tomcat-users.xml中角色标签的用途？ [英] Purpose of roles tags in tomcat-users.xml?

问题描述

在Tomcat 7 tomcat-users.xml 文件中，< role /> 标签有什么作用？

In the Tomcat 7 tomcat-users.xml file, what purpose is served by the <role /> tags?

对于Tomcat 7的XAMPP实例，我已经弄清楚了如何配置 tomcat-users.xml 文件以允许我同时访问两个 Tomcat Web应用程序管理器和 Tomcat虚拟主机管理器。更具体地，以下使得能够进行前述访问：

For an XAMPP instance of Tomcat 7, I've figured out how to configure my tomcat-users.xml file to permit me to access both Tomcat Web Application Manager and Tomcat Virtual Host Manager. More specifically, the following enables the aforementioned access:

<tomcat-users>
  <user username="uname" password="pword" roles="manager-gui,admin-gui"/>
</tomcat-users>

请注意，在此成功的XML代码段中，没有任何< role /> 标签。这就是我的问题的症结所在：我一生无法弄清楚 role 标签的作用是什么。

Note that what's NOT in this successful snippet of XML are any <role /> tags. That's the crux of my question: I can't for the life of me figure out what purpose role tags are meant to serve.

在为了学习如何配置访问权限，我阅读了许多文档和论坛帖子，但它们似乎都是圈出的：可以定义 roles ，然后定义 roles 似乎并没有真正定义任何有用的东西（？）

In pursuit of learning how to configure access, I've read plenty of documentation and forum postings, but they all seem to go in a circle: One can define roles, but then roles don't really seem to themselves define anything useful(?)

例如，这是 tomcat-users.xml中使用的重复说明

For example, here's the recurring illustration used in both the tomcat-users.xml file and in numerous forum posts "explaining" the use of roles.

<tomcat-users>
  <role rolename="tomcat"/>
  <user username="uname" password="pword" roles="tomcat"/>
</tomcat-users>

好的，因此在此说明中， role 元素定义了 rolename 属性等于 tomcat ，则 user 元素包含一个 roles 属性，该属性将用户角色定义为雄猫。有什么意义？

Okay, so in this "explanation" a role element defines a rolename attribute equal to tomcat, then the user element contains a roles attribute that defines the user's role as tomcat. What's the point?

提出另一种方式，因为在 role 元素中， rolename 属性定义了 tomcat ， roles = tomcat 到底是做什么的？特别是与我的 用户定义相比，其中 manager-gui 和 admin-gui 定义了启用 Tomcat Web Application Manager 的角色strong>和 Tomcat Virtual Host Manager 访问。

Asked another way, given that in role element the rolename attrbute defines tomcat, roles=tomcat does what, exactly? Especially compared to my working user definition of where manager-gui and admin-gui define roles that enable Tomcat Web Application Manager AND Tomcat Virtual Host Manager access.

干杯谢谢，

赖利

SFO

Cheers & thanks,
Riley
SFO

推荐答案

根据我的理解（可以）定义角色：

From what I understand you (can) define roles:

• ，因为它为您提供了更大的灵活性，例如添加了一个说明。 GUI可以使用此信息。

• because it gives you more flexibility, for example add a description an for instance. A GUI can use this information.

<role rolename="customer" description="Customer of Java WebService"/>

您可以稍后在特定的servlet中重新映射或分组角色

you can remap or group the roles later in a specific servlet

<security-role-ref>
    <role-name>cust</role-name>
    <role-link>bankCustomer</role-link>
</security-role-ref> 

请记住，我不是Tomcat专家，所以我希望真正的专家可以完善这个答案。

Please keep in mind that I am not a Tomcat expert so I hope that a true expert can refine this answer.

这篇关于tomcat-users.xml中角色标签的用途？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！