tomcat7:server.xml
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<!--<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>-->
<Realm
className="org.apache.catalina.realm.JDBCRealm"
debug="99"
driverName="oracle.jdbc.driver.OracleDriver"
connectionURL="jdbc:oracle:thin:@localhost:1521:orcl"
connectionName="usertemp"
connectionPassword="usertemp"
userTable="users"
userNameCol="username"
userCredCol="password"
userRoleTable="user_roles"
roleNameCol="rolename" />
</Realm>
tomcat-users.xml:
<tomcat-users>
<role rolename="manager"/>
<user username="user1" password="password" roles="manager"/>
</tomcat-users>
网页.xml:
<web-app>
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/protected/*</url-pattern>
<url-pattern>/1/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
<user-data-constraint><transport-guarantee>NONE</transport-guarantee></user-data-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description> An administrator </description>
<role-name>manager</role-name>
</security-role>
</web-app>
1)当我在ie中输入url [ http://localhost:8080/security-form-based/protected/index.jsp
]时,2)返回登录,然后转至login.jsp,输入用户名和密码,3)但返回错误页面,我无法访问index.jsp:
HTTP 状态 403 - 访问请求的资源已被拒绝
所以,我不知道为什么?谁能帮我 ?谢谢。