在 Tomcat 中設(shè)置 HTTP 基本認(rèn)證的示例
-
在 $TOMCAT_HOME\conf\tomcat-users.xml 文件中配置角色和用戶:
< tomcat-users > < role rolename ="all" /> < role rolename ="admin" /> < user username ="all" password ="all" roles ="all" /> < user username ="admin" password ="admin" roles ="admin,all" /> </ tomcat-users > - 新建一個(gè) Java Web 工程,編輯 web.xml 文件。
-
配置 <security-constraint/> 元素,指定角色可訪問(wèn)的資源集和可使用的 HTTP 方法。
< security-constraint > < web-resource-collection > < web-resource-name > Public resources </ web-resource-name > < url-pattern > /home/* </ url-pattern > < http-method > HEAD </ http-method > < http-method > GET </ http-method > </ web-resource-collection > < auth-constraint > < role-name > all </ role-name > </ auth-constraint > </ security-constraint > < security-constraint > < web-resource-collection > < web-resource-name > Secret resources </ web-resource-name > < url-pattern > /blog/* </ url-pattern > < url-pattern > /photo/* </ url-pattern > < http-method > HEAD </ http-method > < http-method > GET </ http-method > < http-method > POST </ http-method > < http-method > PUT </ http-method > </ web-resource-collection > < auth-constraint > < role-name > admin </ role-name > </ auth-constraint > </ security-constraint > -
配置 <login-config/> 元素,指定認(rèn)證方式為基本認(rèn)證,并指定安全域。
< login-config > < auth-method > BASIC </ auth-method > < realm-name > hueyhome </ realm-name > </ login-config >
測(cè)試:
a) 無(wú)認(rèn)證信息請(qǐng)求
C:\Users\huey>
curl -I http://localhost:8080/helloweb/home/index.html
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 08:00:00 CST
WWW-Authenticate: Basic realm="hueyhome"
Content-Type: text/html;charset=utf-8
Content-Length: 951
Date: Mon, 18 May 2015 14:10:55 GMT
b) 錯(cuò)誤認(rèn)證信息請(qǐng)求
C:\Users\huey>
curl -I -u "all:none" http://localhost:8080/helloweb/home/index.html
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 08:00:00 CST
WWW-Authenticate: Basic realm="hueyhome"
Content-Type: text/html;charset=utf-8
Content-Length: 951
Date: Mon, 18 May 2015 14:19:01 GMT
c) 正確認(rèn)證信息但該用戶無(wú)指定資源的訪問(wèn)權(quán)限
C:\Users\huey>
curl -I -u "all:all" http://localhost:8080/helloweb/blog/index.html
HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 08:00:00 CST
Content-Type: text/html;charset=utf-8
Content-Length: 1057
Date: Mon, 18 May 2015 14:11:57 GMT
d)?正確認(rèn)證信息且該用戶無(wú)指定資源的訪問(wèn)權(quán)限
C:\Users\huey>
curl -I -u "all:all" http://localhost:8080/helloweb/home/index.html
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 08:00:00 CST
Accept-Ranges: bytes
ETag: W/"317-1431758220112"
Last-Modified: Sat, 16 May 2015 06:37:00 GMT
Content-Type: text/html
Content-Length: 317
Date: Mon, 18 May 2015 14:11:04 GMT
?
更多文章、技術(shù)交流、商務(wù)合作、聯(lián)系博主
微信掃碼或搜索:z360901061
微信掃一掃加我為好友
QQ號(hào)聯(lián)系: 360901061
您的支持是博主寫(xiě)作最大的動(dòng)力,如果您喜歡我的文章,感覺(jué)我的文章對(duì)您有幫助,請(qǐng)用微信掃描下面二維碼支持博主2元、5元、10元、20元等您想捐的金額吧,狠狠點(diǎn)擊下面給點(diǎn)支持吧,站長(zhǎng)非常感激您!手機(jī)微信長(zhǎng)按不能支付解決辦法:請(qǐng)將微信支付二維碼保存到相冊(cè),切換到微信,然后點(diǎn)擊微信右上角掃一掃功能,選擇支付二維碼完成支付。
【本文對(duì)您有幫助就好】元
