我一直在遵循JBoss Picketlink 2.5.x documentation found here,以尝试创建用于对我的应用程序进行身份验证的自定义用户模型.我的应用程序是部署在JBoss EAP 6.2上的典型JavaEE 6应用程序.我已经能够成功创建自定义User模型类,并且能够毫无问题地保留用户.我看到我的自定义属性按预期方式反映在数据库中.我的自定义用户模型如下所示：

public class ExtendedUser extends User {

    private static final long serialVersionUID = -9132382669181464122L;

    @AttributeProperty
    private String uniqueIdentifier = null;

  ...

}

…而创建新用户帐户的代码如下所示：

ExtendedUser u = new ExtendedUser(username);
u.setFirstName(firstName);
u.setLastName(lastName);
u.setEmail(emailAddress);
u.setUniqueIdentifier(UUID.randomUUID().toString());

idm.add(u);
idm.updateCredential(u, new Password(password));

此外,我为用户帐户提供了一个自定义实体模型,如下所示：

@Entity(name = "UserAccount")
@Table(name = "tbl_user_account", uniqueConstraints = {
@UniqueConstraint(columnNames = { "email" }) })
@IdentityManaged({ ExtendedUser.class, Agent.class })
public class UserAccountBean extends BaseAccountIdentityBean implements
        IdentifiedDomainEntity {

    private static final long serialVersionUID = -537779599507513418L;

       <snip... irrelevant fields...>

    @Column(length = ValidationConstants.UUID_LEN, unique = true)
    @Unique
    @Length(max = ValidationConstants.UUID_LEN)
    @Index(name = "idx_user_account_uniqueid")
    @AttributeValue(name = "uniqueIdentifier")
    // @NotEmpty
    private String uniqueIdentifier = null;


 ...

我看到按预期在数据库表中填充了uniqueIdentifier属性.但是,每当我尝试使用以此方式创建的用户进行身份验证时,身份验证都会失败.每次.我还需要做些其他事情来利用我的自定义User对象吗？创建Identity或IdentityManager实例时,是否必须在某处指定它？我的身份验证代码相对简单,如下所示：

@Inject
private DefaultLoginCredentials loginCredentials = null;

    ...

        loginCredentials.setUserId(loginName);
    loginCredentials.setPassword(password);

    AuthenticationResult result = identity.login();
    if (logger.isDebugEnabled()) {
        logger.debug("authenticate(String, String, String) - AuthenticationResult result=" + result); //$NON-NLS-1$
    }

正如我提到的,此代码每次都会失败.我已经完成了仔细检查密码的检查,而且我知道它们是正确的.我没有看到任何异常或错误写入日志,因此我不确定可能是什么问题.如果我使用Picketlink库提供的标准User对象,即使我对后端数据库使用相同的Entity,代码也可以正常工作.它仅在使用ExtendedUser时失败,因此我确定我末端缺少某些东西.有什么建议吗？

更新：似乎Picketlink 2.6.0增加了更多的日志记录.我已经升级,但是仍然失败,但是现在我看到以下错误消息：

14:41:23,133 DEBUG [org.picketlink.idm.credential] (http-localhost/127.0.0.1:9080-3) Starting validation for credentials [class org.picketlink.idm.credential.UsernamePasswordCredentials][org.picketlink.idm.credential.UsernamePasswordCredentials@56370e07] using identity store [org.picketlink.idm.jpa.internal.JPAIdentityStore@22ef0c6c] and credential handler [org.picketlink.idm.credential.handler.PasswordCredentialHandler@387a19c9].
14:41:23,134 DEBUG [org.picketlink.idm.credential] (http-localhost/127.0.0.1:9080-3) PLIDM001003: Trying to find account [user6_4] using default account type [class org.picketlink.idm.model.basic.User] with property [loginName].
14:41:23,136 DEBUG [org.picketlink.idm.credential] (http-localhost/127.0.0.1:9080-3) PLIDM001003: Trying to find account [user6_4] using default account type [class org.picketlink.idm.model.basic.Agent] with property [loginName].
14:41:23,138 DEBUG [org.picketlink.idm.credential] (http-localhost/127.0.0.1:9080-3) Account NOT FOUND for credentials [class org.picketlink.idm.credential.UsernamePasswordCredentials][org.picketlink.idm.credential.UsernamePasswordCredentials@56370e07].

因此,很明显Picketlink尝试使用标准的User对象进行身份验证,而不是我的自定义对象.也就是说,如何告诉Picketlink使用我的自定义ExtendedUser对象进行身份验证？

解决方法:

我只是和你一样头痛.我也一直尝试添加自己的用户帐户.我能够使其正常运行的唯一原因是您提到PicketLink试图查找用户和代理类型的帐户！这意味着您必须实现自己的PasswordCredentialHandler.不用担心您可以将this class和this class复制到您的项目中.在AbstractCredentialHandler的“ configureDefaultSupportedAccountTypes”方法中,您将看到以下内容：

   if (!this.defaultAccountTypes.contains(User.class)) {
        this.defaultAccountTypes.add(User.class);
    }

    if (!this.defaultAccountTypes.contains(Agent.class)) {
        this.defaultAccountTypes.add(Agent.class);
    }

只需向其添加自定义帐户类,如下所示：

if (!this.defaultAccountTypes.contains(CustomUser.class)) {
        this.defaultAccountTypes.add(CustomUser.class);

    }

您要做的最后一件事是将PasswordCredentialHandler添加到IDMConfigurtion：

private void initConfig() {
    IdentityConfigurationBuilder builder = new IdentityConfigurationBuilder();

    builder
        .named("default")
            .stores()
                .jpa()
                    .mappedEntity(
                            AccountTypeEntity.class,
                            RoleTypeEntity.class,
                            GroupTypeEntity.class,
                            IdentityTypeEntity.class,
                            RelationshipTypeEntity.class,
                            RelationshipIdentityTypeEntity.class,
                            PartitionTypeEntity.class,
                            PasswordCredentialTypeEntity.class,
                            AttributeTypeEntity.class,
                            CustomUserEntity.class
                            )
                    .supportGlobalRelationship(Relationship.class)
                    .addContextInitializer(this.contextInitializer)
                    .addCredentialHandler(PasswordCredentialHandler.class)
                    .supportAllFeatures();
    identityConfig = builder.build();

希望对您有所帮助！