JAAS module: jdbcRealm
FINE: Login module initialized: class com.sun.enterprise.security.auth.login.JDBCLoginModule
FINE: JAAS authentication aborted.
FINEST: doPasswordLogin fails
javax.security.auth.login.LoginException: Security Exception
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:870)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:382)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:240)
at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:153)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:514)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:455)
at org.apache.catalina.connector.Request.login(Request.java:1938)
at org.apache.catalina.connector.Request.login(Request.java:1901)
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
at javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
Caused by: java.lang.SecurityException
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:871)
... 64 more
WARNING: WEB9102: Web Login Failed: com.sun.enterprise.security.auth.login.common.LoginException: Login failed: Security Exception
SEVERE: IOException, Login Controller: The username or password you provided does not match our records.
SEVERE: javax.servlet.ServletException: Exception thrown while attempting to authenticate for user: admin1
at org.apache.catalina.connector.Request.login(Request.java:1970)
at org.apache.catalina.connector.Request.login(Request.java:1901)
at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
at javax.faces.component.UICommand.broadcast(UICommand.java:300)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1
at org.apache.catalina.connector.Request.login(Request.java:1941)
... 52 more
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1970)
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1901)
SEVERE: at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1146)
SEVERE: at com.nz.simplecrud.controller.LoginController.login(LoginController.java:83)
SEVERE: at com.nz.simplecrud.controller.LoginController$Proxy$_$$_WeldClientProxy.login(LoginController$Proxy$_$$_WeldClientProxy.java)
SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
SEVERE: at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
SEVERE: at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
SEVERE: at java.lang.reflect.Method.invoke(Method.java:601)
SEVERE: at com.sun.el.parser.AstValue.invoke(AstValue.java:254)
SEVERE: at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:302)
SEVERE: at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
SEVERE: at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
SEVERE: at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
SEVERE: at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
SEVERE: at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
SEVERE: at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:769)
SEVERE: at javax.faces.component.UICommand.broadcast(UICommand.java:300)
SEVERE: at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
SEVERE: at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
SEVERE: at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
SEVERE: at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
SEVERE: at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
SEVERE: at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
SEVERE: at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
SEVERE: at com.nz.simplecrud.filter.LoginPageFilter.doFilter(LoginPageFilter.java:32)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
SEVERE: at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
SEVERE: at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
SEVERE: at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
SEVERE: at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
SEVERE: at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
SEVERE: at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
SEVERE: at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
SEVERE: at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
SEVERE: at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
SEVERE: at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
SEVERE: at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
SEVERE: at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
SEVERE: at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
SEVERE: at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
SEVERE: at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
SEVERE: at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
SEVERE: at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
SEVERE: at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
SEVERE: at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
SEVERE: at java.lang.Thread.run(Thread.java:722)
SEVERE: Caused by: javax.servlet.ServletException: Failed login while attempting to authenticate user: admin1
SEVERE: at org.apache.catalina.connector.Request.login(Request.java:1941)
SEVERE: ... 52 more
</code></pre>
Hier sind die Glassfish-Realm-Einstellungen
Configuration Name: server-config
Realm Name: myRealm
Class Name: com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm
JAAS Context: jdbcRealm
JNDI: jdbc/myDatasource
User Table: user_role_view
User Name Column: username
Password Column: password
Group Table: user_role_view
Group Table User Name Column:---
Group Name Column: rolename
Assign Groups:---
Database User:---
Database Password:---
Digest Algorithm: SHA-256
Password Encryption Algorithm:---
Encoding:Hex
Charset:UTF-8
Mein login.xhtml
<ui:define name="content">
<h:form styleClass="loginPanelStyle">
<p:growl id="msgs" showDetail="true" sticky="false" />
<p:panelGrid columns="2">
<f:facet name="header">
Login Panel
</f:facet>
<h:outputText value="Username : "></h:outputText>
<p:inputText id="username" value="#{loginController.username}" required="true" requiredMessage="Please Enter Username!">
<f:validateLength minimum="1" />
</p:inputText>
<h:outputText value="Password : "></h:outputText>
<p:password id="password" value="#{loginController.password}" required="true" requiredMessage="Please Enter password!">
<f:validateLength minimum="1" />
<f:converter converterId="com.nz.util.SHAConverter"></f:converter>
</p:password>
<f:facet name="footer">
<p:commandButton value="Submit" update="msgs" actionListener="#{loginController.login}" type="submit" icon="ui-icon-check" style="margin:0"></p:commandButton>
</f:facet>
</p:panelGrid>
Meine web.xml
<security-constraint>
<display-name>Administrator</display-name>
<web-resource-collection>
<web-resource-name>Admin Area</web-resource-name>
<description/>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Administrator</description>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>Manager</display-name>
<web-resource-collection>
<web-resource-name>Manager Area</web-resource-name>
<description/>
<url-pattern>/manager/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Manager</description>
<role-name>Manager</role-name>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>User</display-name>
<web-resource-collection>
<web-resource-name>User Operations</web-resource-name>
<description/>
<url-pattern>/user/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>User</description>
<role-name>Manager</role-name>
<role-name>Administrator</role-name>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>myRealm</realm-name>
<form-login-config>
<form-login-page>/Login.xhtml</form-login-page>
<form-error-page>/Login.xhtml</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>Administrator</role-name>
</security-role>
<security-role>
<role-name>Manager</role-name>
</security-role>
<security-role>
<role-name>User</role-name>
</security-role>
meine glassfish-web.xml
<security-role-mapping>
<role-name>Administrator</role-name>
<group-name>Administrators</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>Manager</role-name>
<group-name>Managers</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
Ich habe dieses Post-Formular verwendet, aber dieser hatte eine Berechnungsfehlanpassung, aber mein Problem scheint etwas anderes zu sein als die Berechnung