0

Tomcat 7.0 + JSF 2

使用正确的凭据登录后,我立即收到 403 错误(错误的凭据按预期定向到 login.xhtml)。我在 apache 中创建了新用户,重新启动了 web 服务,但仍然无法连接。

tomcat-users.xml

<tomcat-users>
    <user name="lala" password="lala!!!" roles="admin-gui,manager-gui" />
    <role rolename="administrator"/>
    <user username="admin" password="admin" roles="administrator"/>
</tomcat-users>

为什么我只能用 lala 而不是 admin 登录(我已经手动添加了)。任何 idia 为什么?

和 server.xml 中的一个领域(tomcat conf)

under <host>:
<Realm className="com.bannerplay.beans.Admin">

在项目的欢迎文件(login.xhtml)中,我使用了 j_security_check(基于表单的身份验证)

            <form method="post" action="j_security_check">
            <p>
                Enter user ID and password:<br/> <br/>
                User ID <input type="text" name="j_username"/> 
                Password  <input type="password" name="j_password"/> <br/><br/> 
                <input type="submit" value="Login"/>
            </p>

        </form>

并像这样定义 web.xml:

  ...
<security-constraint>
    <display-name>Admin</display-name>
    <web-resource-collection>
        <web-resource-name>BannerPlay administration Tool</web-resource-name>
        <description/>
        <url-pattern>/admin/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <description/>
        <role-name>administrator</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>com.bannerplay.beans.Admin</realm-name>
    <form-login-config>
        <form-login-page>/faces/login.xhtml</form-login-page>
        <form-error-page>/faces/login.xhtml</form-error-page>
    </form-login-config>
</login-config>
<security-role>
    <description/>
    <role-name>administrator</role-name>
</security-role>

项目树: this is the project tree

when trying to access localhost:8080/myProject/ i get to login.xhtml , when typing correct credentials( the 'lala' user works, not the admin ) i get 403. when trying to access localhost:8080/myProject/main.xhtml i'm re-directed to login page again.(after correct credentials)

I've tried to add "administrator" role to user lala, but has the same results.

what should i do? thanks

4

1 回答 1

0

The solution is NOT to change the tomcat-users.xml file from the hard drive. It must be changed from eclipse. after changing it from HD I noticed it keeps coming back to old version of the file,instead of keeping my changes. this happens after running the project. Change it from eclipse and problem solved.

于 2012-10-25T07:22:38.223 回答