野飞:服务器重启后授权失败

huangapple go评论94阅读模式
英文:

Wildfly: authorization fails after server restart

问题

我首先进行所需的设置(如下所述)。一切工作正常,但当我重新启动 `standalone.sh` 并执行一个SOAP请求时,我只收到以下响应:

    <html>
       <head>
          <title>错误</title>
       </head>
       <body>未经授权</body>
    </html>

在带有 `standalone.sh` 的终端中,我收到以下消息:

    ERROR [org.jboss.security](default task-1)PBOX00261:无法加载用户/密码/角色文件:java.io.IOException:PBOX00072:找不到属性文件 users.properties/defaultUsers.properties

我应该怎么做才能使授权工作?

# 设置 #
这是我为设置一切所做的:
1. 我运行 `mvn archetype:generate` 并从 `org.wildfly.archetype:wildfly-javaee7-webapp-ear-blank-archetype` 原型创建项目

groupId:pl.edu.agh.soa

artifactId:lab

2. 我在 `lab/lab-ejb/src/main/java/pl/edu/agh/soa` 中创建一个名为 `Hello.java` 的类:

```java
@Stateless
@WebService
@SecurityDomain("domain1")
@DeclareRoles({"developer"})
@WebContext(
   authMethod="BASIC",
   transportGuarantee="NONE")
public class Hello {

    private List<String> subjects = new ArrayList<>();
    private String name;
    private String surname;

    @WebMethod
    @RolesAllowed("developer")
    @XmlElementWrapper(name="subjects")
    @XmlElement(name="subject")
    public List<String>
    listSubjects(@WebParam(name="filter") String filter) {
        List<String> filtered = new ArrayList<>();
        for(String elem : this.subjects) {
            if(elem.contains(filter)) {
                filtered.add(elem);
            }
        }
        return filtered;
    }

    @WebMethod
    @RolesAllowed("developer")
    @WebResult
    public String
    addSubject(@WebParam(name="subj") String subj) {
        this.subjects.add(subj);
        return "After add: " + this.subjects.toString();
    }

    @WebMethod
    @RolesAllowed("developer")
    @WebResult
    public String
    editName(String name) {
        String before = this.name;
        this.name = name;
        
        return "Before: " + before;
    }

    @WebMethod
    @RolesAllowed("developer")
    @WebResult
    public String
    editSurname(String surname) {
        String before = this.surname;
        this.surname = surname;
        
        return "Before: " + before;
    }
}
  1. 我使用 add-user.sh 添加了 user3
  2. 使用 jboss-cli.sh 创建一个新的安全域,我在其中粘贴了以下内容:

/subsystem=security/security-domain=domain1/:add(cache-type=default)

/subsystem=security/security-domain=domain1/authentication=classic:add(login-modules=[{"code"=>"UsersRoles","flag"=>"required","module-options"=>[("usersProperties"=>"users.properties"),("rolesProperties"=>"roles.properties")]}])

  1. 我在 lab/lab-ejb/src 中创建了 users.propertiesroles.properties 文件

<details>
<summary>英文:</summary>

I first do the setup needed (described below). Everything works, but when I restart `standalone.sh` and do a SOAP request I only get this response:

    &lt;html&gt;
       &lt;head&gt;
          &lt;title&gt;Error&lt;/title&gt;
       &lt;/head&gt;
       &lt;body&gt;Unauthorized&lt;/body&gt;
    &lt;/html&gt;

And in the terminal with `standalone.sh` I get:

    ERROR [org.jboss.security] (default task-1) PBOX00261: Failed to load users/passwords/roles files: java.io.IOException: PBOX00072: Properties file users.properties/defaultUsers.properties not found

What should I do to make the authorization work?

# Setup #
This is what I do to setup everything:
1. I run `mvn archetype:generate` and create the project from `org.wildfly.archetype:wildfly-javaee7-webapp-ear-blank-archetype` archetype

groupId: pl.edu.agh.soa

artifactId: lab

2. I create a class `Hello.java` in `lab/lab-ejb/src/main/java/pl/edu/agh/soa`:

@Stateless
@WebService
@SecurityDomain("domain1")
@DeclareRoles({"developer"})
@WebContext(
authMethod="BASIC",
transportGuarantee="NONE")
public class Hello {

private List&lt;String&gt; subjects = new ArrayList&lt;&gt;();
private String name;
private String surname;

@WebMethod
@RolesAllowed(&quot;developer&quot;)
@XmlElementWrapper(name=&quot;subjects&quot;)
@XmlElement(name=&quot;subject&quot;)
public List&lt;String&gt;
listSubjects(@WebParam(name=&quot;filter&quot;) String filter) {
    List&lt;String&gt; filtered = new ArrayList&lt;&gt;();
    for(String elem : this.subjects) {
        if(elem.contains(filter)) {
            filtered.add(elem);
        }
    }
    return filtered;
}

@WebMethod
@RolesAllowed(&quot;developer&quot;)
@WebResult
public String
addSubject(@WebParam(name=&quot;subj&quot;) String subj) {
    this.subjects.add(subj);
    return &quot;After add: &quot; + this.subjects.toString();
}

@WebMethod
@RolesAllowed(&quot;developer&quot;)
@WebResult
public String
editName(String name) {
    String before = this.name;
    this.name = name;
    
    return &quot;Before: &quot; + before;
}

@WebMethod
@RolesAllowed(&quot;developer&quot;)
@WebResult
public String
editSurname(String surname) {
    String before = this.surname;
    this.surname = surname;
    
    return &quot;Before: &quot; + before;
}

}


3. I add `user3` with add-user.sh
4. Create a new security domain with `jboss-cli.sh`, there I paste:

`/subsystem=security/security-domain=domain1/:add(cache-type=default)`

`/subsystem=security/security-domain=domain1/authentication=classic:add(login-modules=[{&quot;code&quot;=&gt;&quot;UsersRoles&quot;,&quot;flag&quot;=&gt;&quot;required&quot;,&quot;module-options&quot;=&gt;[(&quot;usersProperties&quot;=&gt;&quot;users.properties&quot;),(&quot;rolesProperties&quot;=&gt;&quot;roles.properties&quot;)]}])`

5. I create `users.properties` and `roles.properties` files in `lab/lab-ejb/src`

</details>


# 答案1
**得分**: 0

你可以尝试将 `roles.properties` 和 `users.properties` 放在另一个目录中,例如:`\wildfly-20.0.1.Final\standalone\configuration` 或者 `src/main/resources`

[查阅安全文档][1]

  [1]: https://docs.wildfly.org/20/Admin_Guide.html#Security_Realms

<details>
<summary>英文:</summary>

You can try to put the `roles.properties` and `users.properties` in another directory e.g. : `\wildfly-20.0.1.Final\standalone\configuration` or `src/main/resources`


[check the security documentation][1] 


  [1]: https://docs.wildfly.org/20/Admin_Guide.html#Security_Realms

</details>



huangapple
  • 本文由 发表于 2020年8月18日 16:07:04
  • 转载请务必保留本文链接:https://go.coder-hub.com/63464372.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定