istruzioni veloci per l'uso:
1) tabelle su database (schema ultra semplificato non consigliabile in produzione - usare 3 tabelle - utenti [id, username, pwd], ruoli[id, ruolo], utenti_ruoli[id, id_utente, id_ruolo]):
CREATE TABLE IF NOT EXISTS `user_auth` (
`USERNAME` varchar(100) NOT NULL DEFAULT '',
`PASSWORD` varchar(100) DEFAULT NULL,
`EMAIL` varchar(200) CHARACTER SET latin1 NOT NULL,
PRIMARY KEY (`USERNAME`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `user_role` (
`ID` int(11) NOT NULL AUTO_INCREMENT,
`ROLE_NAME` varchar(100) DEFAULT NULL,
`USERNAME` varchar(100) DEFAULT NULL,
PRIMARY KEY (`ID`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=122 ;
2) inserire dei dati di prova (utente fiorenzino con pwd '12345678' e ruolo admin):
INSERT INTO `user_auth` (`USERNAME`, `PASSWORD`, `EMAIL`) VALUES
('fiorenzino', 'JdVa0oOqQAr0ZMdtcTwHrQ==', 'fiorenzino@gmail.com');
INSERT INTO `user_role` (`ROLE_NAME`, `USERNAME`) VALUES
('admin', 'fiorenzino');
3) creare un datasource nel file standalone.xml (si presume che ci sia già un modulo con i driver mysql):
<subsystem xmlns="urn:jboss:domain:datasources:1.0">
<datasources>
<datasource jndi-name="java:jboss/datasources/GiavaByDS" pool-name="GiavaByDS_Pool" enabled="true" jta="true" use-java-context="true" use-ccm="true">
<connection-url>
jdbc:mysql://localhost:3306/bygiava
</connection-url>
<driver-class>
com.mysql.jdbc.Driver
</driver-class>
<driver>
mysql
</driver>
<pool>
<min-pool-size>
2
</min-pool-size>
<max-pool-size>
30
</max-pool-size>
<prefill>
true
</prefill>
<use-strict-min>
false
</use-strict-min>
<flush-strategy>
FailingConnectionOnly
</flush-strategy>
</pool>
<security>
<user-name>
bygiava
</user-name>
<password>
bygiava
</password>
</security>
<validation>
<validate-on-match>
false
</validate-on-match>
<background-validation>
false
</background-validation>
<use-fast-fail>
false
</use-fast-fail>
</validation>
<statement>
<prepared-statement-cache-size>
100
</prepared-statement-cache-size>
<share-prepared-statements/>
</statement>
</datasource>
<drivers>
<driver name="mysql" module="com.mysql"/>
</drivers>
</datasources>
</subsystem>
<datasources>
<datasource jndi-name="java:jboss/datasources/GiavaByDS" pool-name="GiavaByDS_Pool" enabled="true" jta="true" use-java-context="true" use-ccm="true">
<connection-url>
jdbc:mysql://localhost:3306/bygiava
</connection-url>
<driver-class>
com.mysql.jdbc.Driver
</driver-class>
<driver>
mysql
</driver>
<pool>
<min-pool-size>
2
</min-pool-size>
<max-pool-size>
30
</max-pool-size>
<prefill>
true
</prefill>
<use-strict-min>
false
</use-strict-min>
<flush-strategy>
FailingConnectionOnly
</flush-strategy>
</pool>
<security>
<user-name>
bygiava
</user-name>
<password>
bygiava
</password>
</security>
<validation>
<validate-on-match>
false
</validate-on-match>
<background-validation>
false
</background-validation>
<use-fast-fail>
false
</use-fast-fail>
</validation>
<statement>
<prepared-statement-cache-size>
100
</prepared-statement-cache-size>
<share-prepared-statements/>
</statement>
</datasource>
<drivers>
<driver name="mysql" module="com.mysql"/>
</drivers>
</datasources>
</subsystem>
4) creare il dominio di sicurezza che valida username e pwd usando il datasource e carica i ruoli per l'utente loggato (in grassetto le query per verifica username/pwd e caricamento ruoli):
<subsystem xmlns="urn:jboss:domain:security:1.0">
<security-domains>
<security-domain name="giavaby">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/GiavaByDS"/>
<module-option name="principalsQuery" value="select password from user_auth where username=?"/>
<module-option name="rolesQuery" value="SELECT B.ROLE_NAME,'Roles' FROM user_role as B where B.username = ?"/>
<module-option name="hashAlgorithm" value="MD5"/>
<module-option name="hashEncoding" value="BASE64"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
Notare come basta indicare code="Database", piuttosto che indicare la classe org.jboss.security.auth.spi.DatabaseServerLoginModule
5) creare un war con WEB-INF/web.xml contentente:
<security-constraint>
<web-resource-collection>
<web-resource-name>web autentication</web-resource-name>
<description>An example security config </description>
<url-pattern>/private/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Login</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
6) aggiungere il file WEB-INF/jboss-web.xml :
<?xml version='1.0' encoding='UTF-8'?>
<jboss-web>
<security-domain>giavaby</security-domain>
</jboss-web>
7) la pagina di login.jsp manda su pagina html contenente:
<form action="j_security_check" method="post"><br />
<label for="j_username">username:</label><br />
<input type="text" id="j_username" name="j_username" /> <br />
<br />
<br />
<label for="j_password">password:</label><br />
<input type="password" id="j_password" name="j_password" /> <br />
<br />
<input type="submit" value="accedi" />
</form>
<label for="j_username">username:</label><br />
<input type="text" id="j_username" name="j_username" /> <br />
<br />
<br />
<label for="j_password">password:</label><br />
<input type="password" id="j_password" name="j_password" /> <br />
<br />
<input type="submit" value="accedi" />
</form>
8) provate ad accedere ad una risorsa nella cartella private/, verrete indirizzati alla pagina di login.
provare...
Nessun commento:
Posta un commento