一、创建 MBean 定义文件MDF(与Weblogic8一致)
文件名称为:WorkSecurityAuthenticator.xml
<?xml version="1.0" ?>
<!DOCTYPE MBeanType SYSTEM "commo.dtd">
<MBeanType
Name = "WorkSecurityAuthenticator"
DisplayName = "Work Security Authenticator"
Package = "com.pims.work.auth.security"
Extends = "weblogic.management.security.authentication.Authenticator"
PersistPolicy = "OnUpdate"
Description = "This MBean represents configuration attributes for the WebLogic Authorization provider."
>
<MBeanAttribute
Name = "ProviderClassName"
Type = "java.lang.String"
Writeable = "false"
Default = ""com.pims.work.auth.security.WorkAuthProviderImpl""
Description = "The name of the Java class used to load the WebLogic Authorization provider."
/>
<MBeanAttribute
Name = "Description"
Type = "java.lang.String"
Writeable = "false"
Default = ""Weblogic Default Authorization Provider""
Description = "A short description of the WebLogic Authorization provider."
/>
<MBeanAttribute
Name = "Version"
Type = "java.lang.String"
Writeable = "false"
Default = ""1.0""
Description = "The version of the WebLogic Authorization provider."
/>
</MBeanType>
二、使用 WebLogic MBeanMaker 生成 MBean 类型
java -classpath "D:\bea9\weblogic92\server\lib\mbeantypes\wlManagement.jar;D:\bea9\weblogic92\server\lib\weblogic.jar;D:\bea9\jdk150_12\lib\tools.jar;D:\bea9\jdk150_12\lib\rt.jar;d:\auth" -DMDF="D:\auth\WorkSecurityAuthenticator.xml" -Dfiles="D:\auth" -DcreateStubs="true" weblogic.management.commo.WebLogicMBeanMaker
三、创建运行时类
package com.pims.work.auth.security;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import weblogic.management.security.ProviderMBean;
import weblogic.security.provider.PrincipalValidatorImpl;
import weblogic.security.spi.AuthenticationProviderV2;
import weblogic.security.spi.IdentityAsserterV2;
import weblogic.security.spi.PrincipalValidator;
import weblogic.security.spi.SecurityServices;
public final class WorkAuthProviderImpl implements AuthenticationProviderV2
{
private String description;
private LoginModuleControlFlag controlFlag;
public void initialize(ProviderMBean mbean, SecurityServices services)
{
WorkSecurityAuthenticatorMBean myMBean = (WorkSecurityAuthenticatorMBean)mbean;
description = myMBean.getDescription() + "\n" + myMBean.getVersion();
String flag = myMBean.getControlFlag();
if (flag.equalsIgnoreCase("REQUIRED"))
{
controlFlag = LoginModuleControlFlag.REQUIRED;
}
else if (flag.equalsIgnoreCase("OPTIONAL"))
{
controlFlag = LoginModuleControlFlag.OPTIONAL;
}
else if (flag.equalsIgnoreCase("REQUISITE"))
{
controlFlag = LoginModuleControlFlag.REQUISITE;
}
else if (flag.equalsIgnoreCase("SUFFICIENT"))
{
controlFlag = LoginModuleControlFlag.SUFFICIENT;
}
else
{
throw new IllegalArgumentException("invalid flag value" + flag);
}
}
public String getDescription()
{
return description;
}
public void shutdown()
{
System.out.println("WorkAuthProviderImpl.shutdown");
}
private AppConfigurationEntry getConfiguration(HashMap options)
{
return new AppConfigurationEntry("com.pims.work.auth.security.WorkLoginModuleImpl", controlFlag, options);
}
public AppConfigurationEntry getLoginModuleConfiguration()
{
HashMap options = new HashMap();
return getConfiguration(options);
}
public AppConfigurationEntry getAssertionModuleConfiguration()
{
HashMap options = new HashMap();
options.put("IdentityAssertion","true");
return getConfiguration(options);
}
public PrincipalValidator getPrincipalValidator()
{
return new PrincipalValidatorImpl();
}
public IdentityAsserterV2 getIdentityAsserter()
{
return null;
}
}
其中com.pims.work.auth.security.WorkLoginModuleImpl为JAAS的LoginModule实现类。
四、使用 WebLogic MBeanMaker 创建 MBean JAR 文件 (MJF)
java -classpath "D:\bea9\weblogic92\server\lib\mbeantypes\wlManagement.jar;D:\bea9\weblogic92\server\lib\weblogic.jar;D:\bea9\jdk150_12\lib\tools.jar;D:\bea9\jdk150_12\lib\rt.jar;d:\auth" -DMJF="D:\auth\lib\WorkAuthProvider.jar" -Dfiles="D:\auth" -DcreateStubs="true" weblogic.management.commo.WebLogicMBeanMaker
五、把产生的jar包放到WL_HOME/server/lib/mbeantypes/目录下,并在控制台进行配置。