package com.example.myrealm; import com.sun.appserv.security.AppservPasswordLoginModule; import javax.security.auth.login.LoginException; public class ExampleLoginModule extends AppservPasswordLoginModule { @Override protected void authenticateUser() throws LoginException { ExampleRealm realm = (ExampleRealm) getCurrentRealm(); String[] groups = realm.authenticate(_username, _passwd); if (groups == null) { throw new LoginException("ログイン失敗><"); } commitUserAuthentication(groups); } }
package com.example.myrealm; import com.sun.appserv.security.AppservRealm; import com.sun.enterprise.security.auth.realm.BadRealmException; import com.sun.enterprise.security.auth.realm.InvalidOperationException; import com.sun.enterprise.security.auth.realm.NoSuchRealmException; import com.sun.enterprise.security.auth.realm.NoSuchUserException; import java.util.Arrays; import java.util.Collections; import java.util.Enumeration; import java.util.Properties; public class ExampleRealm extends AppservRealm { @Override protected void init(Properties props) throws BadRealmException, NoSuchRealmException { String jaasContext = props.getProperty(JAAS_CONTEXT_PARAM); setProperty(JAAS_CONTEXT_PARAM, jaasContext); } @Override public String getAuthType() { return "example"; } @Override public Enumeration getGroupNames(String username) throws InvalidOperationException, NoSuchUserException { return Collections.enumeration(Arrays.asList(findGroups(username))); } String[] authenticate(String username, char[] password) { if (validate(username, password) == false) { return null; } return findGroups(username); } private boolean validate(String username, char[] password) { return "hoge".equals(username) && Arrays.equals("fuga".toCharArray(), password); } private String[] findGroups(String username) { return new String[]{"foo", "bar", "baz"}; } }
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>com.example</groupId> <artifactId>MyRealm</artifactId> <version>1.0-SNAPSHOT</version> <packaging>jar</packaging> <name>MyRealm</name> <url>http://maven.apache.org</url> <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </properties> <dependencies> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.11</version> <scope>test</scope> </dependency> <dependency> <groupId>org.glassfish.main.security</groupId> <artifactId>security-ee</artifactId> <version>4.0</version> </dependency> </dependencies> </project>
$ cp ~/NetBeansProjects/MyRealm/target/MyRealm-1.0-SNAPSHOT.jar \ /Applications/NetBeans/glassfish-4.0/glassfish/domains/domain1/lib/
myRealm { com.example.myrealm.ExampleLoginModule required; };
<!DOCTYPE html> <html> <head> <title>Start Page</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> </head> <body> <h1>Hello World!</h1> <a href='member/member.html'>Member's page</a> </body> </html>
<!-- To change this template, choose Tools | Templates and open the template in the editor. --> <!DOCTYPE html> <html> <head> <title></title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> </head> <body> <div>This is Member's page</div> </body> </html>
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1"> <session-config> <session-timeout>30</session-timeout> </session-config> <welcome-file-list> <welcome-file>/index.html</welcome-file> </welcome-file-list> <security-constraint> <web-resource-collection> <web-resource-name>Member Only</web-resource-name> <url-pattern>/member/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>memberRole</role-name> <role-name>adminRole</role-name> </auth-constraint> </security-constraint> <security-constraint> <web-resource-collection> <web-resource-name>Admin Only</web-resource-name> <url-pattern>/secure/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>adminRole</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>myRealm</realm-name> </login-config> <security-role> <role-name>memberRole</role-name> </security-role> <security-role> <role-name>adminRole</role-name> </security-role> </web-app>
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd"> <glassfish-web-app error-url=""> <security-role-mapping> <role-name>adminRole</role-name> <group-name>foo</group-name> </security-role-mapping> <security-role-mapping> <role-name>memberRole</role-name> <group-name>bar</group-name> </security-role-mapping> <session-config> <cookie-properties> <property name="cookieMaxAgeSeconds" value="-1"> </property> </cookie-properties> </session-config> <class-loader delegate="true"/> <jsp-config> <property name="keepgenerated" value="true"> <description>Keep a copy of the generated servlet class' java code.</description> </property> </jsp-config> </glassfish-web-app>