如何配置tomcat-users.xml以保护tomcat中的页面? [英] How to configure tomcat-users.xml to secure a page in tomcat?
本文介绍了如何配置tomcat-users.xml以保护tomcat中的页面?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试使用web.xml和tomcat-users.xml保护tomcat中的管理页面,但无法正常工作.出现登录表单,但无法连接
I'm trying to secure my admin pages in tomcat with web.xml and tomcat-users.xml but it's not working. The login form appears but connection is impossible
这是我的web/WEB_INF文件夹中的web.xml:
Here is the web.xml in my web/WEB_INF folder :
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Admin</realm-name>
</login-config>
和tomcat-users.xml在server/tomcat/conf/文件夹中:
And tomcat-users.xml in the server/tomcat/conf/ folder :
<tomcat-users>
<role rolename="manager"/>
<role rolename="tomcat"/>
<role rolename="admin"/>
<role rolename="role1"/>
<user username="manager" password="manager" roles="manager"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="role1" password="tomcat" roles="role1"/>
<user username="admin" password="admin" roles="admin"/>
</tomcat-users>
有什么主意吗?
推荐答案
可能迟到了,但无论如何 您在web.xml中缺少角色,也不必提及领域 因此,您的web.xml应该如下所示
Probably late to answer but anyways You are missing role in in you web.xml and also dont have to mention realm hence you web.xml should look like as follows
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<!-- Please note following line .. its commented -->
<!-- <realm-name>Admin</realm-name> -->
</login-config>
<!-- Following section was missing -->
<security-role>
<role-name>admin</role-name>
</security-role>
这篇关于如何配置tomcat-users.xml以保护tomcat中的页面?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
