英文:
Wildfly: authorization fails after server restart
问题
我首先进行所需的设置(如下所述)。一切工作正常,但当我重新启动 `standalone.sh` 并执行一个SOAP请求时,我只收到以下响应:
<html>
<head>
<title>错误</title>
</head>
<body>未经授权</body>
</html>
在带有 `standalone.sh` 的终端中,我收到以下消息:
ERROR [org.jboss.security](default task-1)PBOX00261:无法加载用户/密码/角色文件:java.io.IOException:PBOX00072:找不到属性文件 users.properties/defaultUsers.properties
我应该怎么做才能使授权工作?
# 设置 #
这是我为设置一切所做的:
1. 我运行 `mvn archetype:generate` 并从 `org.wildfly.archetype:wildfly-javaee7-webapp-ear-blank-archetype` 原型创建项目
groupId:pl.edu.agh.soa
artifactId:lab
2. 我在 `lab/lab-ejb/src/main/java/pl/edu/agh/soa` 中创建一个名为 `Hello.java` 的类:
```java
@Stateless
@WebService
@SecurityDomain("domain1")
@DeclareRoles({"developer"})
@WebContext(
authMethod="BASIC",
transportGuarantee="NONE")
public class Hello {
private List<String> subjects = new ArrayList<>();
private String name;
private String surname;
@WebMethod
@RolesAllowed("developer")
@XmlElementWrapper(name="subjects")
@XmlElement(name="subject")
public List<String>
listSubjects(@WebParam(name="filter") String filter) {
List<String> filtered = new ArrayList<>();
for(String elem : this.subjects) {
if(elem.contains(filter)) {
filtered.add(elem);
}
}
return filtered;
}
@WebMethod
@RolesAllowed("developer")
@WebResult
public String
addSubject(@WebParam(name="subj") String subj) {
this.subjects.add(subj);
return "After add: " + this.subjects.toString();
}
@WebMethod
@RolesAllowed("developer")
@WebResult
public String
editName(String name) {
String before = this.name;
this.name = name;
return "Before: " + before;
}
@WebMethod
@RolesAllowed("developer")
@WebResult
public String
editSurname(String surname) {
String before = this.surname;
this.surname = surname;
return "Before: " + before;
}
}
- 我使用 add-user.sh 添加了
user3 - 使用
jboss-cli.sh创建一个新的安全域,我在其中粘贴了以下内容:
/subsystem=security/security-domain=domain1/:add(cache-type=default)
/subsystem=security/security-domain=domain1/authentication=classic:add(login-modules=[{"code"=>"UsersRoles","flag"=>"required","module-options"=>[("usersProperties"=>"users.properties"),("rolesProperties"=>"roles.properties")]}])
- 我在
lab/lab-ejb/src中创建了users.properties和roles.properties文件
<details>
<summary>英文:</summary>
I first do the setup needed (described below). Everything works, but when I restart `standalone.sh` and do a SOAP request I only get this response:
<html>
<head>
<title>Error</title>
</head>
<body>Unauthorized</body>
</html>
And in the terminal with `standalone.sh` I get:
ERROR [org.jboss.security] (default task-1) PBOX00261: Failed to load users/passwords/roles files: java.io.IOException: PBOX00072: Properties file users.properties/defaultUsers.properties not found
What should I do to make the authorization work?
# Setup #
This is what I do to setup everything:
1. I run `mvn archetype:generate` and create the project from `org.wildfly.archetype:wildfly-javaee7-webapp-ear-blank-archetype` archetype
groupId: pl.edu.agh.soa
artifactId: lab
2. I create a class `Hello.java` in `lab/lab-ejb/src/main/java/pl/edu/agh/soa`:
@Stateless
@WebService
@SecurityDomain("domain1")
@DeclareRoles({"developer"})
@WebContext(
authMethod="BASIC",
transportGuarantee="NONE")
public class Hello {
private List<String> subjects = new ArrayList<>();
private String name;
private String surname;
@WebMethod
@RolesAllowed("developer")
@XmlElementWrapper(name="subjects")
@XmlElement(name="subject")
public List<String>
listSubjects(@WebParam(name="filter") String filter) {
List<String> filtered = new ArrayList<>();
for(String elem : this.subjects) {
if(elem.contains(filter)) {
filtered.add(elem);
}
}
return filtered;
}
@WebMethod
@RolesAllowed("developer")
@WebResult
public String
addSubject(@WebParam(name="subj") String subj) {
this.subjects.add(subj);
return "After add: " + this.subjects.toString();
}
@WebMethod
@RolesAllowed("developer")
@WebResult
public String
editName(String name) {
String before = this.name;
this.name = name;
return "Before: " + before;
}
@WebMethod
@RolesAllowed("developer")
@WebResult
public String
editSurname(String surname) {
String before = this.surname;
this.surname = surname;
return "Before: " + before;
}
}
3. I add `user3` with add-user.sh
4. Create a new security domain with `jboss-cli.sh`, there I paste:
`/subsystem=security/security-domain=domain1/:add(cache-type=default)`
`/subsystem=security/security-domain=domain1/authentication=classic:add(login-modules=[{"code"=>"UsersRoles","flag"=>"required","module-options"=>[("usersProperties"=>"users.properties"),("rolesProperties"=>"roles.properties")]}])`
5. I create `users.properties` and `roles.properties` files in `lab/lab-ejb/src`
</details>
# 答案1
**得分**: 0
你可以尝试将 `roles.properties` 和 `users.properties` 放在另一个目录中,例如:`\wildfly-20.0.1.Final\standalone\configuration` 或者 `src/main/resources`
[查阅安全文档][1]
[1]: https://docs.wildfly.org/20/Admin_Guide.html#Security_Realms
<details>
<summary>英文:</summary>
You can try to put the `roles.properties` and `users.properties` in another directory e.g. : `\wildfly-20.0.1.Final\standalone\configuration` or `src/main/resources`
[check the security documentation][1]
[1]: https://docs.wildfly.org/20/Admin_Guide.html#Security_Realms
</details>
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论