javaEE windows域用户验证
在java web项目中,通过windows域用户进行安全验证,要用到jcifs(http://jcifs.samba.org/)
下面是测试步骤:
1.上面官网中下载jcifs-1.3.17.jar(当前是1.3.17)加入项目
2.web.xml中加入配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 | <servlet> <servlet-name>login</servlet-name> <servlet-class>servlet.LoginServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>login</servlet-name> <url-pattern>/login.do</url-pattern> </servlet-mapping> <filter> <filter-name>NtlmHttpFilter</filter-name> <filter-class>jcifs.http.NtlmHttpFilter</filter-class> <!--jcifs.http.domainController 这个参数指定了DNS服务器的地址 --> <init-param> <param-name>jcifs.http.domainController</param-name> <param-value>127.0.0.1</param-value> </init-param> <!-- <init-param> <param-name>jcifs.smb.client.domain</param-name> <param-value>chinastock</param-value> </init-param> --> <init-param> <param-name>jcifs.util.loglevel</param-name> <param-value>0</param-value> </init-param> <init-param> <param-name>jcifs.smb.lmCompatibility</param-name> <param-value>0</param-value> </init-param> <init-param> <param-name>jcifs.smb.client.useExtendedSecurity</param-name> <param-value>false</param-value> </init-param> <!--指定要求登陆的 域 的用户 <init-param> <param-name>jcifs.smb.client.username</param-name> <param-value>admin</param-value> </init-param> <init-param> <param-name>jcifs.smb.client.password</param-name> <param-value>123</param-value> </init-param> --> </filter> <filter-mapping> <filter-name>NtlmHttpFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <welcome-file-list> <welcome-file>login.jsp</welcome-file> </welcome-file-list> |
3.新建login.jsp并加入代码
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | <form action="login.do" method="post"> <h3>用户名<input type="text" name="userName" value="admin"/></h3> <h3>密码<input type="password" name="pwd" value="111111"/></h3> <input type="submit" value="登陆"> </form> <% Object msg = request.getAttribute("msg"); if(msg != null){ %> <script type="text/javascript"> alert("<%=msg.toString() %>"); </script> <% } %> |
4.新建index.jsp并加入代码
1 | <h2>${msg }</h2> |
5.新建LoginServlet.java
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 | package servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LoginServlet extends HttpServlet { private static final long serialVersionUID = 1L; @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request, response); } @Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String msg = ""; //先验证windows系统域用户名正确性 /* String remoteUser = request.getRemoteUser();//域用户名 if(remoteUser == null || !"admin".equals(remoteUser)){ msg = "远程域用户不正确,请以windows域用户[admin]登陆!"; request.setAttribute("msg", msg); request.getRequestDispatcher("login.jsp").forward(request, response); return; } */ //验证应用系统用户 String userName = request.getParameter("userName"); String pwd = request.getParameter("pwd"); if(userName == null || !"test".equals(userName) || pwd == null || !"111111".equals(pwd)){ msg = "系统用户名或密码不匹配!"; request.setAttribute("msg", msg); request.getRequestDispatcher("login.jsp").forward(request, response); return; } msg = "欢迎你:域用户" + request.getRemoteUser() + ",系统用户" + userName; request.setAttribute("msg", msg); request.getRequestDispatcher("index.jsp").forward(request, response); } } |
6.发布项目到tomcat,启动服务器,访问测试
注:开始我win7这运行时遇到一个错误
jcifs.smb.SmbException: The parameter is incorrect.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa中新建一个dword值LMCompatibilityLevel,值为1,即可解决
Comments are currently closed.