• 为Tomcat页面设置访问权限(HTTP)


    web.xml:

     1 <?xml version="1.0" encoding="UTF-8"?>
     2 <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     3     xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
     4     xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
     5     id="WebApp_ID" version="2.5">
     6     <display-name>webAuthentification</display-name>
     7     <welcome-file-list>
     8         <welcome-file>index.html</welcome-file>
     9         <welcome-file>index.htm</welcome-file>
    10         <welcome-file>index.jsp</welcome-file>
    11         <welcome-file>default.html</welcome-file>
    12         <welcome-file>default.htm</welcome-file>
    13         <welcome-file>default.jsp</welcome-file>
    14     </welcome-file-list>
    15     <security-constraint>
    16         <web-resource-collection>
    17             <web-resource-name>admin</web-resource-name>
    18             <url-pattern>/views/admin/*</url-pattern>
    19         </web-resource-collection>
    20         <auth-constraint>
    21             <role-name>admin</role-name>
    22         </auth-constraint>
    23     </security-constraint>
    24     <security-constraint>
    25         <web-resource-collection>
    26             <web-resource-name>user</web-resource-name>
    27             <url-pattern>/views/user/*</url-pattern>
    28         </web-resource-collection>
    29         <auth-constraint>
    30             <role-name>user</role-name>
    31         </auth-constraint>
    32     </security-constraint>
    33 
    34     <login-config>
    35         <auth-method>FORM</auth-method>
    36         <realm-name>TOMCAT FORM认证</realm-name>
    37         <form-login-config>
    38             <form-login-page>/views/common/login.jsp</form-login-page>
    39             <form-error-page>/views/common/error.jsp</form-error-page>
    40         </form-login-config>
    41     </login-config>
    42 
    43     <security-role>
    44         <role-name>admin</role-name>
    45     </security-role>
    46     <security-role>
    47         <role-name>user</role-name>
    48     </security-role>
    49 </web-app>

    与BASIC认证不同的主要是<login-config/>这一块,修改为FORM认证,并指定响应的登陆页面和登陆失败后的页面。

    要注意登陆页面中用户名的name必须是j_username,密码的name必须是j_password,Form的action必须是j_security_check.

    例子:

     1 <?xml version="1.0" encoding="GB18030" ?>
     2 <%@ page language="java" contentType="text/html; charset=GB18030"
     3     pageEncoding="GB18030"%>
     4 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
     5 <html xmlns="http://www.w3.org/1999/xhtml"
     6     xmlns:f="http://java.sun.com/jsf/core"
     7     xmlns:h="http://java.sun.com/jsf/html">
     8 <head>
     9 <meta http-equiv="Content-Type" content="text/html; charset=GB18030" />
    10 <title>Login Page</title>
    11 </head>
    12 <body>
    13 <form method=post
    14     action='<%=response.encodeURL("j_security_check")%>'>
    15 <table border="0" cellspacing="5">
    16     <tr>
    17         <th align="right">Username:</th>
    18         <td align="left"><input type="text" name="j_username"/></td>
    19     </tr>
    20     <tr>
    21         <th align="right">Password:</th>
    22         <td align="left"><input type="password" name="j_password"/></td>
    23     </tr>
    24     <tr>
    25         <td align="right"><input type="submit" value="Log In"/></td>
    26         <td align="left"><input type="reset"/></td>
    27     </tr>
    28 </table>
    29 </form>
    30 </body>
    31 </html>

    这样就ok了,在访问一个<web-resource-collection/>指定的受保护的资源时,会先跳转到登陆页面登陆,登陆失败则调整到失败页面;登陆成功则访问登陆之前的页面。

    注意,如果是Eclipse集成的TOMCAT则认证总是失败,必须是启动安装的tomcat的bin/start.bat。

  • 相关阅读:
    图像相似度
    二维数组 问题 E: 计算鞍点
    Uva
    Uva
    Uva
    Uva
    Uva
    Uva
    Uva
    【转载】2015 Objective-C 三大新特性 | 干货
  • 原文地址:https://www.cnblogs.com/luckystar2010/p/3482574.html
Copyright © 2020-2023  润新知