1

有谁知道tomcat是否能够密码保护文件(如apache .htaccess)?我的意思是当用户从 tomcat webapp 请求文件时,它会提示输入用户名和密码的对话框,并使用配置进行此操作。

或保护文件取决于其 IP 地址。

希望可以有人帮帮我 ?

雷格士

4

1 回答 1

4

您可以在 tomcat 中设置基本身份验证。

将您的用户添加到 tomcat-users.xml。就像是 :

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="tomcat"/>
  <user username="tomcat" password="tomcat" roles="tomcat"/>
  <user username="myname" password="mypassword" roles="tomcat"/>
  <user username="test" password="test"/>
</tomcat-users>

并将配置添加到您的应用程序 web.xml。像:

<!-- Define a Security Constraint on this Application -->
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Entire Application</web-resource-name>
      <url-pattern>/references/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>your-role</role-name>
    </auth-constraint>
  </security-constraint>

  <!-- Define the Login Configuration for this Application -->
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Application</realm-name>
  </login-config>

  <!-- Security roles referenced by this web application -->
  <security-role>
    <description>
      The role that is required to log in to the Manager Application
    </description>
    <role-name>your-role</role-name>
  </security-role>

了解更多的链接:

http://www.avajava.com/tutorials/lessons/how-do-i-use-basic-authentication-with-tomcat.html

于 2010-07-28T16:37:37.167 回答