Bonjour,
Je suis assez désespéré.
Je n'ai pas trop l'habitude avec la sécurité des applis et je teste picketlink en REST sur un wildfly 9.0.0.FINal
Voici le problème :
j'arrive à me loguer une première fois avec mon login/password
je lance la déconnection qui à priori également fonctionne mais pas de message
lorsque je reviens me reconnecter j'ai une exception qui me dit que l'User existe déjà pour cet identifiant avec cette partition (il n'y en a qu'une de toutes manières)
A savoir que j'ai attribué des rôles à ce "User" comme on le verra dans le code.
Donc je me dis qu'il se comprte comme s'l n'avait pas viré l'User de quelque part...
Quelqu'un a une idée ?
voici mon pom
A priori pas de soucis à ce niveau là...
Bon, j'ai voulu créer une authentification en utilisant picketlink, je me suis basé sur un tuto.
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127 <?xml version="1.0"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>hystrial</groupId> <artifactId>arenapolis</artifactId> <version>0.1</version> <packaging>war</packaging> <name>Arena polis</name> <description>Jeu de gladiateurs</description> <properties> <!-- JBoss AS dependency versions --> <version.jboss.maven.plugin>7.4.Final</version.jboss.maven.plugin> <!-- WildFly dependency versions --> <version.wildfly.maven.plugin>1.0.1.Final</version.wildfly.maven.plugin> <!-- PicketLink dependency versions --> <version.picketlink.javaee.bom>2.7.0.Final</version.picketlink.javaee.bom> <!-- maven-war-plugin --> <version.war.plugin>2.1.1</version.war.plugin> <!-- maven-compiler-plugin --> <version.compiler.plugin>3.1</version.compiler.plugin> <maven.compiler.target>1.8</maven.compiler.target> <maven.compiler.source>1.8</maven.compiler.source> </properties> <dependencyManagement> <dependencies> <!-- Dependency Management for PicketLink and Java EE 6.0. --> <dependency> <groupId>org.picketlink</groupId> <artifactId>picketlink-javaee-7.0</artifactId> <version>${version.picketlink.javaee.bom}</version> <scope>import</scope> <type>pom</type> </dependency> </dependencies> </dependencyManagement> <dependencies> <!-- PicketLink Uber Dependency. It provides all PicketLink dependencies from a single JAR. You still can define each module separately, if you want to. --> <dependency> <groupId>org.picketlink</groupId> <artifactId>picketlink</artifactId> <scope>compile</scope> </dependency> <dependency> <groupId>org.hibernate.javax.persistence</groupId> <artifactId>hibernate-jpa-2.1-api</artifactId> </dependency> <!-- Import the EJB API, we use provided scope as the API is included in JBoss AS 7 --> <dependency> <groupId>org.jboss.spec.javax.ejb</groupId> <artifactId>jboss-ejb-api_3.2_spec</artifactId> </dependency> <!-- Import the CDI API, we use provided scope as the API is included in JBoss AS 7 --> <dependency> <groupId>javax.enterprise</groupId> <artifactId>cdi-api</artifactId> <scope>provided</scope> </dependency> <!-- Import the JAX-RS API, we use provided scope as the API is included in JBoss AS 7 --> <dependency> <groupId>org.jboss.spec.javax.ws.rs</groupId> <artifactId>jboss-jaxrs-api_1.1_spec</artifactId> <version>1.0.1.Final</version> </dependency> <dependency> <groupId>com.thetransactioncompany</groupId> <artifactId>cors-filter</artifactId> <version>2.4</version> </dependency> </dependencies> <build> <!-- Set the name of the war, used as the context root when the app is deployed --> <finalName>${project.artifactId}</finalName> <plugins> <plugin> <artifactId>maven-war-plugin</artifactId> <version>${version.war.plugin}</version> <configuration> <!-- Java EE 6 doesn't require web.xml, Maven needs to catch up! --> <failOnMissingWebXml>false</failOnMissingWebXml> </configuration> </plugin> <!-- JBoss AS plugin to deploy war --> <plugin> <groupId>org.jboss.as.plugins</groupId> <artifactId>jboss-as-maven-plugin</artifactId> <version>${version.jboss.maven.plugin}</version> </plugin> </plugins> </build> <profiles> <profile> <id>wildfly</id> <properties> <target.container>wildfly</target.container> </properties> <build> <plugins> <plugin> <groupId>org.wildfly.plugins</groupId> <artifactId>wildfly-maven-plugin</artifactId> <version>${version.wildfly.maven.plugin}</version> </plugin> </plugins> </build> </profile> </profiles> </project>
voici mon service d'ahthentification (qui a l'air de marcher correctement)
l'authenticator qui va avec
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36 @Path("/authentification") public class ServiceAuthentification { public static final String USERNAME_PASSWORD_CREDENTIAL_CONTENT_TYPE = "application/x-authc-username-password+json"; public static final String TOKEN_CONTENT_CREDENTIAL_TYPE = "application/x-authc-token"; @Inject private Identity identity; @Inject private DefaultLoginCredentials credentials; @POST @Produces("application/json") @Consumes({ USERNAME_PASSWORD_CREDENTIAL_CONTENT_TYPE }) public Response authenticate(DefaultLoginCredentials credential) { if (!this.identity.isLoggedIn()) { this.credentials.setUserId(credential.getUserId()); this.credentials.setPassword(credential.getPassword()); this.identity.login(); } Account account = this.identity.getAccount(); if (account != null) { //AccordeDroit(credential.getUserId()); return Response.ok().entity(account).type(MediaType.APPLICATION_JSON_TYPE).build(); } return Response.status(Status.UNAUTHORIZED).build(); } @POST @Consumes({ "*/*" }) public Response unsupportedCredentialType() { return Response.status(Response.Status.UNSUPPORTED_MEDIA_TYPE).build(); }
et enfin mon code de déconnexion
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53 @RequestScoped @PicketLink public class Authentifieur extends BaseAuthenticator { @Inject private DefaultLoginCredentials credentials; @Inject IndividuFacade individuFacade; @Inject private PartitionManager partitionManager; @Override public void authenticate() { if (this.credentials.getCredential() == null) { return; } if (isUsernamePasswordCredential()) { String userId = this.credentials.getUserId(); Password password = (Password) this.credentials.getCredential(); Individu ind=individuFacade.getIndividuRole(userId, String.copyValueOf(password.getValue())); if(ind!=null) { setStatus(AuthenticationStatus.SUCCESS); User user = new User(userId); user.setFirstName(ind.getPseudo()); user.setEmail(ind.geteMail()); user.setId(ind.getId().toString()); user.setEnabled(true); setAccount(user); IdentityManager identityManager = this.partitionManager.createIdentityManager(); identityManager.add(user); RelationshipManager relationshipManager = this.partitionManager.createRelationshipManager(); for(Role role : ind.getEnsembleRole()){ org.picketlink.idm.model.basic.Role roleTemp = BasicModel.getRole(identityManager, role.getCode()); BasicModel.grantRole(relationshipManager, user, roleTemp ); } } else { setStatus(AuthenticationStatus.FAILURE); } } } private boolean isUsernamePasswordCredential() { return Password.class.equals(credentials.getCredential().getClass()) && credentials.getUserId() != null; } }
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29 /** package hystrial.security.authentification; import javax.inject.Inject; import javax.ws.rs.POST; import javax.ws.rs.Path; import org.picketlink.Identity; import org.picketlink.idm.IdentityManager; import org.picketlink.idm.model.basic.User; /** * <p>Simple logout service.</p> */ @Path("/deconnexion") public class ServiceDeconnexion { @Inject private IdentityManager identityManager; @Inject private Identity identity; @POST public void logout() { if (this.identity.isLoggedIn()) { this.identity.logout(); } } }
et voici l'erreur
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75 13:05:08,830 INFO [stdout] (default task-14) Hibernate: select individu0_.id_individu as id_indiv1_0_0_, ensemblero1_.code_role as code_rol1_1_1_, ensemblero1_.id_individu as id_indiv2_1_1_, individu0_.e_mail as e_mail2_0_0_, individu0_.mot_passe as mot_pass3_0_0_, individu0_.pseudo as pseudo4_0_0_, ensemblero1_.id_individu as id_indiv2_0_0__, ensemblero1_.code_role as code_rol1_1_0__, ensemblero1_.id_individu as id_indiv2_1_0__ from individu individu0_ left outer join role ensemblero1_ on individu0_.id_individu=ensemblero1_.id_individu where individu0_.e_mail=? and individu0_.mot_passe=? 13:05:08,834 ERROR [io.undertow.request] (default task-14) UT005023: Exception handling request to /arenapolis/rs/authentification: org.jboss.resteasy.spi.UnhandledException: org.picketlink.authentication.AuthenticationException: Authentication failed. at org.jboss.resteasy.core.ExceptionHandler.handleApplicationException(ExceptionHandler.java:76) at org.jboss.resteasy.core.ExceptionHandler.handleException(ExceptionHandler.java:212) at org.jboss.resteasy.core.SynchronousDispatcher.writeException(SynchronousDispatcher.java:149) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:372) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:179) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:220) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) at com.thetransactioncompany.cors.CORSFilter.doFilter(CORSFilter.java:208) at com.thetransactioncompany.cors.CORSFilter.doFilter(CORSFilter.java:274) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:72) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:282) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:261) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:80) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:172) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:774) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.picketlink.authentication.AuthenticationException: Authentication failed. at org.picketlink.internal.AbstractIdentity.authenticate(AbstractIdentity.java:234) at org.picketlink.internal.AbstractIdentity.login(AbstractIdentity.java:145) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:38) at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:100) at org.jboss.weld.proxies.Identity$1509662680$Proxy$_$$_WeldClientProxy.login(Unknown Source) at hystrial.security.authentification.ServiceAuthentification.authenticate(ServiceAuthentification.java:41) at hystrial.security.authentification.ServiceAuthentification$Proxy$_$$_WeldClientProxy.authenticate(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:137) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:296) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:250) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:237) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:356) ... 38 more Caused by: org.picketlink.idm.IdentityManagementException: IdentityType [class org.picketlink.idm.model.basic.User] already exists with the given identifier [1] for the given Partition [null]. at org.picketlink.idm.internal.ContextualIdentityManager.checkUniqueness(ContextualIdentityManager.java:358) at org.picketlink.idm.internal.ContextualIdentityManager.checkUniqueness(ContextualIdentityManager.java:70) at org.picketlink.idm.internal.AbstractAttributedTypeManager.add(AbstractAttributedTypeManager.java:69) at hystrial.security.authentification.Authentifieur.authenticate(Authentifieur.java:59) at hystrial.security.authentification.Authentifieur$Proxy$_$$_WeldClientProxy.authenticate(Unknown Source) at org.picketlink.internal.AbstractIdentity.authenticate(AbstractIdentity.java:221) ... 57 more
Partager