websphere - Liberty 服务器 19.0.0.9 - 如何授权未经身份验证的用户

问题描述

我对容器安全有新问题。在服务器上，我有两只耳朵首先从第二个呼叫服务。在服务中有@RolesAllowed("Authenticated")。我在 server.xml 中的配置如下所示：

<featureManager>
    <feature>jndi-1.0</feature>
    <feature>distributedMap-1.0</feature>
    <feature>localConnector-1.0</feature>
    <feature>wasJmsClient-2.0</feature>
    <feature>jdbc-4.1</feature-->
    <feature>javaMail-1.5</feature>
    <feature>json-1.0</feature>
    <feature>adminCenter-1.0</feature>
    <feature>appSecurity-2.0</feature>
    <feature>beanValidation-2.0</feature>
    <feature>cdi-2.0</feature>
    <feature>jsf-2.3</feature>
    <feature>mdb-3.2</feature>
    <feature>ejbHome-3.2</feature>
    <feature>ejbLite-3.2</feature>
    <feature>ejbRemote-3.2</feature>
    <feature>jca-1.7</feature>
    <feature>concurrent-1.0</feature>
    <feature>jms-2.0</feature>
    <feature>appClientSupport-1.0</feature>
    <feature>ldapRegistry-3.0</feature>
  </featureManager>


<basicRegistry id="basic" realm="customRealm">
    <user password="{xor}Ozo5Kiw6LQ==" name="defuser" />
</basicRegistry>

两只耳朵包含相同的配置

<application-bnd>
    <security-role name="All Role">
        <special-subject type="ALL_AUTHENTICATED_USERS" />
    </security-role>
</application-bnd>

第二只耳朵包含 ibm-application-ibd.xml 文件，但我无法编辑它。最好是覆盖它。当我从第二只耳朵调用服务时，我仍然得到异常： 引起：javax.ejb.EJBAccessException：CWWKS9400A：用户在调用时授权失败 UNAUTHENTICATED

有什么想法吗？

标签： webspherewebsphere-libertyopen-liberty