Ahora si comenzamos, voy a explicar los archivos m\u00e1s importantes, si quieres el c\u00f3digo completo lo puedes descargar desde mi Github<\/a><\/p>\n El archivo pom.xml<\/strong><\/p>\n En este archivo\u00a0coloque todas las dependencias necesarias para usar Spring y Spring Security solo quiero destacar que para usar el api de AS400 coloque la dependencia de esta forma ya que no existe en el repositorio de Maven:<\/p>\n Archivo web.xml <\/strong><\/p>\n Aqu\u00ed he\u00a0configurado el Servlet de Spring y Filtro de Spring Security<\/p>\n Archivo spring-security.xml<\/strong><\/p>\n En la configuraci\u00f3n se SpringSecurity cree\u00a0el\u00a0authenticationProvider el cual usaremos para validar la sesi\u00f3n desde el AS400<\/p>\n Archivo\u00a0login.jsp<\/strong><\/p>\n Vamos a crear nuestro archivo login.jsp el mismo la vamos a colocar dentro de WEB-INF\/pages\/auth\/login.jsp, para los que no tienen experiencia con Spring Security<\/p>\n Clase\u00a0AuthController.java<\/strong><\/p>\n Este es el controlado que va a\u00a0presentar la pantalla de inicio de sesi\u00f3n:<\/p>\n Clase\u00a0CustomAuthenticationProvider.java<\/strong><\/p>\n En esta clase vamos a iniciar la sesi\u00f3n el AS400, dentro de ella podemos encotrar tres metodos:<\/p>\n authenticate:<\/p>\n isPasswordCorrect: Aqu\u00ed vamos a iniciar la sesi\u00f3n contra el AS400 con el m\u00e9todo\u00a0validateSignon del jt400.<\/p>\n translateSecurityExceptionAndRethrow: Como el m\u00e9todo\u00a0validateSignon no retorna nada\u00a0si es correcto, el lanza una excepci\u00f3n de error de autenticaci\u00f3n el cual vamos a manjar con este otro m\u00e9todo:<\/p>\n <\/p>\n Ahora vamos a correr el proyecto desde Netbeans usando Tomcat:<\/p>\n Y ahora entramos al inicio de sesion:<\/p>\n<dependency>\r\n <groupId>com.ibm<\/groupId>\r\n <artifactId>jt400<\/artifactId>\r\n <version>6.1.0.6<\/version>\r\n <scope>system<\/scope>\r\n <systemPath>${basedir}\/lib\/jt400.jar<\/systemPath>\r\n<\/dependency><\/pre>\n <servlet>\r\n <servlet-name>mvc-dispatcher<\/servlet-name>\r\n <servlet-class>org.springframework.web.servlet.DispatcherServlet<\/servlet-class>\r\n <init-param>\r\n <param-name>contextConfigLocation<\/param-name>\r\n <param-value>\/WEB-INF\/applicationContext.xml<\/param-value>\r\n <\/init-param>\r\n <load-on-startup>1<\/load-on-startup>\r\n <\/servlet>\r\n <servlet-mapping>\r\n <servlet-name>mvc-dispatcher<\/servlet-name>\r\n <url-pattern>\/app\/*<\/url-pattern>\r\n <\/servlet-mapping>\r\n <filter>\r\n <filter-name>springSecurityFilterChain<\/filter-name>\r\n <filter-class>org.springframework.web.filter.DelegatingFilterProxy<\/filter-class>\r\n <\/filter>\r\n <filter-mapping>\r\n <filter-name>springSecurityFilterChain<\/filter-name>\r\n <url-pattern>\/*<\/url-pattern>\r\n <\/filter-mapping><\/pre>\n
<beans:bean id=\"authenticationProvider\"\r\n class=\"com.stricore.as400.security.CustomAuthenticationProvider\">\r\n <beans:property name=\"nonceValiditySeconds\" value=\"10\"\/>\r\n <beans:property name=\"key\" value=\"KEY\"\/>\r\n <\/beans:bean>\r\n \r\n <security:authentication-manager alias=\"authenticationManager\">\r\n <security:authentication-provider ref=\"authenticationProvider\"\/>\r\n <\/security:authentication-manager><\/pre>\n
<form method=\"POST\" id=\"form1\" name=\"form1\" \r\n action=\"${pageContext.servletContext.contextPath }\/j_spring_security_check\"\r\n autocomplete=\"off\">\r\n <input type=\"hidden\" name=\"${_csrf.parameterName}\" value=\"${_csrf.token}\"\/>\r\n <input type=\"hidden\" name=\"timeout\" id=\"timeout\" value=\"${timeout}\" \/>\r\n <c:out value=\"${message}\"\/>\r\n <c:if test=\"${sessionScope.levelerror != null}\">\r\n <div id=\"levelerror \" class=\"error\">\r\n <c:out value=\"${sessionScope.levelerror}\" \/>\r\n <c:remove var=\"levelerror\" scope=\"session\"\/>\r\n <\/div> \r\n <\/c:if>\r\n <table cellspacing=\"1\">\r\n <tr>\r\n <td>\r\n <label for=\"signin_username\">Usuario<\/label>\r\n <\/td>\r\n <\/tr>\r\n <tr>\r\n <td>\r\n <input id=\"j_username\" name=\"j_username\" type=\"text\" value=\"\" maxlength=\"10\" type=\"text\">\r\n <\/td>\r\n <\/tr>\r\n <tr>\r\n <td>\r\n <label for=\"signin_password\">Contrase\u00f1a<\/label>\r\n <\/td>\r\n <\/tr>\r\n <tr>\r\n <td>\r\n <input id=\"j_password\" name=\"j_password\" type=\"password\" value=\"\" maxlength=\"10\">\r\n <\/td>\r\n <\/tr>\r\n <tr>\r\n <td>\r\n <input type=\"submit\" value=\"Autenticar\">\r\n <\/td>\r\n <\/tr>\r\n <\/table>\r\n <\/form><\/pre>\n@Controller\r\n@RequestMapping(\"\/auth\")\r\npublic class AuthController {\r\n\r\n @Autowired\r\n CustomAuthenticationProvider authenticationProvider;\r\n\r\n @RequestMapping(value = \"\/login\", method = RequestMethod.GET)\r\n public String getLoginPage(ModelMap model, HttpServletRequest request, HttpSession session) {\r\n String timeout = authenticationProvider.calculateNonce();\r\n session.setAttribute(\"timeout\", timeout);\r\n model.addAttribute(\"timeout\", timeout);\r\n\r\n try {\r\n if (request.getParameter(\"message\") != null) {\r\n String message = \"\";\r\n long error = Long.parseLong(request.getParameter(\"message\"));\r\n if (error == 1) {\r\n message = \"Usuario o contrase\u00f1a no v\u00e1lidos!\";\r\n } else if (error == 2) {\r\n message = \"Sesi\u00f3n cerrada con \u00e9xito\";\r\n } else if (error == 3) {\r\n message = \"Su sesi\u00f3n expiro!\";\r\n } else if (error == 4) {\r\n message = \"Su sesi\u00f3n expiro!\";\r\n } else if (error == 5) {\r\n message = \"Su sesi\u00f3n se ha cerrado por que ha sido abierta desde otro sitio!\";\r\n }\r\n request.getSession().setAttribute(\"levelerror\", message);\r\n }\r\n } catch (Exception e) {\r\n }\r\n return \"\/auth\/login\";\r\n }\r\n\r\n @RequestMapping(value = \"\/logout\", method = RequestMethod.GET)\r\n public String getLogoutPage(ModelMap model, HttpServletRequest request, HttpSession session) {\r\n session.removeAttribute(\"username\");\r\n session.invalidate();\r\n\r\n return \"\/auth\/logout\";\r\n }\r\n\r\n @RequestMapping(value = \"\/denied\", method = RequestMethod.GET)\r\n public String getDeniedPage(@RequestParam(value = \"error\", required = false) boolean error,\r\n ModelMap model) {\r\n\r\n return \"\/auth\/denied\";\r\n }\r\n\r\n}<\/pre>\n @Override\r\n public final Authentication authenticate(Authentication authentication) {\r\n final UsernamePasswordWithTimeoutAuthenticationToken authenticationToken = (UsernamePasswordWithTimeoutAuthenticationToken) authentication;\r\n validateTimeout(authenticationToken);\r\n\r\n String name = authentication.getName();\r\n String password = authentication.getCredentials().toString();\r\n\r\n if (isPasswordCorrect(authentication)) {\r\n List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>();\r\n grantedAuths.add(new SimpleGrantedAuthority(\"ROLE_USER\"));\r\n grantedAuths.add(new SimpleGrantedAuthority(\"ROLE_ADMIN\"));\r\n grantedAuths.add(new SimpleGrantedAuthority(\"superuser\"));\r\n Authentication auth = new UsernamePasswordAuthenticationToken(name, password, grantedAuths);\r\n return auth;\r\n } else {\r\n return null;\r\n }\r\n }<\/pre>\n protected boolean isPasswordCorrect(Authentication authentication) { \r\n String systemName = \"PUB1.RZKH.DE\";\r\n String userName = authentication.getName();\r\n String userPwd = authentication.getCredentials().toString();\r\n AS400 myAS400 = new AS400(systemName);\r\n String msg = \"authentification failed on \" + systemName + \" for user\" + userName;\r\n try {\r\n myAS400.validateSignon(userName, userPwd);\r\n } catch (AS400SecurityException e) {\r\n translateSecurityExceptionAndRethrow(e, userName, systemName);\r\n throw new BadCredentialsException(msg, e);\r\n } catch (IOException e) {\r\n throw new AuthenticationServiceException(msg, e);\r\n }\r\n return true;\r\n }<\/pre>\n private void translateSecurityExceptionAndRethrow(AS400SecurityException e,\r\n String userName, String systemName) {\r\n int code = e.getReturnCode();\r\n String msg = \"authentification failed on \" + systemName + \" for user\" + userName;\r\n if (code == AS400SecurityException.PASSWORD_INCORRECT) {\r\n throw new BadCredentialsException(msg, e);\r\n } else if (code == AS400SecurityException.USERID_UNKNOWN) {\r\n throw new UsernameNotFoundException(msg, e);\r\n } else if (code == AS400SecurityException.PASSWORD_EXPIRED) {\r\n throw new CredentialsExpiredException(msg, e);\r\n } else if (code == AS400SecurityException.PASSWORD_INCORRECT_USERID_DISABLE) {\r\n throw new CredentialsExpiredException(msg, e);\r\n } else if (code == AS400SecurityException.USERID_DISABLE) {\r\n throw new CredentialsExpiredException(msg, e);\r\n } else {\r\n throw new BadCredentialsException(msg, e);\r\n }\r\n }<\/pre>\n![\"Captura](\"https:\/\/www.joseluisestevez.com\/wp-content\/uploads\/2015\/09\/Captura-de-pantalla-de-2015-09-25-115230.png\")
<\/a><\/p>\n
![\"Captura](\"https:\/\/www.joseluisestevez.com\/wp-content\/uploads\/2015\/09\/Captura-de-pantalla-de-2015-09-25-115224.png\")
<\/a><\/p>\n