1

我正在尝试在基于 Java EE 的应用程序中实现基于基本表单的身份验证。当我尝试访问受保护的资源时,我能够将页面重定向到登录页面,但即使我输入了正确的 [tomcat-users.xml 中可用的条目] 用户名和密码,错误页面也会被加载。请在下面找到代码片段。

Web.xml

  <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
            <form-login-page>/login.jsp</form-login-page>
    <form-error-page>/loginError.jsp</form-error-page>
</form-login-config>


<session-config>
  <session-timeout>5</session-timeout>
  </session-config>

 <security-role>
    <role-name>user</role-name>
 </security-role>

<security-constraint>
  <web-resource-collection>
   <web-resource-name>J2EEApp</web-resource-name>
   <description> accessible by authorised users </description>
  <url-pattern>/user/*</url-pattern>
  <http-method>PUT</http-method>
   <http-method>DELETE</http-method>
   <http-method>GET</http-method>
   <http-method>POST</http-method>
  </web-resource-collection>
  <auth-constraint>
    <description>These are the roles who have access</description>
    <role-name>user</role-name>
  </auth-constraint>
</security-constraint>

<security-constraint>
  <web-resource-collection>
   <web-resource-name>GuestPages</web-resource-name>
   <description> accessible by un-authorised users </description>
   <url-pattern>/guest/*</url-pattern>
  </web-resource-collection>
</security-constraint>

</web-app>

登录.jsp

 <div id="container">
 <jsp:include page="header.jsp"></jsp:include>
 <div id="body">
<form method="post" id="post" action="j_security_check" name="input">
<label id ="label">Username<sup>*</sup> </label>
<input id ="input" type="text" name="j_username" value=""><br><br>
<label id="label">Password<sup>*</sup> </label>
<input id="input" type="password" name="j_password" value=""><br><br>
<input id="input" type="submit" name="submit" value="login">
<a id="link" href="${pageContext.request.contextPath}/guest/menu">Guest</a>
</form>
</div>

服务器.xml

 <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
           resourceName="UserDatabase">
  </Realm>

tomcat-users.xml

<role rolename="user"/>
  <user username="shubham" password="shubham" roles="user"/>
  <user username="user1" password="user1" roles="user"/>

现在,当我转到 localhost:8080/user/menu 时,它会按预期显示 login.jsp,但是当我使用正确的用户名密码时,它会转到 loginError.jsp。

请帮助定位问题。

4

0 回答 0