基于表单的身份验证WAS 8.5

时间:2013-11-11 09:02:23

标签: authentication websphere

我正在尝试在IBM webSphere WAS v8.5上实现基于表单的身份验证,但由于某些原因,安全配置被忽略,我可以访问所有保护资源而无需重定向到下面的登录页面是我的声明性安全配置< / p> 

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>TestSSO</display-name>
<welcome-file-list>
    <welcome-file>index.html</welcome-file>
    <welcome-file>index.htm</welcome-file>
    <welcome-file>index.jsp</welcome-file>
    <welcome-file>default.html</welcome-file>
    <welcome-file>default.htm</welcome-file>
    <welcome-file>default.jsp</welcome-file>
</welcome-file-list>
 <security-role>
    <role-name>manager</role-name>
</security-role>
<security-constraint>
    <web-resource-collection>
        <web-resource-name>management pages</web-resource-name>
        <url-pattern>/index.html</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>manager</role-name>
    </auth-constraint>
</security-constraint>

<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
        <form-login-page>/login.html</form-login-page>
        <form-error-page>/error.html</form-error-page>
    </form-login-config>
</login-config>


<?xml version="1.0" encoding="UTF-8"?>
<application-bnd xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   xmlns="http://websphere.ibm.com/xml/ns/javaee"
xsi:schemaLocation="http://websphere.ibm.com/xml/ns/javaee  http://websphere.ibm.com/xml/ns/javaee/ibm-application-bnd_1_0.xsd" version="1.0">
     <security-role name="manager">
     <special-subject type="ALL_AUTHENTICATED_USERS" />
     </security-role>

</application-bnd>

3 个答案:

答案 0 :(得分:0)

您只定义了一个受保护资源,即/index.html。调整<url-pattern>以包含您需要保护的所有资源。

答案 1 :(得分:0)

您必须使用WebSphere控制台进行角色映射。它将用户组从用户存储库映射到

答案 2 :(得分:-1)

这应该是您的ibm-application-bnd.xml文件

<?xml version="1.0" encoding="UTF-8"?>
<application-bnd xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   xmlns="http://websphere.ibm.com/xml/ns/javaee"
xsi:schemaLocation="http://websphere.ibm.com/xml/ns/javaee  http://websphere.ibm.com/xml/ns/javaee/ibm-application-bnd_1_0.xsd" version="1.0">
     <security-role name="manager">
        <group name="manager" />
     </security-role>

</application-bnd>
相关问题
最新问题