美好的一天!你能为我解释吗?我有两个服务器-webseal和websphere 9.0。在Websphere上,我导出了ltpa密钥并启用了安全应用程序检查。在webseal上,我导入了ltpa密钥。我的代码:
try {
Subject cs = WSSubject.getcallerSubject();
logger.info("subject: ",cs);
logger.info("subjectPrincipal: ",WSSubject.getcallerPrincipal());
Subject rs = WSSubject.getRunAsSubject();
logger.info("runSubject: ",rs);
Set securityCredentials = rs.getPublicCredentials(WSCredential.class);
WSCredential sc = (WSCredential) securityCredentials.iterator().next();
logger.info("securityCredential.getSecurityName(): ",sc.getSecurityName());
return cs != null;
} catch (Exception e) {
logger.error("Exception: ",e);
throw new SecurityException("Can't authorize subject");
}
在我的日志中:
SecurityService : subject:
SecurityService : subjectPrincipal:
SecurityService : runSubject:
SecurityService : securityCredential.getSecurityName():
发生了什么事?为什么我的callerSubject!= null,但是在我的日志中没有关于安全详细信息的更多信息? ltpa令牌是否正确检查?