问题描述
不仅仅是一个问题,我需要使用 jsf 执行身份验证.我开发了一个登录,它接收存储在 MySQL 中的用户名和密码.从 Active Directory 登录时,这应该使用 AD 的用户名和密码,我想应该与 MySQL 的相同.
More than a problem, I need to perform authentication using jsf. I have developed a login, which receives a username and password that are stored in MySQL. Upon login from the Active Directory, this should take the username and password of AD, which, I suppose, should be the same as that of MySQL.
然后,进入系统,你不再看到登录,而是直接看到主页或主页.
Then, to enter the system, you no longer see the login, but directly the main or home page.
希望您的帮助和提前感谢.
I hope your help and thanks in advance.
您好.
推荐答案
这是我的解决方案,它对我有用:编辑 faces-config.xml:
This my solution, it worked for me: Edit faces-config.xml:
<lifecycle> <phase-listener> com.xxx.*****.security.Login </phase-listener> </lifecycle>
类登录:
public class Login implements PhaseListener { private static final String USER_LOGIN_OUTCOME = "login"; @Override public void afterPhase(PhaseEvent event) { FacesContext context = event.getFacesContext(); if (userExists(context)) { // 1. Update last login // 2. may be expired ??? ExternalContext extContext = context.getExternalContext(); try { ETT_UserDTL tmpUser = (ETT_UserDTL) extContext.getSessionMap().get(User.USER_SESSION_KEY); if (!Authenticator.authenticateUser(tmpUser, context)) { // send the user to the login view reLogin(context); } else { ; } // allow processing of the requested view } catch (Exception ex) { SystemLogger.getLogger().error(ex); ClientMessage.logErr(ex.toString()); reLogin(context); } } else { // send the user to the login view reLogin(context); } } private boolean userExists(FacesContext context) { // Need re-check authenticator here. // Check user exist ExternalContext extContext = context.getExternalContext(); return (extContext.getSessionMap().containsKey(User.USER_SESSION_KEY)); } private void reLogin(FacesContext context) { // send the user to the login view if (requestingSecureView(context)) { context.responseComplete(); context.getApplication(). getNavigationHandler().handleNavigation(context, null, USER_LOGIN_OUTCOME); } else { ; } } }
LDAP认证:
public class LDAPAuthentication { static String ATTRIBUTE_FOR_USER = "sAMAccountName"; @SuppressWarnings("unchecked") public Attributes authenticateUser(String username, String password, String strDomain, String strHost, String dn) throws NamingException { String searchFilter = "(&(objectClass=user)(" + ATTRIBUTE_FOR_USER + "=" + username + "))"; // Create the search controls SearchControls searchCtls = new SearchControls(); // searchCtls.setReturningAttributes(returnedAtts); // Specify the search scope searchCtls.setSearchScope(SearchControls.OBJECT_SCOPE); String searchBase = dn; Hashtable environment = new Hashtable(); environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); // Using starndard Port, check your instalation environment.put(Context.PROVIDER_URL, "ldap://" + strHost); environment.put(Context.SECURITY_AUTHENTICATION, "simple"); environment.put(Context.SECURITY_PRINCIPAL, username + "@" + strDomain); environment.put(Context.SECURITY_CREDENTIALS, password); LdapContext ctxGC = null; try { ctxGC = new InitialLdapContext(environment, null); // Search for objects in the GC using the filter NamingEnumeration answer = ctxGC.search(searchBase, searchFilter, searchCtls); while (answer.hasMoreElements()) { SearchResult sr = (SearchResult) answer.next(); Attributes attrs = sr.getAttributes(); if (attrs != null) { return attrs; } } } catch (Exception e) { SystemLogger.getLogger().error(e); } return null; } }
身份验证:
public static boolean authenticateLDAPUser(String strUser, String strPass, String strDomain, String strHost) throws NamingException, Exception { LDAPAuthentication ldap = new LDAPAuthentication(); Attributes att = ldap.authenticateUser(strUser, strPass, strDomain, strHost, ""); if (att != null) { try { ETT_UserDTL tmpUser = (ETT_UserDTL) DataUtil.performAction(DATA_UserGUI.class, "getInfByUserName", strUser); tmpUser.setPassword(strPass); if (!otherAuthenticate(tmpUser)) { Authenticator.removeUser(); return false; } else { ; } pushUser(tmpUser); return true; } catch (TelsoftException ex) { SystemLogger.getLogger().error(ex); return false; } } else { updateLoginFail(); return false; } }