JAAS安全策略的Tomcat实现:为tomcat页面设置访问权限(j_security_check)
<web-app><!--servlet等其他配置--><security-constraint> <web-resource-collection> <display-name>Example Security Constraint</display-name> <web-resource-name>My Test</web-resource-name> <url-pattern>/ddly/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>role1</role-name> <role-name>tomcat</role-name></auth-constraint></security-constraint><login-config> <auth-method>BASIC</auth-method> <realm-name>My Test</realm-name></login-config></web-app>
?
<login-config> <auth-method>FORM</auth-method> <realm-name>Example Form-Based Authentication Area</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/error.jsp</form-error-page> </form-login-config></login-config>
?
<form method="POST" action='<%= response.encodeURL("j_security_check") %>' > <table border="0" cellspacing="5"> <tr> <th align="right">Username:</th> <td align="left"><input type="text" name="j_username"></td> </tr> <tr> <th align="right">Password:</th> <td align="left"><input type="password" name="j_password"></td> </tr> <tr> <td align="right"><input type="submit" value="Log In"></td> <td align="left"><input type="reset"></td> </tr> </table></form>
<?xml version='1.0' encoding='utf-8'?><Server port="8005" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <Listener className="org.apache.catalina.core.JasperListener" /> <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> <GlobalNamingResources><Resource auth="Container" driverClassName="oracle.jdbc.driver.OracleDriver" logAbandoned="true" maxActive="20" maxIdle="10"maxWait="10000" name="waiqin_res" username="waiqin"password="waiqin" removeAbandoned="true"removeAbandonedTimeout="60" type="javax.sql.DataSource" url="jdbc:oracle:thin:@ip:port:实例名" /> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> <Service name="Catalina"> <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> <Connector port="8443" protocol="HTTP/1.1" maxThreads="150" SSLEnabled="false'" enableLookups="false" disableUploadTimeout="true" clientAuth="false" /> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> <Engine name="Catalina" defaultHost="localhost"> <Realm className="org.apache.catalina.realm.DataSourceRealm" dataSourceName="自定义1" roleNameCol="role_name" userCredCol="password" userNameCol="account" userRoleTable="v_user_role" userTable="v_account_password"/> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Context docBase="webapp名" path="/webapp名" reloadable="true"> <ResourceLink global="自定义1" name="自定义1" type="javax.sql.DataSource"/> </Context> </Host> </Engine> </Service></Server>
?
