我试图在我的 Java Web 应用程序中设置用户访问级别。但即使我输入了我在 tomcat-user.xml 文件中声明的正确用户名和密码,它也不起作用。它转到登录错误页面。基本身份验证方法也不接受正确的用户名和密码。
这个 tomcat-users.xml
<tomcat-users>
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
you must define such a user - the username and password are arbitrary.
-->
<!--
NOTE: The sample user and role entries below are wrapped in a comment
and thus are ignored when reading this file. Do not forget to remove
<!.. ..> that surrounds them.
-->
<!--
<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="role1" password="tomcat" roles="role1"/>
-->
<role rolename=”Admin”/>
<role rolename=”Member”/>
<role rolename=”Doctor”/>
<role rolename=”Guest”/>
<user username=”sirojan” password=”sirojan” roles=”Admin” />
<user username=”ram” password=”ram123” roles=”Member” />
<user username=”vithu” password=”newbie” roles=”Guest” />
</tomcat-users>
这是server.xml文件的一部分
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.MemoryRealm" />
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<!-- <Realm className="org.apache.catalina.realm.MemoryRealm" /> -->
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/><!--
--> </Realm>
这是我的 web.xml 文件的一部分
<security-role>
<role-name>Admin</role-name>
</security-role>
<security-role>
<role-name>Member</role-name>
</security-role>
<security-role>
<role-name>Guest</role-name>
</security-role>
<security-role>
<role-name>Doctor</role-name>
</security-role>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login2.jsp</form-login-page>
<form-error-page>/loginerror.jsp</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>AdminTasks</web-resource-name>
<url-pattern>/Department.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
<role-name>Member</role-name>
</auth-constraint>
</security-constraint>
<error-page>
<error-code>404</error-code>
<location>/notFoundError.jsp</location>
</error-page>
</web-app>
我做错了什么吗??。如果您需要进一步评论它。你能给出解决方案吗??
最佳答案
首先检查现有角色是否适合您。
为此你需要取消注释 tomcat-users.xml 中的角色
如果它们正常工作,并且您能够登录 tomcat 控制台,那么问题出在您的语法上,
如果它们不起作用,那么您需要查看错误页面文档并检查您所做的是否正确,因为这对我来说很简单并且每次都有效。
关于java - Java Web 应用程序中的用户访问级别,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/11980565/