security7.html

j2eePDF格式的电子书

<div class="pSmartList3"><ol type="1" class="pSmartList3">
<a name="wp395449"> </a><div class="pSmartList3"><li>Read the explanatory text for an overview of the wizard's features. </li></div>
<a name="wp395450"> </a><div class="pSmartList3"><li>Click Next.</li></div>
</ol></div>
<a name="wp395451"> </a><div class="pSmartList2"><li>WAR File dialog box</li></div>
<div class="pSmartList3"><ol type="1" class="pSmartList3">
<a name="wp395452"> </a><div class="pSmartList3"><li>Select the button labelled Create New Stand-Alone WAR Module.</li></div>
<a name="wp395453"> </a><div class="pSmartList3"><li>In the WAR Location field, enter <code class="cVariable">&lt;INSTALL&gt;</code><code class="cCode">/j2eetutorial14/examples/security/mutualauth/MutualAuth.war.</code></li></div>
<a name="wp395454"> </a><div class="pSmartList3"><li>In the WAR Display Field, enter <code class="cCode">MutualAuth</code>.</li></div>
<a name="wp395455"> </a><div class="pSmartList3"><li>Click Edit.</li></div>
<a name="wp395456"> </a><div class="pSmartList3"><li>In the tree under Available Files, locate the <code class="cVariable">&lt;INSTALL&gt;</code>/<code class="cCode">j2eetutorial14</code>/<code class="cCode">examples/security/mutualauth/</code> directory.</li></div>
<a name="wp395457"> </a><div class="pSmartList3"><li>Select the <code class="cCode">build/</code> subdirectory.</li></div>
<a name="wp395458"> </a><div class="pSmartList3"><li>Click Add. </li></div>
<a name="wp395459"> </a><div class="pSmartList3"><li>Click OK.</li></div>
<a name="wp395460"> </a><div class="pSmartList3"><li>Click Next.</li></div>
</ol></div>
<a name="wp395461"> </a><div class="pSmartList2"><li>Choose Component Type dialog box</li></div>
<div class="pSmartList3"><ol type="1" class="pSmartList3">
<a name="wp395462"> </a><div class="pSmartList3"><li>Select the Web Services Endpoint button.</li></div>
<a name="wp395463"> </a><div class="pSmartList3"><li>Click Next.</li></div>
</ol></div>
<a name="wp395464"> </a><div class="pSmartList2"><li>Choose Service dialog box</li></div>
<div class="pSmartList3"><ol type="1" class="pSmartList3">
<a name="wp395465"> </a><div class="pSmartList3"><li>In the WSDL File combo box, select <code class="cCode">WEB-INF/wsdl/MySecureHelloService.wsdl</code>.</li></div>
<a name="wp395466"> </a><div class="pSmartList3"><li>In the Mapping File combo box, select <code class="cCode">build/mapping.xml</code>.</li></div>
<a name="wp395467"> </a><div class="pSmartList3"><li>Click Next.</li></div>
</ol></div>
<a name="wp395468"> </a><div class="pSmartList2"><li>Component General Properties dialog box</li></div>
<div class="pSmartList3"><ol type="1" class="pSmartList3">
<a name="wp395469"> </a><div class="pSmartList3"><li>In the Service Endpoint Implementation combo box, select <code class="cCode">mutualauth.HelloImpl</code>.</li></div>
<a name="wp395470"> </a><div class="pSmartList3"><li>Click Next.</li></div>
</ol></div>
<a name="wp395471"> </a><div class="pSmartList2"><li>Web Service Endpoint dialog box</li></div>
<div class="pSmartList3"><ol type="1" class="pSmartList3">
<a name="wp395472"> </a><div class="pSmartList3"><li>In the Service Endpoint Interface combo box, select <code class="cCode">mutualauth.HelloIF</code>.</li></div>
<a name="wp395473"> </a><div class="pSmartList3"><li>In the Namespace field, select <code class="cCode">urn:Foo</code>.</li></div>
<a name="wp395474"> </a><div class="pSmartList3"><li>In the Local Part field, select <code class="cCode">HelloIFPort</code>.</li></div>
<a name="wp395475"> </a><div class="pSmartList3"><li><code class="cCode">deploytool</code> will enter a default Endpoint Address URI <code class="cCode">HelloImpl</code> in this dialog. This endpoint address <em class="cEmphasis">must</em> be updated in the following steps. </li></div>
<a name="wp395496"> </a><div class="pSmartList3"><li>Click Next.</li></div>
<a name="wp395476"> </a><div class="pSmartList3"><li>Click Finish.</li></div>
<a name="wp395503"> </a><p class="pBodyRelative">
To access <code class="cCode">MyHelloService</code>, the tutorial clients will specify this service endpoint address URI:
</p>
<a name="wp395504"> </a><p class="pBodyRelative">
<code class="cCode">http://localhost:8080/mutualauth-jaxrpc/hello</code>
</p>
<a name="wp395505"> </a><p class="pBodyRelative">
The <code class="cCode">/mutualauth-jaxrpc</code> string is the context root of the servlet that implements <code class="cCode">MySecureHelloService</code>. The <code class="cCode">/hello</code> string is the servlet alias. 
</p>
</ol></div>
</ol></div>
<a name="wp395528"> </a><div class="pSmartList1"><li>Specify the endpoint address by setting the context root and alias as follows:</li></div>
<div class="pSmartList2"><ol type="a" class="pSmartList2">
<a name="wp395506"> </a><div class="pSmartList2"><li>In <code class="cCode">deploytool</code>, select <code class="cCode">mutualauth</code> in the tree.</li></div>
<a name="wp395507"> </a><div class="pSmartList2"><li>Select the General tab.</li></div>
<a name="wp395508"> </a><div class="pSmartList2"><li>In the Context Root field, enter <code class="cCode">mutualauth-jaxrpc</code>.</li></div>
<a name="wp395509"> </a><div class="pSmartList2"><li>In the tree, select <code class="cCode">HelloImpl</code>.</li></div>
<a name="wp395510"> </a><div class="pSmartList2"><li>Select the Aliases tab.</li></div>
<a name="wp395511"> </a><div class="pSmartList2"><li>In the Component Aliases table, add <code class="cCode">/hello</code>. (Don't forget the forward slash.)</li></div>
<a name="wp395512"> </a><div class="pSmartList2"><li>In the Endpoint tab, select <code class="cCode">hello</code> for the Endpoint Address in the Sun-specific Settings Frame.</li></div>
<a name="wp395513"> </a><div class="pSmartList2"><li>Select File<span style="font-family: Symbol"><img src="images/arrwrite.gif" border="0" alt="Right Arrow"></span>Save.</li></div>
</ol></div>
</ol></div>
<a name="wp395412"> </a><h5 class="pHeading4">
Adding Client Certificate Authentication using deploytool 
</h5>
<a name="wp395554"> </a><p class="pBody">
For HTTP client-certificate authentication, the application deployment descriptor, <code class="cCode">web.xml</code>, includes the information on who is authorized to access the application, which URL patterns and HTTP methods are protected, and what type of user authentication method this application uses. This information is added to the deployment descriptor using <code class="cCode">deploytool</code>, and its contents are discussed in more detail in <a  href="Security4.html#wp299872">Web-Tier Security</a> and in the Java Servlet Specification, which can be browsed or downloaded online at <code class="cCode"><a  href="http://java.sun.com/products/servlet/" target="_blank">http://java.sun.com/products/servlet/</a></code>. 
</p>
<div class="pSmartList1"><ol type="1" class="pSmartList1">
<a name="wp395566"> </a><div class="pSmartList1"><li>Select the <code class="cCode">mutualauth</code> example in the <code class="cCode">deploytool</code> tree. </li></div>
<a name="wp395567"> </a><div class="pSmartList1"><li>Select the Security tabbed pane.</li></div>
<a name="wp395568"> </a><div class="pSmartList1"><li>Select Client Certificate for the User Authentication Method.</li></div>
<a name="wp395569"> </a><div class="pSmartList1"><li>Select Add Constraints to add a Security Constraint.</li></div>
<a name="wp395570"> </a><div class="pSmartList1"><li>Select Add Collection to add a Web Resource Collection.</li></div>
<a name="wp395571"> </a><div class="pSmartList1"><li>Select the Web Resource Collection from the list, then select Edit Collections.</li></div>
<a name="wp395572"> </a><div class="pSmartList1"><li>Select Add URL Pattern. Enter <code class="cCode">/hello</code> in the text field. Click OK.</li></div>
<a name="wp395573"> </a><div class="pSmartList1"><li>Select the HTTP <code class="cCode">GET</code> and <code class="cCode">POST</code> methods.</li></div>
<a name="wp395574"> </a><div class="pSmartList1"><li>Click OK to close the Edit Contents dialog.</li></div>
<a name="wp395597"> </a><div class="pSmartList1"><li>Select CONFIDENTIAL under Network Security Requirement so that the application requires HTTP/SSL.</li></div>
<a name="wp395575"> </a><div class="pSmartList1"><li>Select Edit Roles on the Security tabbed pane to specify an authorized role for this application.</li></div>
<a name="wp395576"> </a><div class="pSmartList1"><li>Click Edit Roles in the Authorized Roles dialog to add an authorized user to this application. Click Add in the Edit Roles dialog and add the Name of <code class="cCode">admin</code>. Click OK to close this dialog.</li></div>
<a name="wp395577"> </a><div class="pSmartList1"><li>Select <code class="cCode">admin</code> under the Roles in column, then click Add to add it to the list of authorized roles for this application. Click OK to close the dialog.</li></div>
</ol></div>
<a name="wp395578"> </a><p class="pBody">
Note that the Authorized Roles list specifies <code class="cCode">admin</code>, a group that was specified during installation. For more information on defining and linking roles to users and groups defined on the server, see <a  href="Security3.html#wp79740">Setting up Security Roles</a>.
</p>
<a name="wp395395"> </a><h5 class="pHeading4">
Deploy the Mutual Authentication Example
</h5>
<div class="pSmartList1"><ol type="1" class="pSmartList1">
<a name="wp395739"> </a><div class="pSmartList1"><li>Deploy the JAX-RPC service by selecting the <code class="cCode">mutualauth</code> example in the <code class="cCode">deploytool</code> tree, then select Tools<span style="font-family: Symbol"><img src="images/arrwrite.gif" border="0" alt="Right Arrow"></span>Deploy.</li></div>
</ol></div>
<a name="wp395740"> </a><h5 class="pHeading4">
Run the Mutual Authentication Example
</h5>
<a name="wp157764"> </a><p class="pBody">
Enter the following command from the <code class="cCode">mutualauthclient/</code> directory at the terminal window or command prompt to run the JAX-RPC client:
</p>
<div class="pPreformattedRelative"><pre class="pPreformattedRelative">
&nbsp;&nbsp; asant run<a name="wp157781"> </a>
</pre></div>
<a name="wp157779"> </a><p class="pBody">
The client should display the following output:
</p>
<div class="pPreformattedRelative"><pre class="pPreformattedRelative">
<code class="cCode">Buildfile: build.xml

run-mutualauth-client:
&nbsp;&nbsp;&nbsp;&nbsp;[java] keyStore: &lt;</code><code class="cVariable">J2EE_HOME</code><code class="cCode">&gt;/domains/domain1/config/
cacerts.jks 
&nbsp;&nbsp;&nbsp;&nbsp;[java] keyStorePassword: changeit
&nbsp;&nbsp;&nbsp;&nbsp;[java] trustStore: &lt;</code><code class="cVariable">J2EE_HOME</code><code class="cCode">&gt;/domains/domain1/config/
keystore.jks 
&nbsp;&nbsp;&nbsp;&nbsp;[java] trustStorePassword: changeit
&nbsp;&nbsp;&nbsp;&nbsp;[java] endpointAddress = https://localhost:1043/secure-
mutualauth/hello
&nbsp;&nbsp;&nbsp;&nbsp;[java] Hello Duke (secure)

BUILD SUCCESSFUL</code><a name="wp153633"> </a>
</pre></div>
<a name="wp129208"> </a><p class="pBody">
For information on verifying that mutual authentication is running, see <a  href="Security6.html#wp148553">Verifying Mutual Authentication is Running</a>.
</p>
    </blockquote>

   <img src="images/blueline.gif" width="550" height="8" ALIGN="BOTTOM" NATURALSIZEFLAG="3" ALT="Divider">


    <table width="550" summary="layout" id="SummaryNotReq1">
      <tr>
	<td align="left" valign="center">
	<font size="-1">
	<a href="http://java.sun.com/j2ee/1.4/download.html#tutorial" target="_blank">Download</a>
	<br>
	<a href="http://java.sun.com/j2ee/1.4/docs/tutorial/information/faq.html" target="_blank">FAQ</a>
	<br>
	<a href="http://java.sun.com/j2ee/1.4/docs/tutorial/information/history.html" target="_blank">History</a>
	</td>
        <td align="center" valign="center">
<a accesskey="p" href="Security6.html"><img id="LongDescNotReq1" src="images/PrevArrow.gif" width="26" height="26" border="0" alt="Prev" /></a><a accesskey="c" href="J2EETutorialFront.html"><img id="LongDescNotReq1" src="images/UpArrow.gif" width="26" height="26" border="0" alt="Home" /></a><a accesskey="n" href="Security8.html"><img id="LongDescNotReq3" src="images/NextArrow.gif" width="26" height="26" border="0" alt="Next" /></a><a accesskey="i" href="J2EETutorialIX.html"></a>
        </td>
	<td align="right" valign="center">
	<font size="-1">
	<a href="http://java.sun.com/j2ee/1.4/docs/api/index.html" target="_blank">API</a>
	<br>
	<a href="http://java.sun.com/j2ee/1.4/docs/tutorial/information/search.html" target="_blank">Search</a>
	<br>
	<a href="http://java.sun.com/j2ee/1.4/docs/tutorial/information/sendusmail.html" target="_blank">Feedback</a></font>
	</font>
	</td>
      </tr>
    </table>

    <img src="images/blueline.gif" width="550" height="8" ALIGN="BOTTOM" NATURALSIZEFLAG="3" ALT="Divider">

<p><font size="-1">All of the material in <em>The J2EE(TM) 1.4 Tutorial</em> is 
<a href="J2EETutorialFront2.html">copyright</a>-protected and may not be published in other works
without express written permission from Sun Microsystems.</font>

  </body>
</html>