Nu har jeg fundet lidt information omkring emnet på nettet, og har forsøgt at implementere det. Men det virker ikke helt (dog tæt på tror jeg).
Jeg har fulgt vejledningen her:
http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/tutorials/GeneralAcnAndAzn.html#SampleAznOg jeg har skrevet de efterfølgende kode-stumper. Men det virker som sagt ikke helt. Under kompileringen skrives der i outputtet: "WARNING: No Principals mapped to Role [student].
WARNING: No Principals mapped to Role [admin]."
Men jeg er ikke helt klar over, hvor man tildeler principals, hvis det ikke gøres manuelt i koden. Og jeg er ikke helt sikker på, hvordan det gøres korrekt i koden.
Hvad mangler jeg, eller gør jeg galt?
admin.policy:
grant codebase "./UploadedFiles/*",
Principal sample.principal.SamplePrincipal "admin" {
permission java.io.FilePermission "*", "read", "write";
};
Servlet som står for hele login ud fra tilsendte felter fra FORM (den endelige version skulle gerne hente credentials fra login på den enkelte computer - altså IKKE gennem en FORM):
package ServletPackage;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
import sun.net.
www.http.HttpClient;import java.security.*;
import javax.security.auth.*;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import java.io.FilePermission;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.List;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
public class LoginAuthentication extends HttpServlet {
private ServletConfig config;
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
try {
final String studentName=new String("student");
final String studentPassword=new String("student");
final String adminName=new String("admin");
final String adminPassword=new String("admin");
if(studentName.equals(request.getParameter("user")) && studentPassword.equals(request.getParameter("pass")))
{
out.println("Vellykket login "+studentName);
try{
LoginContext lc=new LoginContext("loginConext");
lc.login();
}catch(Exception ex)
{
System.out.println("LoginException: "+ex.toString());
}
Subject subject = Subject.getSubject(AccessController.getContext());
System.out.println("\nSubject= "+subject+"\n");
out.print("<form name=\"redirect\">\n");
out.print("<center>\n");
out.print("<font face=\"Arial\"><b>Du vil blive sendt videre i systemet om:<br><br>\n");
out.print("<form>\n");
out.print("<input type=\"text\" size=\"3\" name=\"redirect2\">\n");
out.print("</form>\n");
out.print("sekunder</b></font>\n");
out.print("</center>\n");
out.print("<script>\n");
out.print("<!--\n");
out.print("/*\n");
out.print("Count down then redirect script\n");
out.print("By JavaScript Kit (
http://javascriptkit.com)\n");
out.print("Over 400+ free scripts here!\n");
out.print("*/\n");
out.print("//change below target URL to your own\n");
out.print("var targetURL=\"student/student.jsp\"\n");
out.print("//change the second to start counting down from\n");
out.print("var countdownfrom=3\n");
out.print("var currentsecond=document.redirect.redirect2.value=countdownfrom+1\n");
out.print("function countredirect(){\n");
out.print("if (currentsecond!=1){\n");
out.print("currentsecond-=1\n");
out.print("document.redirect.redirect2.value=currentsecond\n");
out.print("}\n");
out.print("else{\n");
out.print("window.location=targetURL\n");
out.print("return\n");
out.print("}\n");
out.print("setTimeout(\"countredirect()\",1000)\n");
out.print("}\n");
out.print("countredirect()\n");
out.print("//-->\n");
out.print("</script>\n");
}else if(adminName.equals(request.getParameter("user")) && adminPassword.equals(request.getParameter("pass")))
{
out.println("Vellykket login "+adminName);
try
{
LoginContext lc=new LoginContext("loginConext");
lc.login();
assignPrincipal(new RolePrincipal("admin"));
Policy defaultPolicy = Policy.getPolicy();
List policies = new ArrayList(1);
policies.add(defaultPolicy);
final File policyFile = new File("src/conf/admin.policy");
// Login a user
SimpleCallbackHandler cb = new SimpleCallbackHandler(adminName, adminPassword);
LoginContext ctx = new LoginContext("admin", cb);
ctx.login();
Subject subject = ctx.getSubject();
System.out.println("Logged in " + subject);
// Create privileged action block which limits permissions
// to only the Subject's permissions.
try
{
Subject.doAsPrivileged(subject, new PrivilegedAction() {
public Object run() {
policyFile.canRead();
System.out.println(adminName + " can access Policy file.");
return null;
}
}, null);
} catch (SecurityException e)
{
System.out.println("SecurityException: "+e.toString());
}
//assignPrincipal(new RolePrincipal("authenticateduser"));
Subject subject2 = Subject2.getSubject(AccessController.getContext());
System.out.println("\nSubject= "+subject2+"\n");
}catch(Exception ex){
System.out.println("LoginException: "+ex.toString());
}
//countdown-example:
out.print("<form name=\"redirect\">\n");
out.print("<center>\n");
out.print("<font face=\"Arial\"><b>Du vil blive sendt videre i systemet om:<br><br>\n");
out.print("<form>\n");
out.print("<input type=\"text\" size=\"3\" name=\"redirect2\">\n");
out.print("</form>\n");
out.print("sekunder</b></font>\n");
out.print("</center>\n");
out.print("<script>\n");
out.print("<!--\n");
out.print("/*\n");
out.print("Count down then redirect script\n");
out.print("By JavaScript Kit (
http://javascriptkit.com)\n");
out.print("Over 400+ free scripts here!\n");
out.print("*/\n");
out.print("//change below target URL to your own\n");
out.print("var targetURL=\"admin/admin.jsp\"\n");
out.print("//change the second to start counting down from\n");
out.print("var countdownfrom=3\n");
out.print("var currentsecond=document.redirect.redirect2.value=countdownfrom+1\n");
out.print("function countredirect(){\n");
out.print("if (currentsecond!=1){\n");
out.print("currentsecond-=1\n");
out.print("document.redirect.redirect2.value=currentsecond\n");
out.print("}\n");
out.print("else{\n");
out.print("window.location=targetURL\n");
out.print("return\n");
out.print("}\n");
out.print("setTimeout(\"countredirect()\",1000)\n");
out.print("}\n");
out.print("countredirect()\n");
out.print("//-->\n");
out.print("</script>\n");
}else{
out.println("Skriv et korrekt brugernavn og kodeord!\n");
out.println("<a href='index.jsp'");
}
/* TODO output your page here
out.println("<html>");
out.println("<head>");
out.println("<title>Servlet LoginAuthentication</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Servlet LoginAuthentication at " + request.getContextPath () + "</h1>");
out.println("</body>");
out.println("</html>");
*/
} finally {
out.close();
}
}
@Override
public void init(ServletConfig config) throws ServletException
{
this.config = config;
}
public class SimpleCallbackHandler implements CallbackHandler {
private String name;
private String password;
public SimpleCallbackHandler(String name, String password) {
this.name = name;
this.password = password;
}
public void handle(Callback[] callbacks) {
for (int i = 0; i < callbacks.length; i++)
{
Callback callback = callbacks[i];
if (callback instanceof NameCallback)
{
NameCallback nameCB = (NameCallback) callback;
nameCB.setName(name);
}else if (callback instanceof PasswordCallback)
{
PasswordCallback passwordCB = (PasswordCallback) callback;
passwordCB.setPassword(password.toCharArray());
}
}
}
}
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
/**
* Handles the HTTP <code>GET</code> method.
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
}
/**
* Handles the HTTP <code>POST</code> method.
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
}
/**
* Returns a short description of the servlet.
* @return a String containing servlet description
*/
@Override
public String getServletInfo() {
return "Short description";
}// </editor-fold>
}