在 Tomcat 中设置 HTTP 摘要认证的示例
在 Tomcat 中设置摘要认证与设置基本认证几乎一样,差别在于配置 web.xml 时,<login-config/> 元素在指定认证方法时,基本认证设置 auth-method 为 BASIC,而摘要认证设置 auth-method 为 DIGEST:
<login-config> <auth-method>DIGEST</auth-method> <realm-name>hueyhome</realm-name> </login-config>
测试:
a) 无认证信息请求
C:Usershuey> curl -I http://localhost:8080/helloweb/home/index.html HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 08:00:00 CST WWW-Authenticate: Digest realm="hueyhome", qop="auth", nonce="1463129892972:deeaa87bec6be4057899dac852625e9c", opaque="AECB8C2E17E7F66CF7905F638B7463EA" Content-Type: text/html;charset=utf-8 Content-Length: 951 Date: Fri, 13 May 2016 08:58:12 GMT
b) 正确认证信息且该用户无指定资源的访问权限
C:Usershuey>curl -I --digest -u "all:all" http://localhost:8080/helloweb/home/index.html HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 08:00:00 CST WWW-Authenticate: Digest realm="hueyhome", qop="auth", nonce="1463130123893:17b1a3bc2383eb5742e8d34e036fe75d", opaque="AECB8C2E17E7F66CF7905F638B7463EA" Content-Type: text/html;charset=utf-8 Content-Length: 951 Date: Fri, 13 May 2016 09:02:03 GMT HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 08:00:00 CST Accept-Ranges: bytes ETag: W/"250-1463128711512" Last-Modified: Fri, 13 May 2016 08:38:31 GMT Content-Type: text/html Content-Length: 250 Date: Fri, 13 May 2016 09:02:04 GMT