Weblogic9扩展JAAS应用注意点

阅读更多

一、创建 MBean 定义文件MDF（与Weblogic8一致）
文件名称为：WorkSecurityAuthenticator.xml

二、使用 WebLogic MBeanMaker 生成 MBean 类型
java -classpath "D:\bea9\weblogic92\server\lib\mbeantypes\wlManagement.jar;D:\bea9\weblogic92\server\lib\weblogic.jar;D:\bea9\jdk150_12\lib\tools.jar;D:\bea9\jdk150_12\lib\rt.jar;d:\auth" -DMDF="D:\auth\WorkSecurityAuthenticator.xml" -Dfiles="D:\auth" -DcreateStubs="true" weblogic.management.commo.WebLogicMBeanMaker

三、创建运行时类

package com.pims.work.auth.security;

import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import weblogic.management.security.ProviderMBean;
import weblogic.security.provider.PrincipalValidatorImpl;
import weblogic.security.spi.AuthenticationProviderV2;
import weblogic.security.spi.IdentityAsserterV2;
import weblogic.security.spi.PrincipalValidator;
import weblogic.security.spi.SecurityServices;

public final class WorkAuthProviderImpl implements AuthenticationProviderV2
{   
    private String description;   
    private LoginModuleControlFlag controlFlag;   
    public void initialize(ProviderMBean mbean, SecurityServices services)  
    {      
        WorkSecurityAuthenticatorMBean myMBean = (WorkSecurityAuthenticatorMBean)mbean;      
        description = myMBean.getDescription() + "\n" + myMBean.getVersion();      
        String flag = myMBean.getControlFlag();      
        if (flag.equalsIgnoreCase("REQUIRED")) 
        {        
            controlFlag = LoginModuleControlFlag.REQUIRED;      
        } 
        else if (flag.equalsIgnoreCase("OPTIONAL")) 
        {        
            controlFlag = LoginModuleControlFlag.OPTIONAL;      
        }
        else if (flag.equalsIgnoreCase("REQUISITE")) 
        {        
            controlFlag = LoginModuleControlFlag.REQUISITE;      
        } 
        else if (flag.equalsIgnoreCase("SUFFICIENT")) 
        {        
            controlFlag = LoginModuleControlFlag.SUFFICIENT;      
        } 
        else 
        {       
            throw new IllegalArgumentException("invalid flag value" + flag);      
        }   
    }   
    
    public String getDescription()  
    {      
        return description;  
    }   
    
    public void shutdown()  
    {      
        System.out.println("WorkAuthProviderImpl.shutdown");  
    }  

    private AppConfigurationEntry getConfiguration(HashMap options)   
    {      
        return new AppConfigurationEntry("com.pims.work.auth.security.WorkLoginModuleImpl", controlFlag, options);   
    }   
    
    public AppConfigurationEntry getLoginModuleConfiguration()   
    {      
        HashMap options = new HashMap();      
        return getConfiguration(options);   
    }   
    
    public AppConfigurationEntry getAssertionModuleConfiguration()   
    {      
        HashMap options = new HashMap();      
        options.put("IdentityAssertion","true");      
        return getConfiguration(options);   
    }   
    
    public PrincipalValidator getPrincipalValidator()    
    {      
        return new PrincipalValidatorImpl();   
    }   
    
    public IdentityAsserterV2 getIdentityAsserter()   
    {      
        return null;   
    }
}

其中com.pims.work.auth.security.WorkLoginModuleImpl为JAAS的LoginModule实现类。

四、使用 WebLogic MBeanMaker 创建 MBean JAR 文件 (MJF)
java -classpath "D:\bea9\weblogic92\server\lib\mbeantypes\wlManagement.jar;D:\bea9\weblogic92\server\lib\weblogic.jar;D:\bea9\jdk150_12\lib\tools.jar;D:\bea9\jdk150_12\lib\rt.jar;d:\auth" -DMJF="D:\auth\lib\WorkAuthProvider.jar" -Dfiles="D:\auth" -DcreateStubs="true" weblogic.management.commo.WebLogicMBeanMaker

五、把产生的jar包放到WL_HOME/server/lib/mbeantypes/目录下，并在控制台进行配置。