我正在尝试使用和保护Tomcat中的管理页面web.xml,tomcat-users.xml但无法正常工作。出现登录表单,但无法连接
web.xml
tomcat-users.xml
这是web.xml我的web / WEB_INF文件夹中的:
<security-constraint> <web-resource-collection> <web-resource-name>Admin</web-resource-name> <url-pattern>/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Admin</realm-name> </login-config>
并tomcat-users.xml在server / tomcat / conf /文件夹中:
<tomcat-users> <role rolename="manager"/> <role rolename="tomcat"/> <role rolename="admin"/> <role rolename="role1"/> <user username="manager" password="manager" roles="manager"/> <user username="both" password="tomcat" roles="tomcat,role1"/> <user username="tomcat" password="tomcat" roles="tomcat"/> <user username="role1" password="tomcat" roles="role1"/> <user username="admin" password="admin" roles="admin"/> </tomcat-users>
任何的想法 ?
可能回答晚了,但是无论如何您都在web.xml中缺少角色,也不必提及领域,因此您的web.xml应该如下所示
<security-constraint> <web-resource-collection> <web-resource-name>Admin</web-resource-name> <url-pattern>/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <!-- Please note following line .. its commented --> <!-- <realm-name>Admin</realm-name> --> </login-config> <!-- Following section was missing --> <security-role> <role-name>admin</role-name> </security-role>
