Question

Я перенастроил адаптированный класс SSLWithFormback7.java на tomcat 9 (на tomcat 7 он работает отлично), но при переносе на tomcat 9.0.12 возникают ошибки при компиляции на maven ...

SSLWithFORMFallback7.java

package com.iafox.auth;

import java.io.IOException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;

import javax.servlet.http.HttpServletRequest;

import org.apache.catalina.Container;
import org.apache.catalina.Globals;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.authenticator.AuthenticatorBase;
import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.authenticator.DigestAuthenticator;
import org.apache.catalina.authenticator.FormAuthenticator;
import org.apache.catalina.authenticator.SSLAuthenticator;
import org.apache.catalina.authenticator.BasicAuthenticator;
import org.apache.catalina.connector.Request;
import org.apache.coyote.ActionCode;
import org.apache.tomcat.util.descriptor.web.LoginConfig;


public class SSLWithFORMFallback7 extends AuthenticatorBase {
    FormAuthenticator formAuthenticator = new FormAuthenticator();
    SSLAuthenticator sslAuthenticator = new SSLAuthenticator();
    BasicAuthenticator basicAuthenticator = new BasicAuthenticator();
    DigestAuthenticator digestAuthenticator = new DigestAuthenticator();

    @Override
    public boolean authenticate(Request request, javax.servlet.http.HttpServletResponse httpResponse) throws IOException {
        // Have we already authenticated someone?)
        Principal principal = request.getUserPrincipal();
        //String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
        if (principal != null) {
            // Associate the session with any existing SSO session in order
            // to get coordinated session invalidation at logout
            String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
            if (ssoId != null) {
                associate(ssoId, request.getSessionInternal(true));
            }
            return (true);
        }

        // Get certificates from the request
        boolean certAuth = true;
        X509Certificate certs[] = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR);
        /*if ((certs == null) || (certs.length < 1)) {
            request.getCoyoteRequest().action(ActionCode.REQ_SSL_CERTIFICATE, null);
            certs = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR);
        }
        if ((certs == null) || (certs.length < 1)) {
            // No certificates
            certAuth = false;
        }*/
        if ((certs == null) || (certs.length < 1)) {
            // No certificates
            certAuth = false;
            System.out.println("NO CERTS");
        } else {
            request.getCoyoteRequest().action(ActionCode.REQ_SSL_CERTIFICATE, null);
            certs = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR);
            System.out.println(String.valueOf(certs.length) + " CERTS");
        }

        // Delegate authentication request
        boolean retval;
        /*if (certAuth) {
            retval = sslAuthenticator.authenticate(request, httpResponse, lc);
        }
        else*/
        {
            String servletPath = request.getServletPath();
            if (servletPath == null) servletPath = "";

            /*System.out.println("servletpath:" + request.getServletPath());
            System.out.println("queryString:" + request.getQueryString());
            System.out.println(request.getCoyoteRequest().getMimeHeaders().toString());
            */
            if (servletPath.contains(".jsp") || servletPath.contains("j_security_check")) {
                //System.out.println("start FormAuth");
                retval = formAuthenticator.authenticate(request, httpResponse);
            } else {
                String authorization = request.getHeader("authorization");

                if (authorization != null && authorization.toLowerCase().startsWith("basic ")) {
                    //System.out.println("start BasicAuth");
                    retval = basicAuthenticator.authenticate(request, httpResponse);
                } else {
                    //System.out.println("start DigestAuth");
                    retval = digestAuthenticator.authenticate(request, httpResponse);
                }
            }
        }
        //System.out.println("Retval: " + retval + ", certAuth: " + certAuth);
        return retval;
    }

    private String infoStr = null;

    public String getInfo() {
        if(null == infoStr) {
            infoStr = this.getClass().getName();
        }
        return infoStr;
    }

    @Override
    protected String getAuthMethod() {
        return HttpServletRequest.CLIENT_CERT_AUTH;
//        return HttpServletRequest.FORM_AUTH;
    }

    @Override
    public void setContainer(Container container) {
        try {
            super.setContainer(container);
            sslAuthenticator.setContainer(container);
            formAuthenticator.setContainer(container);
            basicAuthenticator.setContainer(container);
            digestAuthenticator.setContainer(container);

            /* At time of writing, it appears .setContainer is the only
               thing necessary ahead of time to call .start() */
            formAuthenticator.start();
            sslAuthenticator.start();
            basicAuthenticator.start();
            digestAuthenticator.start();
        } catch (LifecycleException ex) {
            Logger.getLogger(SSLWithFORMFallback7.class.getName()).log(Level.SEVERE, null, ex);
        }
    }
}

и ошибка при компиляции в tomcat

    [INFO] Scanning for projects...
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building ws Maven Webapp 1.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:3.0.0:clean (default-clean) @ SSLWithFORMFallback7 ---
[INFO] Deleting /home/bruno/Documents/iafox/ws/iafox-auth/target
[INFO] 
[INFO] --- maven-resources-plugin:3.0.2:resources (default-resources) @ SSLWithFORMFallback7 ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/bruno/Documents/iafox/ws/iafox-auth/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:3.8.0:compile (default-compile) @ SSLWithFORMFallback7 ---
[INFO] Changes detected - recompiling the module!
[INFO] Compiling 1 source file to /home/bruno/Documents/iafox/ws/iafox-auth/target/classes
[INFO] -------------------------------------------------------------
[ERROR] COMPILATION ERROR : 
[INFO] -------------------------------------------------------------
[ERROR] /home/bruno/Documents/iafox/ws/iafox-auth/src/main/java/com/iafox/auth/SSLWithFORMFallback7.java:[25,8] com.iafox.auth.SSLWithFORMFallback7 is not abstract and does not override abstract method doAuthenticate(org.apache.catalina.connector.Request,javax.servlet.http.HttpServletResponse) in org.apache.catalina.authenticator.AuthenticatorBase
[INFO] 1 error
[INFO] -------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 2.730 s
[INFO] Finished at: 2018-11-01T10:07:24-03:00
[INFO] Final Memory: 16M/187M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project SSLWithFORMFallback7: Compilation failure
[ERROR] /home/bruno/Documents/iafox/ws/iafox-auth/src/main/java/com/iafox/auth/SSLWithFORMFallback7.java:[25,8] com.iafox.auth.SSLWithFORMFallback7 is not abstract and does not override abstract method doAuthenticate(org.apache.catalina.connector.Request,javax.servlet.http.HttpServletResponse) in org.apache.catalina.authenticator.AuthenticatorBase
[ERROR] -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException

очевидно, я должен вызвать Аутентификацию, когда аутентификация верна, но пока я не смог

Bruno Luis · Answer 1 · 06 ноября 2018

У меня была большая эволюция, теперь она принимает бейсик, но ФОРМА входит в состояние и говорит "НЕТ СЕРТОВ"

Примечание: соединение с базой данных работает

package com.iafox.auth;

import java.io.IOException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;

import javax.servlet.http.HttpServletRequest;

import org.apache.catalina.Container;
import org.apache.catalina.Globals;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.authenticator.AuthenticatorBase;
import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.authenticator.DigestAuthenticator;
import org.apache.catalina.authenticator.FormAuthenticator;
import org.apache.catalina.authenticator.SSLAuthenticator;
import org.apache.catalina.authenticator.BasicAuthenticator;
import org.apache.catalina.connector.Request;
import org.apache.coyote.ActionCode;
import org.apache.tomcat.util.descriptor.web.LoginConfig;


public class SSLWithFORMFallback7 extends AuthenticatorBase {
    FormAuthenticator formAuthenticator = new FormAuthenticator();
    SSLAuthenticator sslAuthenticator = new SSLAuthenticator();
    BasicAuthenticator basicAuthenticator = new BasicAuthenticator();
    DigestAuthenticator digestAuthenticator = new DigestAuthenticator();

    protected boolean doAuthenticate(Request request, javax.servlet.http.HttpServletResponse httpResponse) throws IOException {
        // Have we already authenticated someone?)
        Principal principal = request.getUserPrincipal();
        //String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
        if (principal != null) {
            // Associate the session with any existing SSO session in order
            // to get coordinated session invalidation at logout
            String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
            if (ssoId != null) {
                associate(ssoId, request.getSessionInternal(true));
            }
            return (true);
        }

        // Get certificates from the request
        boolean certAuth = true;
        X509Certificate certs[] = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR);
        /*if ((certs == null) || (certs.length < 1)) {
            request.getCoyoteRequest().action(ActionCode.REQ_SSL_CERTIFICATE, null);
            certs = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR);
        }
        if ((certs == null) || (certs.length < 1)) {
            // No certificates
            certAuth = false;
        }*/
        if ((certs == null) || (certs.length < 1)) {
            // No certificates
            certAuth = false;
            System.out.println("NO CERTS");
        } else {
            request.getCoyoteRequest().action(ActionCode.REQ_SSL_CERTIFICATE, null);
            certs = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR);
            System.out.println(String.valueOf(certs.length) + " CERTS");
        }

        // Delegate authentication request
        boolean retval;
        /*if (certAuth) {
            retval = sslAuthenticator.authenticate(request, httpResponse, lc);
        }
        else*/
        {
            String servletPath = request.getServletPath();
            if (servletPath == null) servletPath = "";

            /*System.out.println("servletpath:" + request.getServletPath());
            System.out.println("queryString:" + request.getQueryString());
            System.out.println(request.getCoyoteRequest().getMimeHeaders().toString());
            */
            if (servletPath.contains(".jsp") || servletPath.contains("j_security_check")) {
                //System.out.println("start FormAuth");
              retval = formAuthenticator.authenticate(request, httpResponse);
            } else {
                String authorization = request.getHeader("authorization");

                if (authorization != null && authorization.toLowerCase().startsWith("basic ")) {
                    //System.out.println("start BasicAuth");
                    retval = basicAuthenticator.authenticate(request, httpResponse);
                } else {
                    //System.out.println("start DigestAuth");
                    retval = digestAuthenticator.authenticate(request, httpResponse);
                }
            }
        }
        //System.out.println("Retval: " + retval + ", certAuth: " + certAuth);
        return retval;
    }

    private String infoStr = null;

    public String getInfo() {
        if(null == infoStr) {
            infoStr = this.getClass().getName();
        }
        return infoStr;
    }

    @Override
    protected String getAuthMethod() {
        return HttpServletRequest.CLIENT_CERT_AUTH;
//        return HttpServletRequest.FORM_AUTH;
    }

    @Override
    public void setContainer(Container container) {
            super.setContainer(container);
            sslAuthenticator.setContainer(container);
            formAuthenticator.setContainer(container);
            basicAuthenticator.setContainer(container);
            digestAuthenticator.setContainer(container);
    }

    @Override
    protected void initInternal() throws LifecycleException {
        super.initInternal();

        formAuthenticator.setAlwaysUseSession(alwaysUseSession);
        formAuthenticator.init();

        sslAuthenticator.setAlwaysUseSession(alwaysUseSession);
        sslAuthenticator.init();

        basicAuthenticator.setAlwaysUseSession(alwaysUseSession);
        basicAuthenticator.init();

        digestAuthenticator.setAlwaysUseSession(alwaysUseSession);
        digestAuthenticator.init();
    }

    @Override
    public void startInternal() throws LifecycleException{
        super.startInternal();
        formAuthenticator.start();
        sslAuthenticator.start();
        basicAuthenticator.start();
        digestAuthenticator.start();
    }

    @Override
    public void stopInternal() throws LifecycleException {
        super.stopInternal();
        formAuthenticator.stop();
        sslAuthenticator.stop();
        basicAuthenticator.stop();
        digestAuthenticator.stop();
    }
}

SSL смешанная аутентификация для Tomcat 9

Пожалуйста, войдите или зарегистрируйтесь чтобы ответить на этот вопрос.

1 Ответ

Пожалуйста, войдите или зарегистрируйтесь что бы добавить комментарий.

SSL смешанная аутентификация для Tomcat 9

Пожалуйста, войдите или зарегистрируйтесь чтобы ответить на этот вопрос.

1 Ответ

Пожалуйста, войдите или зарегистрируйтесь что бы добавить комментарий.

Похожие темы