我是EJB安全和GlassFish身份验证,授权机制的新手.我有一个jdbc领域并已配置sun-web.xml并web.xml映射角色并限制对页面的访问.
但是,我的问题是,当我限制对所有页面的访问时,它会起作用并在加载欢迎页面之前触发登录弹出(使用BASIC身份验证).
<web-resource-collection>
<web-resource-name>All Pages</web-resource-name>
<description/>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
但是当我限制访问文件夹中的页面时security,GlassFish不会提示登录并将用户重定向到受限页面.
<web-resource-collection>
<web-resource-name>All Pages</web-resource-name>
<description/>
<url-pattern>/security/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>`
请帮我解决这个问题..提前多多感谢.
打开安全管理器后,我也找到了这些条目
Processing login with credentials of type: class com.sun.enterprise.security.auth.login.PasswordCredential
Logging in user [admin] into realm: admin-realm using JAAS module: fileRealm
Login module initialized: class com.sun.enterprise.security.auth.login.FileLoginModule
File login succeeded for: admin
JAAS login complete.
JAAS authentication committed.
Password login succeeded for : admin …