NetBeans电子商务教程-11 - Securing the Application

The NetBeans E commerce Tutorial Securing the Application 确保应用程序安全确保应用程序安全 This tutorial unit focuses on web application security When securing web applications there are two primary concerns that need to be addressed 本教学单 元关注 web 应用程序安全 要确保 web 应用程序安全有两个主要概念需要注意 1 Preventing unauthorized users from gaining access to protected content 阻止未授权用户访问受保护资源 2 Preventing protected content from being read while it is being transmitted 阻止受保护资源在传输过程中被读取 The first concern access control is typically a two step process that involves 1 determining whether a user is who he or she claims to be i e authentication and then 2 either granting or denying the user access to the requested resource i e authorization A simple and common way to implement access control for web applications is with a login form that enables the server to compare user credentials with a pre existing list of authenticated users 第一 个概念 访问控制 是典型的两步处理 包括 1 确定用户是否是他 她声称的人 即 认 证 然后 2 准许或拒绝用户访问请求的资源 即 授权 一种简单通用的 web 应用 程序访问控制方法是登录表单 它使服务器能够比较用户的凭据是否与预先存在的认证用户 的一致 The second concern protecting data while it is in transit typically involves using Transport Layer Security TLS or its predecessor Secure Sockets Layer SSL in order to encrypt any data communicated between the client and server Upon reviewing the Affable Bean staff s list of requirements we ll need to secure the application in the following ways 第二个概念 在数据传输时提供保护 典型地包括使用传输层安全 TLS 或它的前身 安全套接字层 SSL 用于加密客户端和 服务器间传输的数据 回顾 AffableBean 雇员的需求列表 需要使用以下方法保护应用程 序安全 Set up a login form for the administration console that enables staff members access to the console s services and blocks unauthorized users 为管 理控制台设置一个登录表单 允许员工访问控制台服务 阻止未授权用户 Configure secure data transport for both the customer checkout process and for any data transmitted to and from the administration console 为客户结 帐过程和进出管理控制台的所有数据提供数据传输保护 In order to implement the above we ll take advantage of NetBeans visual editor for the web xml deployment descriptor We ll also work in the GlassFish Administration Console to configure a user group that corresponds to Affable Bean staff members and verify SSL support 为了实现以上目标 利用 NetBeans 的可视 化编辑器查看 web xml 部署描述符 还要在 GlassFish 管理控制台配置 Affable bean 员工 对应的 用户组 核实 SSL 支持 You can view a live demo of the application that you build in this tutorial NetBeans E commerce Tutorial Demo Application SoftwareSoftware oror ResourceResourceVersionVersion RequiredRequired NetBeans IDEJava bundle 6 8 or 6 9 Java Development Kit JDK version 6 GlassFish serverv3 or Open Source Edition 3 0 1 MySQL database serverversion 5 1 AffableBean projectsnapshot 10 Notes Notes The NetBeans IDE requires the Java Development Kit JDK to run properly If you do not have any of the resources listed above the JDK should be the first item that you download and install The NetBeans IDE Java Bundle includes Java Web and EE technologies which are required for the application you build in this tutorial The NetBeans IDE Java Bundle also includes the GlassFish server which you require for this tutorial You could download the GlassFish server independently but the version provided with the NetBeans download has the added benefit of being automatically registered with the IDE You can follow this tutorial unit without having completed previous units To do so see the setup instructions which describe how to prepare the database and establish connectivity between the IDE GlassFish and MySQL Java EE security is an expansive topic that spans well beyond the scope of this tutorial unit In order to fully appreciate the range of implementation options that are available to you refer to the Java EE 6 Tutorial Part VII Security This unit provides ample references to relevant sub sections within the Java EE Tutorial Java EE 安全是开放性主题远远超出本教学单元的范围 为了 充分了解可用的实现选项 请参阅 Java EE 6 Tutorial Part VII Security 本单元 提供了 Java EE 教程相关小节的丰富引用 Examining the Project Snapshot 查看项目快照 The beginning state of the snapshot helps to illustrate the need for security in the application 本快照的起始状态有助于说明本应用程序的安全需求 1 Open the project snapshot for this tutorial unit in the IDE Click the Open Project button and use the wizard to navigate to the location on your computer where you downloaded the project 在 IDE 中打 开本教程的项目快照 点击打开项目按钮 使用向导导航到计算机下载该 项目的位置 2 Run the project to ensure that it is properly configured with your database and application server 运行项目 确保数据库和应用服 务器配置正确 If you receive an error when running the project revisit the setup instructions which describe how to prepare the database and establish connectivity between the IDE GlassFish and MySQL 如果运行项目时收到一 条错误 回顾配置指南 它描述如何准备数据库和建立 IDE GlassFish 和 MySQL 的连接 3 Test the application s functionality in your browser This snapshot provides an implementation of the administration console as specified in the customer requirements To examine the administration console enter the following URL in your browser 在浏览器中测试应用程序的功能 该快照提供了一个管理控制台的实现 象客户需求中指定的那样 为了检查管理 控制台 在浏览器中输入以下 URL http localhost 8080 AffableBean admin admin The administration console enables you to view all customers and orders contained in the database When you click either of the links in the left panel the page will update to display a table listing customers or orders depending on your choice The log out link currently does not log out an authenticated user 管理控制台可查看数据库中的所有客 户和订单 点击面板左侧的链接 页面将更新显示一个表列出客户或订单 这取 决于您的选择 Note Note The customers and orders that you see displayed in the administration console are dependent on the data stored in your database You can create new records by stepping through the checkout process in the website Alternatively you can run the affablebean sample data sql script on your affablebean database to have your data correspond to the records displayed in the following screenshots If you need help with this task refer to step 2 in the setup instructions 管理控制台中显示的客户和订单依赖于数据库中保存的数 据 可以在网站上过一遍购物结帐过程来创建一条新纪录 也可以在 affablebean 数据库中运行 affablebean sample data sql 脚本 使您的数据与 下列快照中显示的一致 如果在此任务中需要帮助 参考配置指南的第二步 You can view details for each customer record by hovering your mouse and selecting an individual record 将鼠标悬停在一条记录上 并选择一个 记录 可看到客户记录的详细情况 Likewise you can view an order summary for each customer either by selecting an order from the administration console s orders table or by clicking the view order summary link in a customer details display 同样 从管理控制台的 订单 表中选择一个订单 或者在 客户细节 显示中点击 查看订单概况链接 可看到每个客户的订单概况 Naturally none of this information should be available to an anonymous site visitor In the coming steps you ll create login and error pages so that when an unauthenticated user attempts to access the administration console he or she will be directed to the login page Upon successful login the user is then redirected to the administration console s menu upon login failure the error page is displayed 很自然 这样的信息不该让匿名访问者看到 在接下来的步骤中 将 创建登录后错误页面 以便未验证用户试图访问管理控制台时 可直接导航到登 录页面 成功登录后 用户可重定向到管理控制台菜单 登录失败 则显示错误 页面 4 Examine the project snapshot in the Projects window 在项目窗口 Projects window 检查项目快照 This implementation of the administration console primarily relies on the following project resources 管理控制台的实现主要依赖以下项目资源 oAn adminadmin directory within the project s webroot which contains all page view files 项目 webroot 下的 admin 文件夹 包含所有视图文件 oAn AdminServletAdminServlet contained in the controller package which forwards requests to page views within the admin directory 包含在 controller 包中的 AdminServlet 将请求转发到 admin 文件夹中的页面视图 Also the following files have been modified from the previous snapshot 另外 下面的文件相对于前一个快照是修改过的 oWEB INF web xmlWEB INF web xml Contains a new that includes the header and footer fragments for page views contained in the admin directory 包含一个新的标签 为 admin 文件夹中的页面视图包含头和脚片段 ocss affablebean csscss affablebean css Includes new style definitions for elements in the administration console 包含了为管理控制台定义的新样式 If you have been following the NetBeans E commerce Tutorial sequentially you ll find that there is nothing contained in the implementation for the administration console which hasn t already been covered in previous units Essentially the AdminServlet processes requests from the admin index jsp page EJBs and entity classes are employed to retrieve information from the database and the information is then forwarded back to the admin index jsp page to be displayed 如果一直跟着 NetBeans 电子商务教程进行开发 会发现前面的单元没有包含管 理控制台的开发内容 本质上讲 AdminServlet 处理来自 admin index jsp 页面的请求 EJB 和实体类用于从数据库中取回信息 信息再传回 admin index jsp 页面并显示出来 5 In the browser return to the customer website by clicking the Affable Bean logo in the upper left corner of the web page Step through the entire business process flow of the application and note that the checkout process is handled over a non secure channel 在浏览器中点击网 页左上角的 Affable Bean logo 可返回客户网站 应该是主页 一步接一步完成应 用程序的整个业务处理流 注意结帐过程是在不安全的信道上处理的 When customers reach the checkout page they are expected to submit sensitive personal information in order to complete their orders Part of your task in this tutorial unit is to ensure that this data is sent over a secure channel Because the administration console also enables authenticated users to view customers personal information it too needs to be configured so that data is sent over the Internet securely 当客户到 达结帐页面时 期望他们提交敏感的个人信息来完成订单 本教学单元的部分任务是 确保这些数据通过安全信道发送 因为管理控制台允许授权用户查看客户个人信息 所以它也需要安全信道发送 Setting up Form Based Authentication 配置基于表单的验证 In this section you set up form based authentication for the AffableBean administration console Form based authentication enables the server to authenticate users based on the credentials they enter into a login form With these credentials the server is able to make a decision on whether to grant the user access to protected resources In order to implement this you ll create login and error pages and will rely on declarative security by entering security settings in the application s web xml deployment descriptor 在本节中 要为 AffableBean 控制台配置基于表单的验证 基于表单的验证使服务器根据用户输入到登 录表单中的凭据验证用户 根据这些凭据服务器可决定允许或拒绝用户访问受保护的资源 为了实现这一目的 将创建登录和错误页面 并依赖输入到应用程序 web xml 布署描述符中 的声明式安全设置 Before you begin implementing a form based authentication mechanism for the AffableBean application the following background information is provided to help clarify the security terms relevant to our scenario 在开始为 AffableBean 应 用程序实现基于表单验证机制前 下面的背景信息有所增加于弄清与本场景相关的安全术语 Declarative and Programmatic Security 声明式和编程式安全 Choosing an Authentication Mechanism 选择验证机制 DeclarativeDeclarative andand ProgrammaticProgrammatic SecuritySecurity 声明式和编程式安全声明式和编程式安全 With declarative security you specify all security settings for your application including authentication requirements access control and security roles using annotations and or deployment descriptors In other words the security for your application is in a form that is external to the application and relies on the mechanisms provided by the Java EE container for its management 使用声明式安全 可以为应用程序指定所有安全设置 包括验证需求 访问控 制 安全角色 使用标注和 或布署描述符 换句话说 应用程序的安全是一个外部表单 并依赖于 Java EE 容器提供安全管理机制 With programmatic security your classes entities servlets and page views manage security themselves In this case security logic is integrated directly into your application and is used to handle authentication and authorization and ensure that data is sent over a secure network protocol when necessary 使用 编程式安全 类 实体 servlet 和页面视图自己管理安全事务 在这种情况下 安全逻辑 集成在应用程序中 并用来处理验证和授权 确保需要时数据在安全网络协议上传输 For the AffableBean application we ll use declarative security by declaring all security information in the web xml deployment descriptor 对于 AffableBean 应用程 序 将通过在 web xml 布署描述符中声明安全信息来使用声明式安全 For more information on declarative and programmatic security types see the Java EE 6 Tutorial Overview of Web Application Security 关于声明式和编程式安全 类型 参阅 Java EE6 教程 web 应用程序安全概述 ChoosingChoosing anan AuthenticationAuthentication MechanismMechanism 选择验证机制选择验证机制 An authentication mechanism is used to determine how a user gains access to restricted content The Java EE platform supports various authentication mechanisms such as HTTP basic authentication form based authentication and client authentication The authentication mechanism behind our login form will be form based authentication You ll learn what form based authentication is when you begin setting up the login form for the AffableBean administration console below 验证机制用于决定如何控制用户访问受限内容 Java EE 平台提供了多种不 同的验证机制 如 HTTP 基本验证 基于表单的验证和客户端验证 藏在登录表单后面的验 证机制是基于表单的验证 在下面开始为 AffableBean 管理控制台设置登录表单时 将学习 什么是基于表单的验证 See the Java EE 6 Tutorial Specifying Authentication Mechanisms for further information 更多信息请参阅 Java EE 6 教程 指定验证机制 Form based authentication has the advantage of enabling the developer to design the appearance of the login form so that it better suits the application which it belongs to Our implementation for the form based authentication mechanism can be divided into two steps Begin by creating page views for the required login form and error message Then add entries to the web xml deployment descriptor to inform the servlet container that the application requires form based authentication for access to the resources that comprise the administration console 基于表单的验证有个优点是开发者可以设计登录表单的外观 更 适于所属的应用程序 我们实现的具于表单的验证机制分为两步 首先创建所需的登录表单 和错误消息的页面视图 然后在 web xml 布署描述符中添加项目通知 servlet 容器应用程序 要求有基于表单的验证来控制对管理控制台所含资源的访问 1 Create Pages for Login and Login Failure 创建登录和登录失败页面 2 Add Security Entries to the Deployment Descriptor 在布署描述符中添加安全项 CreateCreate PagesPages forfor LoginLogin andand LoginLogin FailureFailure 创建登录和登录失败页面创建登录和登录失败页面 In form based authentication the process of authentication and authorization is shown in the following four steps 在基于表单的验证中 验证和授权过程有如下 4 步 1 The client sends a request to the server for a protected resource 客户端 向服务器发送请求访问受保护资源 2 The server recognizes that a protected resource has been requested and returns the login page to the client 服务器检测到请求的是受保护资源 向客户端返 回登录页面 3 The client sends username and password credentials using the provided form 客户端用所提供的表单发送用户名和密码凭据 4 The server processes the credentials and if an authorized user is identified the protected resource is returned otherwise the error page is returned 服务器处理凭据 如果用户通过验证 返回受保护资源 否则返回错误页面 For more information on form based authentication see the Java EE 6 Tutorial Form Based Authentication 更多的基于表单的验证信息 请参阅 Java EE 6 教程 基于表 单的验证 The j security check keyword represents the destination in the servlet container that handles authentication and authorization When implementing the HTML login form you apply it as the value for the form s action attribute You also apply the j username and j password keywords as in the following template 关键字 j security check 代表的目的地在 servlet 容器中负责处理验证和授权 在实现 HTML 登录 表单时 可用它作为表单的 action 属性值 还可以象下面模板一样使用 j username 和 j password 关键字 username password Perform the following steps 完成下面步骤 1 In the Projects window right click the admin folder node and choose New JSP 在项目窗口 Projects 右击 admin 文件夹节点 选择新建 JSP New JSP 2 Name the file login then click Finish The new login jsp file is created and opens in the editor 将文件命名为 login 然后点击完成 Finish 创建了一 个新的 login jsp 文件 并在编辑器中打开了它 3 Repeat the previous two steps to create a new error jsp file In the New JSP wizard name the file error When you finish you ll have two new files listed in the Projects window 重复以上两步创建新的 error jsp 文件 在新 JSP 向导中将文件命名为 error 完成后 在项目窗口 Projects 中列出了两个 新文件 4 Open the project s web deployment descriptor Press Alt Shift O Ctrl Shift O on Mac and in the Go to File dialog type web then click OK 打开项目的 web 布署描述符 按 Alt Shift O Ctrl Shift O on Mac 并在 Go to File 对话框中键入 web 然后点击 OK 5 In the editor scroll to the bottom of the web xml file and note the entry created for JSP pages in the administration console Add the new login and error JSP pages as entries Changes in boldbold 在编辑器中 滚动到 web xml 文件的底部 注意为管理控制台中的 JSP 页 面创建项 用标签添加新的登录和错误 JSP 页 面 修改如黑体所示 JSP configuration for the admin console admin index jsp admin login jsp admin login jsp admin error jsp admin error jsp admin jspf header jspf admin jspf footer jspf This step ensures that when these two pages are returned to a client they will be prepended and appended with the defined header jspf and footer jspf fragments respectively 这个步骤确保这两个页面返回给客户端时 会附加上定义好的 header jspf 和 footer jspf You can equally configure the entry from the web xml s visual editor Click the Pages tab along the top of the editor and enter the URL patterns into the respective JSP Property Group 可以在可 视化编辑器中配置 web xml 的项 在编辑器顶部点击页面 Pages 标签页 输入 URL 模式到各自的 JSP 属性组 Property Group 6 Press Ctrl Tab to switch to the login jsp file in the editor Delete the entire template contents for the file then enter the following HTML form 按 Ctrl Tab 在编辑器中切换到 login jsp 文件 删除模板中的内容 输入下面下面 HTML 表单 username password Note that the HTML form is based on the template provided above Here you use the j security check keyword as the value for the form s action attribute and the j username and j password keywords as the values for the name attribute of the username and password text fields Also note that we define the style of the form by encapsulating the form widgets within a element that has styles defined for the loginBox ID and rounded class 注意 HTML 表单是基于上述模板的 此处使用关键字 j security check 作为表单的 action 属性值 并且 j username 和 j password 关键字作为 username 和 password 文本字段的 name 属性值 通过用 元素封装表单标签可给表单定义样式 使用 loginBox ID 和 rounded class 定义样式 7 Press Ctrl Tab and switch to the error jsp file in the editor Delete the entire template contents for the file then enter the following 按下 Ctrl Tab 在编辑器中切换到 error jsp 文件 删除文件中的模板内容 然后输入下 面信息 Invalid username or password Return to admin login The above content includes a simple message indicating that login has failed and provides a link that allows the user to return to the login form 以上内容包括一个指示登录失败的简单消息 并提供一个允许用户返回登录表 单的链接 AddAdd SecuritySecurity EntriesEntries toto thethe DeploymentDeployment DescriptorDescriptor 在布署描述符中添加安全项在布署描述符中添加安全项 In order to instruct the servlet container that form based authentication is to be used you add entries to the web xml deployment descriptor This is essentially a three step process which can be followed by specifying settings under the three headings in the web xml file s Secur