关于< security-role>在web.xml中 [英] Confusing about <security-role> in web.xml
问题描述
我明白
< security-role>< role-name> Admin< / role-name>< / security-role>
是用于容器映射它与tomcat-users.xml(realm)
I'm understand that
<security-role><role-name>Admin</role-name></security-role>
is for container map it with tomcat-users.xml (realm)
但我困惑如果我没有使用realm但我使用数据库容器知道我的数据库中的哪个字段是用于角色名,或者它在数据库字段名称中具有命名约定,如role_name,并且容器将知道它
but I confuse about if I didn't use realm but I use database how container know which field in my database is for role-name or it have naming convention in database field name like "role_name" and container will know it
推荐答案
只需使用数据库领域并在< Realm& / code>元素。对于Tomcat,这在领域HOWTO 中有所描述。以下是相关性摘录,摘自 JDBCRealm一章:
Just use a database realm and configure the table and column names in a <Realm> element in server configuration file. For Tomcat, this is described in the Realm HOWTO. Here's an extract of relevance, from the JDBCRealm chapter:
快速入门
要设置Tomcat以使用JDBCRealm,请按照以下步骤操作:
Quick Start
To set up Tomcat to use JDBCRealm, you will need to follow these steps:
- 如果尚未这样做,请在
数据库中创建符合 - 配置Tomcat使用的数据库用户名和密码,
至少具有对上述
表的只读访问权限。 (Tomcat将
从不尝试写入这些
表) - 将您将使用的JDBC驱动程序的副本放在
$ CATALINA_HOME / lib目录。注意
只识别JAR文件! - 设置
< Realm>元素,如下所述
$ CATALINA_BASE / conf / server.xml文件。 - 如果Tomcat 6已经运行, li>
- If you have not yet done so, create tables and columns in your database that conform to the requirements described above.
- Configure a database username and password for use by Tomcat, that has at least read only access to the tables described above. (Tomcat will never attempt to write to these tables.)
- Place a copy of the JDBC driver you will be using inside the
$CATALINA_HOME/libdirectory. Note that only JAR files are recognized! - Set up a
<Realm>element, as described below, in your$CATALINA_BASE/conf/server.xmlfile. - Restart Tomcat 6 if it is already running.
Realm元素属性
要配置JDBCRealm,您将
create a < Realm> 元素并将
嵌套在您的 $ CATALINA_BASE / conf / server.xml
文件,如上所述。 JDBCRealm的
属性是在Realm配置
文档中定义的
。
Realm Element Attributes
To configure JDBCRealm, you will
create a <Realm> element and nest it
in your $CATALINA_BASE/conf/server.xml
file, as described above. The
attributes for the JDBCRealm are
defined in the Realm configuration
documentation.
创建
所需表格的示例SQL脚本可能看起来像
这样(修改您的特定
数据库所需的语法
):
An example SQL script to create the needed tables might look something like this (adapt the syntax as required for your particular database):
create table users (
user_name varchar(15) not null primary key,
user_pass varchar(15) not null
);
create table user_roles (
user_name varchar(15) not null,
role_name varchar(15) not null,
primary key(user_name, role_name)
);
包括示例 Realm 元素
(
$ CATALINA_BASE / conf / server.xml 文件中的b(注释掉)。
下面是一个使用一个名为authority的MySQL
数据库的示例,
配置了上面描述的
表,并用username
dbuser和password dbpass:
Example Realm elements are included
(commented out) in the default
$CATALINA_BASE/conf/server.xml file.
Here's an example for using a MySQL
database called "authority",
configured with the tables described
above, and accessed with username
"dbuser" and password "dbpass":
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/authority?user=dbuser&password=dbpass"
userTable="users" userNameCol="user_name" userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name"/>
很清楚,不是吗?如果您已经在Tomcat中配置了JDBC数据源(对于连接池和连接池),那么您还可以使用 DataSourceRealm 。
Pretty clear, isn't it? If you already have a JDBC datasource configured in Tomcat (for connection pooling and on), then you can also use DataSourceRealm instead.
tomcat-users.xml 你所说的就是所谓的 UserDatabaseRealm 。
The tomcat-users.xml which you're talking about is by the way called UserDatabaseRealm.
这篇关于关于< security-role>在web.xml中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
