使用 Tomcat 进行基于表单的身份验证 [英] Form Based Authentication with Tomcat

问题描述

我需要在 Struts 1.3.10 + Tomcat 中进行基于表单的身份验证

I need to do form based authentication in Struts 1.3.10 + Tomcat

根据我的理解，一旦提交登录凭据，容器将使用 tomcat-users.xml 交叉检查凭据，并基于此转发到成功页面或错误页面.

As per my understanding once login credentials are submitted, container would cross-check credentials with tomcat-users.xml and based on that forward to success page or error page.

login.jsp

<form action="j_security_check" method="post">
    <input type="text" name="j_username"/>
    <input type="password" name="j_password"/>
    <input type="submit"/>
</form>

web.xml

<login-config>
    <form-login-check>
        <form-login-page>/login.jsp</form-login-page>
        <form-error-page>/error.jsp</form-error-page>
    </form-login-check>
</login-config>

怀疑:

如果提供了有效凭据，服务器如何进入成功页面?因为在 login.jsp 动作中，我已将 j_security_check 指定为转发到成功页面的正常操作.

if valid credentials are provided how server goes to success page ? since in login.jsp acion I have given as j_security_check not as normal action which forward to success page.

推荐答案

认证是由服务器提供的，所以你不必关心服务器是怎么做的.请求的资源 URL 由服务器存储在某处，然后将您定向到登录页面，如果您登录成功，则返回请求的资源.

The authentication is provided by the the server, so you should not be concerned how the server is doing it. The requested resource URL is stored somewhere by the server, then directs you to the login page, if your login is successful the requested resource is returned.

当用户提交其用户名和密码时，服务器会确定用户名和密码是否为授权用户的用户名和密码，如果授权，则发送请求的 Web 资源.如果您对身份验证不熟悉，请参阅指定身份验证机制.

When a user submits their name and password, the server determines if the user name and password are those of an authorized user and, if authorized, sends the requested web resource. If the topic of authentication is new to you, please refer to the section Specifying an Authentication Mechanism.

这篇关于使用 Tomcat 进行基于表单的身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！