3

我正在尝试使用 tomcat 保护我的管理页面,web.xmltomcat-users.xml它不起作用。出现登录表单但无法连接

这是web.xml我的 web/WEB_INF 文件夹中的:

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Admin</web-resource-name>
        <url-pattern>/admin/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Admin</realm-name>
</login-config>

tomcat-users.xmlserver/tomcat/conf/ 文件夹中:

<tomcat-users>
   <role rolename="manager"/>
   <role rolename="tomcat"/>
   <role rolename="admin"/>
   <role rolename="role1"/>
   <user username="manager" password="manager" roles="manager"/>
   <user username="both" password="tomcat" roles="tomcat,role1"/>
   <user username="tomcat" password="tomcat" roles="tomcat"/>
   <user username="role1" password="tomcat" roles="role1"/>
   <user username="admin" password="admin" roles="admin"/>
</tomcat-users>

任何的想法 ?

4

1 回答 1

11

可能回答迟了,但无论如何你在 web.xml 中缺少角色,也不必提及领域,因此你的 web.xml 应该如下所示

<security-constraint>
   <web-resource-collection>
      <web-resource-name>Admin</web-resource-name>
      <url-pattern>/admin/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>admin</role-name>
    </auth-constraint>
 </security-constraint>
 <login-config>
       <auth-method>BASIC</auth-method>
      <!-- Please note following line .. its commented -->
      <!-- <realm-name>Admin</realm-name> -->
 </login-config>
 <!-- Following section was missing -->
 <security-role>
     <role-name>admin</role-name>
</security-role>
于 2013-10-17T11:20:36.777 回答