2

我正在尝试将用户访问级别放在我的 Java Web 应用程序中。但即使我输入了我在 tomcat-user.xml 文件中声明的正确用户名和密码,它也不起作用。它进入登录错误页面。基本身份验证方法也不接受正确的用户名和密码。

这个 tomcat-users.xml

<tomcat-users>
<!--
  NOTE:  By default, no user is included in the "manager-gui" role required
  to operate the "/manager/html" web application.  If you wish to use this app,
  you must define such a user - the username and password are arbitrary.
-->
<!--
  NOTE:  The sample user and role entries below are wrapped in a comment
  and thus are ignored when reading this file. Do not forget to remove
  <!.. ..> that surrounds them.
-->
<!--
  <role rolename="tomcat"/>
  <role rolename="role1"/>
  <user username="tomcat" password="tomcat" roles="tomcat"/>
  <user username="both" password="tomcat" roles="tomcat,role1"/>
  <user username="role1" password="tomcat" roles="role1"/>

-->
<role rolename=”Admin”/>
<role rolename=”Member”/>
<role rolename=”Doctor”/>
<role rolename=”Guest”/>
<user username=”sirojan” password=”sirojan” roles=”Admin” />
<user username=”ram” password=”ram123” roles=”Member” />
<user username=”vithu” password=”newbie” roles=”Guest” />
</tomcat-users>

这是 server.xml 文件的一部分

<Realm className="org.apache.catalina.realm.LockOutRealm">


    <Realm className="org.apache.catalina.realm.MemoryRealm" /> 

        <!-- This Realm uses the UserDatabase configured in the global JNDI
             resources under the key "UserDatabase".  Any edits
             that are performed against this UserDatabase are immediately
             available for use by the Realm.  -->
<!-- <Realm className="org.apache.catalina.realm.MemoryRealm" /> -->
        <!-- This Realm uses the UserDatabase configured in the global JNDI
             resources under the key "UserDatabase".  Any edits
             that are performed against this UserDatabase are immediately
             available for use by the Realm.  -->
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/><!--
-->      </Realm>

这是我的 web.xml 文件的一部分

<security-role> 
        <role-name>Admin</role-name> 
    </security-role>
    <security-role>
        <role-name>Member</role-name> 
    </security-role>
    <security-role>
        <role-name>Guest</role-name> 
    </security-role>
    <security-role>
        <role-name>Doctor</role-name> 
    </security-role>
    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/login2.jsp</form-login-page>
            <form-error-page>/loginerror.jsp</form-error-page>
        </form-login-config>
    </login-config>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>AdminTasks</web-resource-name>
            <url-pattern>/Department.jsp</url-pattern>

            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>Admin</role-name>
            <role-name>Member</role-name>
        </auth-constraint>

    </security-constraint>
    <error-page>
        <error-code>404</error-code>
        <location>/notFoundError.jsp</location>
    </error-page> 

</web-app>

我有什么不对吗???如果您需要进一步评论它。你能给出解决方案吗?

4

1 回答 1

0

首先检查现有角色是否适合您。

为此,您需要取消注释 tomcat-users.xml 中的角色

如果他们正在工作,并且您能够登录 tomcat 控制台,那么问题是您的语法,

如果它们不起作用,那么您需要查看错误页面文档并检查您的操作是否正确,因为这很容易,并且每次都对我有用。

于 2012-08-16T04:41:28.930 回答