==============================================实验环境如下:同一台电脑:localhost操作系统:WindowsXPJavaEE服务器:Glassfish V2JDK:1.6.0_05开发工具:netbean | EclipseEJB netbean工程附件:converter-secure.zipClient 工程附件:SecurityClient.zip===============================================客户端安全策略文件Client.policy如下: grant { permission javax.security.auth.AuthPermission "createLoginContext.HelloClient"; permission javax.security.auth.AuthPermission "modifyPrivateCredentials";}; 客户端安全配置文件Client.config文件如下:default { com.sun.enterprise.security.auth.login.ClientPasswordLoginModule required debug=false;}; HelloClient { madz.vicp.net.PasswordLoginModule required debug=false;}; certificate { com.sun.enterprise.security.auth.login.ClientCertificateLoginModule required debug=false;};服务器端安全配置如下:Security > Realms > file:Username:barryGroup:userPassword:xxxxx如图所示:服务器端domain安全配置文件:如附件login.conf,安全策略文件:server.policy服务器端EJB程序如下:业务接口:Converter.java package converter.secure.ejb; import java.math.BigDecimal;import javax.ejb.Remote; @Remotepublic interface Converter { public BigDecimal dollarToYen(BigDecimal dollars); public BigDecimal yenToEuro(BigDecimal yen);}Bean类:ConverterBean.javapackage converter.secure.ejb; import java.math.BigDecimal;import javax.ejb.*;import java.security.Principal;import javax.annotation.Resource;import javax.ejb.SessionContext;import javax.annotation.security.RolesAllowed;import javax.annotation.security.DeclareRoles; /** * This is the bean class for the ConverterBean enterprise bean. * Created Jan 20, 2006 1:14:27 PM * @author ian */@Stateless@DeclareRoles("BeanUser")public class ConverterBean implements converter.secure.ejb.Converter { @Resource SessionContext ctx; private BigDecimal euroRate = new BigDecimal("0.0071"); private BigDecimal yenRate = new BigDecimal("115.3100"); @RolesAllowed("BeanUser") public BigDecimal dollarToYen(BigDecimal dollars) { BigDecimal result = new BigDecimal("0.0"); Principal callerPrincipal = ctx.getCallerPrincipal(); if (ctx.isCallerInRole("BeanUser")) { result = dollars.multiply(yenRate); return result.setScale(2, BigDecimal.ROUND_UP); } else { return result.setScale(2, BigDecimal.ROUND_UP); } } @RolesAllowed("BeanUser") public BigDecimal yenToEuro(BigDecimal yen) { BigDecimal result = new BigDecimal("0.0"); Principal callerPrincipal = ctx.getCallerPrincipal(); if (ctx.isCallerInRole("BeanUser")) { result = yen.multiply(euroRate); return result.setScale(2, BigDecimal.ROUND_UP); } else { return result.setScale(2, BigDecimal.ROUND_UP); } }}服务器端配置文件:sun-ejb-jar.xml<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE sun-ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 EJB 3.0//EN" "http://www.sun.com/software/appserver/dtds/sun-ejb-jar_3_0-0.dtd"><sun-ejb-jar> <security-role-mapping> <role-name>BeanUser</role-name> <group-name>user</group-name> </security-role-mapping> <enterprise-beans> <unique-id>0</unique-id> <ejb> <ejb-name>ConverterBean</ejb-name> <jndi-name>ConverterBean</jndi-name> <pass-by-reference>false</pass-by-reference> <ior-security-config> <transport-config> <integrity>supported</integrity> <confidentiality>supported</confidentiality> <establish-trust-in-target>supported</establish-trust-in-target> <establish-trust-in-client>supported</establish-trust-in-client> </transport-config> <as-context> <auth-method>username_password</auth-method> <realm>file</realm> <required>true</required> </as-context> <sas-context> <caller-propagation>supported</caller-propagation> </sas-context> </ior-security-config> <is-read-only-bean>false</is-read-only-bean> <refresh-period-in-seconds>-1</refresh-period-in-seconds> <gen-classes/> </ejb> <ejb> <ejb-name>HelloWorldBean</ejb-name> <jndi-name>HelloWorldBean</jndi-name> </ejb> </enterprise-beans></sun-ejb-jar>上述配置,在使用Application Client的时候可以通过容器提供的登陆框,使用barry:1q2w3e4r5t进行访问。可是单独客户端却无法通过。客户端程序如下: 主程序:Main.javapackage SecurityClient; import converter.secure.ejb.Converter;import java.math.BigDecimal;import java.util.Properties;import java.util.logging.Level;import java.util.logging.Logger;import javax.naming.InitialContext;import javax.naming.NamingException;import javax.security.auth.login.LoginContext;import javax.security.auth.login.LoginException;import madz.vicp.net.CallbackHandler;import madz.vicp.net.HelloWorldRemote; /** * * @author djzhong */public class Main { private static Converter converter;// private static HelloWorldRemote helloWorld; /** * @param args the command line arguments */ public static void main(String[] args) { try { // TODO code application logic here System.out.println("Starting login modules ..."); LoginContext loginContext = new LoginContext("HelloClient", new CallbackHandler()); loginContext.login(); System.out.println("Login passed @ client module ..."); Main client = new Main(); Properties p = new Properties(); p.put("org.omg.CORBA.ORBInitialHost", "localhost"); p.put("org.omg.CORBA.ORBInitialPort", "3700"); InitialContext ctx = new InitialContext(); converter = (Converter) ctx.lookup("ConverterBean"); client.doConversion(); } catch (LoginException ex) { Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); } catch (NamingException ex) { Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); } } public void doConversion() { try { BigDecimal param = new BigDecimal("100.00"); BigDecimal yenAmount = converter.dollarToYen(param); System.out.println("$" + param + " is " + yenAmount + " Yen."); BigDecimal euroAmount = converter.yenToEuro(yenAmount); System.out.println(yenAmount + " Yen is " + euroAmount + " Euro."); System.exit(0); } catch (Exception ex) { System.err.println("Caught an unexpected exception!"); ex.printStackTrace(); } }}
解决方案 »
- 紧急求教。。这种js是什么写法
- 求教在Eclipse3.1.2下开发基于JBoss的EJB?
- 关于三层开发中,用户如输入错误抛出空指针问题
- 我是干了C/C++四年多,现在由于工作需要,现在要高JAVA,J2EE,而且对BS架构开发不是很熟,请各位给我提点建议,谢谢
- 序列值的生成问题,想了三天了都不知道怎么做,各位大哥来看看!
- tomcat+mysql
- 刚装了WSAD5,打开那个“拍卖”的例子,怎么能让它运行?
- 求救关于一个对空数据库操作的问题.
- ctx.getEnvironment()方法被抑制怎么办?
- ssh easyui action中查到数据库库中的数据,转为json,前台无法显示
- 怎么样从hibernate中获得一个JAVA对象???
- 现在不大的软件公司都用什么技术对多线程考虑的多吗(j2ee方面的)
logout(); }
return true;
}
public boolean logout() throws LoginException {
System.out.println("PasswordLoginModule logouting ...");
subject.getPrincipals().remove(userPrincipal);
succeeded = false;
succeeded = commitSucceeded;
username = null;
if (password != null) {
for (int i = 0; i < password.length; i++) {
password[i] = ' ';
}
password = null;
}
userPrincipal = null;
System.out.println("PasswordLoginModule logout complete!");
return true;
}
}
package madz.vicp.net;import java.security.Principal;
public class PrincipalImpl implements Principal{ private String name; public PrincipalImpl(String name){ this.name = name; } public String getName() { return this.name; }}运行时参数:java -Djava.security.auth.login.config=E:\appclientlogin.conf -Djava.security.policy=E:\client.policy -Dorg.omg.CORBA.ORBInitial Host=localhost -Dorg.omg.CORBA.ORBInitialPort=3700 -jar SecurityClient.jar
Starting login modules ...
PasswordLoginModule initializing ...
PasswordLoginModule initialized OK!
PasswordLoginModule loginning ...
CallbackHandler handling ...
username:
barry
password:
xxxxxxxx
CallbackHandler handled OK
PasswordLoginModule login OK.
PasswordLoginModule committing ...
Commit construct Principal
Commit construct PasswordCredential
Commit release variables
PasswordLoginModule committed OK
Login passed @ client module ...
2008-6-20 11:22:35 SecurityClient.Main main
严重: null
javax.naming.NamingException: ejb ref resolution error for remote business inter
faceconverter.secure.ejb.Converter [Root exception is java.rmi.AccessException:
CORBA NO_PERMISSION 0 No; nested exception is:
org.omg.CORBA.NO_PERMISSION: ----------BEGIN server-side stack trace----
------
org.omg.CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: No
at com.sun.enterprise.iiop.security.SecServerRequestInterceptor.handle_n
ull_service_context(SecServerRequestInterceptor.java:406)
at com.sun.enterprise.iiop.security.SecServerRequestInterceptor.receive_
request(SecServerRequestInterceptor.java:428)
at com.sun.corba.ee.impl.interceptors.InterceptorInvoker.invokeServerInt
erceptorIntermediatePoint(InterceptorInvoker.java:627)
at com.sun.corba.ee.impl.interceptors.PIHandlerImpl.invokeServerPIInterm
ediatePoint(PIHandlerImpl.java:530)
at com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.getSe
rvantWithPI(CorbaServerRequestDispatcherImpl.java:406)
at com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.dispa
tch(CorbaServerRequestDispatcherImpl.java:224)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest
Request(CorbaMessageMediatorImpl.java:1846)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest
(CorbaMessageMediatorImpl.java:1706)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleInput(C
orbaMessageMediatorImpl.java:1088)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.call
back(RequestMessage_1_2.java:223)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest
(CorbaMessageMediatorImpl.java:806)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.dispatch(Corb
aMessageMediatorImpl.java:563) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.doWork(CorbaM
essageMediatorImpl.java:2567)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.
run(ThreadPoolImpl.java:555)
----------END server-side stack trace---------- vmcid: 0x0 minor code: 0 comp
leted: No]
at com.sun.ejb.EJBUtils.lookupRemote30BusinessObject(EJBUtils.java:367)
at com.sun.ejb.containers.RemoteBusinessObjectFactory.getObjectInstance(
RemoteBusinessObjectFactory.java:74) at javax.naming.spi.NamingManager.getObjectInstance(Unknown Source) at com.sun.enterprise.naming.SerialContext.lookup(SerialContext.java:344) at javax.naming.InitialContext.lookup(Unknown Source) at SecurityClient.Main.main(Main.java:44)Caused by: java.rmi.AccessException: CORBA NO_PERMISSION 0 No; nested exceptionis: org.omg.CORBA.NO_PERMISSION: ----------BEGIN server-side stack trace----------org.omg.CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: No at com.sun.enterprise.iiop.security.SecServerRequestInterceptor.handle_null_service_context(SecServerRequestInterceptor.java:406) at com.sun.enterprise.iiop.security.SecServerRequestInterceptor.receive_request(SecServerRequestInterceptor.java:428) at com.sun.corba.ee.impl.interceptors.InterceptorInvoker.invokeServerInterceptorIntermediatePoint(InterceptorInvoker.java:627) at com.sun.corba.ee.impl.interceptors.PIHandlerImpl.invokeServerPIIntermediatePoint(PIHandlerImpl.java:530) at com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.getServantWithPI(CorbaServerRequestDispatcherImpl.java:406) at com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.dispatch(CorbaServerRequestDispatcherImpl.java:224) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequestRequest(CorbaMessageMediatorImpl.java:1846) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:1706) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleInput(CorbaMessageMediatorImpl.java:1088) at com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:223) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:806) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.dispatch(CorbaMessageMediatorImpl.java:563) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.doWork(CorbaMessageMediatorImpl.java:2567) at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:555) ----------END server-side stack trace---------- vmcid: 0x0 minor code: 0 completed: No at com.sun.corba.ee.impl.javax.rmi.CORBA.Util.mapSystemException(Util.java:277) at com.sun.corba.ee.impl.presentation.rmi.StubInvocationHandlerImpl.privateInvoke(StubInvocationHandlerImpl.java:205) at com.sun.corba.ee.impl.presentation.rmi.StubInvocationHandlerImpl.invoke(StubInvocationHandlerImpl.java:152) at com.sun.corba.ee.impl.presentation.rmi.bcel.BCELStubBase.invoke(BCELStubBase.java:225) at com.sun.ejb.codegen._GenericEJBHome_Generated_DynamicStub.create(com/sun/ejb/codegen/_GenericEJBHome_Generated_DynamicStub.java) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at com.sun.ejb.EJBUtils.lookupRemote30BusinessObject(EJBUtils.java:359) ... 5 moreCaused by: org.omg.CORBA.NO_PERMISSION: ----------BEGIN server-side stack trace----------org.omg.CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: No at com.sun.enterprise.iiop.security.SecServerRequestInterceptor.handle_null_service_context(SecServerRequestInterceptor.java:406) at com.sun.enterprise.iiop.security.SecServerRequestInterceptor.receive_request(SecServerRequestInterceptor.java:428) at com.sun.corba.ee.impl.interceptors.InterceptorInvoker.invokeServerInterceptorIntermediatePoint(InterceptorInvoker.java:627) at com.sun.corba.ee.impl.interceptors.PIHandlerImpl.invokeServerPIIntermediatePoint(PIHandlerImpl.java:530) at com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.getServantWithPI(CorbaServerRequestDispatcherImpl.java:406) at com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.dispatch(CorbaServerRequestDispatcherImpl.java:224) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequestRequest(CorbaMessageMediatorImpl.java:1846) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:1706) at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleInput(CorbaMessageMediatorImpl.java:1088) at com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:223)
都离开csdn了?
怎么这么个基础的问题都没人回答呢?
难道是我人品太差?
Shit!!