tomcat 中BASIC and FORM-based Authorization 配置
Tomcat中自身具有认证功能,配置也比较简单,步骤如下:1、在所在web项目的web.xml文件添加如下配置代码:
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/jsp/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>gallop</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat Host Manager Application</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<role-name>gallop</role-name>
</security-role>
2、在tomcat的安装目录下的conf下,找到tomcat-users.xml文件,添加相关的用户名:
<role rolename="gallop"/>
<user username="gallop" password="123456" roles="gallop"/>
3、重新启动tomcat后,访问该项目jsp目录下的jsp页面时将弹出登入框,提示需要用户名、密码方可访问相关页面。
页:
[1]