如何从部署到Websphere 6.1的EJB访问身份validation别名
我需要在EJB中为密钥库提供密码,但我不希望它对开发人员可见。 我的想法是在Websphere Console中创建身份validation别名,然后查找MY_ALIAS并从别名获取密码。 我在以下网站找到了一些与主题相关的讨论: http : //www.coderanch.com/t/79439/Websphere/Authentication
有人知道可以别名吗? 您建议的方法是什么来实现我的目标?
非常感谢你!
您可以使用以下代码从J2C身份validation数据条目获取凭据:
import com.ibm.wsspi.security.auth.callback.Constants; import com.ibm.wsspi.security.auth.callback.WSMappingCallbackHandlerFactory; import javax.resource.spi.security.PasswordCredential; import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.login.LoginContext; Map map = new HashMap(); map.put(Constants.MAPPING_ALIAS, "YOUR_J2C_DATA_ALIAS"); CallbackHandler callbackHandler = WSMappingCallbackHandlerFactory.getInstance().getCallbackHandler(map, null); LoginContext loginContext = new LoginContext("DefaultPrincipalMapping", callbackHandler); loginContext.login(); Subject subject = loginContext.getSubject(); Set credentials = subject.getPrivateCredentials(); PasswordCredential passwordCredential = (PasswordCredential) credentials.iterator().next(); String user = passwordCredential.getUserName(); String password = new String(passwordCredential.getPassword());