如何使用WEBLOGIC在JAVA中获取登录的用户?
问题描述:
我发现了一个代码,它应该达到的登录用户:如何使用WEBLOGIC在JAVA中获取登录的用户?
InitialContext ic = new InitialContext();
SessionContext sessionContext = (SessionContext)ic.lookup("java:comp/EJBContext");
System.out.println("look up injected sctx: " + sessionContext);
Principal p = sessionContext.getCallerPrincipal();
System.out.println(p.getName());
但它仍然给我<anonymus>
。这是为什么?我怎样才能达到记录的用户名?
答
您的bean需要被标记为安全(使用规范中提供的任何安全相关拦截器发挥作用的方式)。
作为第一步,你可以这样做:
@Override
@PermitAll
public String whoAmI() {
return context.getCallerPrincipal().getName();
}
这只是在那里你允许所有角色访问方法的例子。该@PermitAll安全注释的存在将指示EJB容器将EJB安全拦截器引入其中。看看这些文件,以进一步的细节.Giving你的JBoss例如 https://docs.jboss.org/author/display/AS72/Securing+EJBs
答
可以使用的MBean API也得到它
import javax.naming.*;
import javax.management.MBeanInfo;
import weblogic.jndi.Environment;
import weblogic.management.runtime.ServerRuntimeMBean;
import weblogic.security.providers.authentication.DefaultAuthenticatorMBean;
import weblogic.management.security.authentication.UserReaderMBean;
import weblogic.management.security.authentication.GroupReaderMBean;
import weblogic.management.MBeanHome;
import weblogic.management.WebLogicMBean;
import weblogic.management.tools.Info;
import weblogic.management.Helper;
import weblogic.management.security.authentication.*;
public class ListUsersAndGroups
{
public static void main(String[] args)
{
MBeanHome home = null;
try
{
Environment env = new Environment();
env.setProviderUrl(“t3://localhost:7001?);
env.setSecurityPrincipal(“weblogic”);
env.setSecurityCredentials(“weblogic”);
Context ctx = env.getInitialContext();
home = (MBeanHome)ctx.lookup(“weblogic.management.adminhome”);
weblogic.management.security.RealmMBean rmBean = home.getActiveDomain().getSecurityConfiguration().getDefaultRealm();
AuthenticationProviderMBean[] authenticationBeans = rmBean.getAuthenticationProviders();
DefaultAuthenticatorMBean defaultAuthenticationMBean = (DefaultAuthenticatorMBean)authenticationBeans[0];
UserReaderMBean userReaderMBean = (UserReaderMBean)defaultAuthenticationMBean;
GroupReaderMBean groupReaderMBean = (GroupReaderMBean)defaultAuthenticationMBean;
String userCurName = userReaderMBean.listUsers(“*”, 100);
while (userReaderMBean.haveCurrent(userCurName))
{
String user = userReaderMBean.getCurrentName(userCurName);
System.out.println(“\n User: ” + user);
userReaderMBean.advance(userCurName);
}
String cursorName = groupReaderMBean.listGroups(“*”, 100);
while (groupReaderMBean.haveCurrent(cursorName))
{
String group = groupReaderMBean.getCurrentName(cursorName);
System.out.println(“\n Group: ” + group);
groupReaderMBean.advance(cursorName);
}
}
catch (Exception e)
{
e.printStackTrace();
}
}
}
答
你可以试试这个。
Subject subject = Subject.getSubject(AccessController.getContext());
Set<java.security.Principal> principals = s.getPrincipals();
for (java.security.Principal principal : principals) {
if (principal.getClass() == WLSUserImpl.class) {
return principal.getName();
}
}
凡WLSUserImpl从包weblogic.security.principal.This来只为WebLogic可行的。
它不适合我:/不是他们 – victorio