调用容器来做认证,我这边搞不定。 建议你们这边还是调用我们提供的接口来做。如果你们坚持想调用使用容器来做认证,可以参考下面方法。
找了一段调用tomcat6容器做认证的方法,但是只支持tomcat6,不怎么适用。其他版本都不怎么支持authenticate这个方法,如果你们这边还需要用下面方式,这个需要你们自己去研究了。
public boolean authenticate(String user, String pwd,HttpServletRequest request, HttpServletResponse response) {
try{
Class<?> clz = Class.forName("org.apache.catalina.ServerFactory");
Method getServerMethod = clz.getMethod("getServer", new Class[]{});
Object server = getServerMethod.invoke(clz, new Object[]{});
Class<?> serverClz = server.getClass();
Method findServiceMethod = serverClz.getMethod("findService", new Class[]{String.class});
Object service = findServiceMethod.invoke(server, new Object[]{"Catalina"});
Class<?> serviceClz = service.getClass();
Method getContainerMethod = serviceClz.getMethod("getContainer", new Class[]{});
Object container = getContainerMethod.invoke(service, new Object[]{});
Class<?> containerClz = container.getClass();
Method getRealmMethod = containerClz.getMethod("getRealm", new Class[]{});
Object realm = getRealmMethod.invoke(container, new Object[]{});
Class<?> realmClz = realm.getClass();
Method authenticateMethod = realmClz.getMethod("authenticate", new Class[]{String.class,String.class});
Object principal = authenticateMethod.invoke(realm, new Object[]{user,pwd});
if(principal == null){
return false;
}
return true;
}catch(Throwable e){
LoggerUtil.info("authenticate exception:" + e.getMessage(),e);
return false;
}
}
Weblogic 登录认证
Object result = null;
try {
// 5、授权认证,登录的是虚拟用户,而不是umCode
// weblogic10版本升级,weblogic.servlet.security.ServletAuthentication.login方法在wls8和wls10下参数个数不一样,需做反射处理
// 待weblogic8环境下线以后,该方法需修改成weblogic8方法的判断
Method meth = null;
try {
meth = Object.class.forName("weblogic.servlet.security.ServletAuthentication").getMethod("login",new Class[] { java.lang.String.class,java.lang.String.class,HttpServletRequest.class,HttpServletResponse.class });
if (meth == null) {
meth = Object.class.forName("weblogic.servlet.security.ServletAuthentication").getMethod("login",new Class[] { java.lang.String.class,java.lang.String.class,HttpServletRequest.class });
if (meth != null) {
result = meth.invoke(Object.class.forName("weblogic.servlet.security.ServletAuthentication"),new Object[] { v_userName, v_passWord,request });
}
} else {
result = meth.invoke(Object.class.forName("weblogic.servlet.security.ServletAuthentication"),new Object[] { v_userName, v_passWord,request, response });
}
} catch (Exception e) {
logger.info(e.getMessage(), e);
meth = Object.class.forName("weblogic.servlet.security.ServletAuthentication").getMethod("login",new Class[] { java.lang.String.class,java.lang.String.class,HttpServletRequest.class });
if (meth != null) {
result = meth.invoke(Object.class.forName("weblogic.servlet.security.ServletAuthentication"),new Object[] { v_userName, v_passWord,request });
}
}
} catch (Exception e) {
logger.info(e.getMessage(), e);
throw new ServletException(e.getMessage());
}
// 0:用户正常登陆 1:用户登陆失败
if (result != null && result instanceof Integer) {
if (((Integer) result).intValue() != 0) {
logger.info(LOGIN_FAIL);
throw new ServletException(LOGIN_FAIL);
}
} else if (result == null) {
logger.info(LOGIN_FAIL);
throw new ServletException(LOGIN_FAIL);
}