📄 [转贴加修改]j2ee安全策略：为tomcat页面设置访问权限--rosonsandy.htm

📁 这是最详细的对Tomcat4以上版本的解析。
💻 HTM
字号:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- saved from url=(0055)http://rosonsandy.blogdriver.com/rosonsandy/987063.html -->
<HTML><HEAD><TITLE>[转贴加修改]J2EE安全策略：为tomcat页面设置访问权限--rosonsandy</TITLE>
<META http-equiv=Content-Type content="text/html; charset=GBK">
<META http-equiv=Pragma content=no-cache>
<META http-equiv=Cache-Control content=no-cache>
<META http-equiv=Expires content=0>
<META 
content="[转贴]论J2EE开发Web应用程序中的安全认证机制4[转贴加修改]J2EE安全策略：为tomcat页面设置访问权限seed 君は僿に似てい  博客 博客动力 blog blogdriver blogger 中国" 
name=description>
<META 
content="rosonsandy [转贴]论J2EE开发Web应用程序中的安全认证机制4[转贴加修改]J2EE安全策略：为tomcat页面设置访问权限seed 君は僿に似てい 博客 博客动力 blog blogdriver blogger 中国" 
name=keywords><LINK 
href="[转贴加修改]J2EE安全策略：为tomcat页面设置访问权限--rosonsandy.files/diary.css" type=text/css 
rel=stylesheet>
<SCRIPT language=JavaScript 
src="[转贴加修改]J2EE安全策略：为tomcat页面设置访问权限--rosonsandy.files/UBB.js"></SCRIPT>

<SCRIPT src="[转贴加修改]J2EE安全策略：为tomcat页面设置访问权限--rosonsandy.files/blog.js" 
type=text/javascript></SCRIPT>

<META content="MSHTML 6.00.2900.3199" name=GENERATOR></HEAD>
<BODY>
<DIV id=container>
<DIV id=header>
<H1 class=title><A 
href="http://rosonsandy.blogdriver.com/rosonsandy/index.html">rosonsandy</A></H1></DIV>
<DIV id=category><A title=上一篇 
href="http://rosonsandy.blogdriver.com/rosonsandy/987047.html">[转贴]论J2EE开发Web应用程序中的安全认证机制4</A>- 
-| <A href="http://rosonsandy.blogdriver.com/rosonsandy/index.html">回首页</A> | <A 
href="http://rosonsandy.blogdriver.com/rosonsandy/catalog_2005.html">2005年索引</A> 
| - -<A title=下一篇 
href="http://rosonsandy.blogdriver.com/rosonsandy/990178.html">seed 
君は僿に似てい</A></DIV>
<DIV class=entity>
<H2 class=diaryTitle>[转贴加修改]J2EE安全策略：为tomcat页面设置访问权限- -</H2>
<P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 

<P><FONT face=Arial>在<SPAN 
lang=EN-US>web</SPAN>应用中，对页面的访问控制通常通过程序来控制，流程为：</FONT><SPAN 
lang=EN-US><BR></SPAN><FONT face=Arial>登录<SPAN lang=EN-US> -&gt; </SPAN>设置<SPAN 
lang=EN-US>session -&gt; </SPAN>访问受限页面时检查<SPAN 
lang=EN-US>session</SPAN>是否存在，如果不存在，禁止访问<SPAN lang=EN-US> 
<P></SPAN></FONT>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left><SPAN 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt"><FONT 
face=Arial>对于较小型的<SPAN lang=EN-US>web</SPAN>应用，可以通过<SPAN 
lang=EN-US>tomcat</SPAN>内置的访问控制机制来实现权限控制。采用这种机制的好处是，程序中无需进行权限控制，完全通过对<SPAN 
lang=EN-US>tomcat</SPAN>的配置即可完成访问控制。<SPAN lang=EN-US> 
<P></SPAN></FONT></SPAN></P>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left><SPAN 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt"><FONT 
face=Arial>为了在<SPAN lang=EN-US>tomcat</SPAN>页面设置访问权限控制，在项目的<SPAN 
lang=EN-US>WEB-INFO/web.xml</SPAN>文件中，进行如下设置：</FONT></SPAN></P>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left><SPAN 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt"><FONT 
face=Arial>web.xml</FONT></SPAN><SPAN 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt"></SPAN></P>
<CENTER>
<TABLE cellSpacing=0 borderColorDark=#ffffff cellPadding=2 width=400 
align=center borderColorLight=#000000 border=1>
  <TBODY>
  <TR>
    <TD class=code style="FONT-SIZE: 9pt" bgColor=#e6e6e6><PRE><FONT face=Arial>&lt;?xml version="1.0" encoding="ISO-8859-1"?&gt;</FONT></PRE><PRE><FONT face=Arial>&lt;!DOCTYPE web-app<BR>&nbsp;&nbsp;&nbsp; PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"<BR>&nbsp;&nbsp;&nbsp; "</FONT><A href="http://java.sun.com/dtd/web-app_2_3.dtd"><FONT face=Arial>http://java.sun.com/dtd/web-app_2_3.dtd</FONT></A><FONT face=Arial>"&gt;</FONT></PRE><PRE><FONT face=Arial>&lt;web-app&gt;<BR>&lt;security-constraint&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;web-resource-collection&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;web-resource-name&gt;Protected Area&lt;/web-resource-name&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;url-pattern&gt;/*&lt;/url-pattern&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;http-method&gt;GET&lt;/http-method&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;http-method&gt;POST&lt;/http-method&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;/web-resource-collection&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;auth-constraint&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;role-name&gt;student&lt;/role-name&gt;<BR>&nbsp;&lt;role-name&gt;tomcat&lt;/role-name&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;/auth-constraint&gt;<BR>&lt;/security-constraint&gt;</FONT></PRE><PRE><FONT face=Arial>&lt;login-config&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;auth-method&gt;FORM&lt;/auth-method&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;realm-name&gt;Default&lt;/realm-name&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;form-login-config&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;form-login-page&gt;/logon.jsp&lt;/form-login-page&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;form-error-page&gt;/error.jsp&lt;/form-error-page&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;/form-login-config&gt;<BR>&lt;/login-config&gt;<BR>&lt;security-role&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;role-name&gt;student&lt;/role-name&gt;<BR>&lt;/security-role&gt;<BR>&lt;/web-app&gt;<CCID_CODE /></CCID_CODE /></FONT></PRE></TD></TR></TBODY></TABLE></CCID_NOBR 
/></CENTER>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left><SPAN 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt"><FONT 
face=Arial>其中，<SPAN lang=EN-US>&lt;url-pattern&gt;</SPAN>中指定受限的<SPAN 
lang=EN-US>url</SPAN>，可以使用通配符<SPAN 
lang=EN-US>*</SPAN>，通常对整个目录进行访问权限控制。</FONT><SPAN lang=EN-US><BR><FONT 
face=Arial>&lt;auth-constraint&gt;</FONT></SPAN><FONT 
face=Arial>中指定哪些角色可以访问<SPAN lang=EN-US>&lt;url-pattern&gt;</SPAN>指定的<SPAN 
lang=EN-US>url</SPAN>，在<SPAN 
lang=EN-US>&lt;role-name&gt;</SPAN>中可以设置一个或多个角色名。</FONT><SPAN 
lang=EN-US><BR></SPAN></SPAN></P>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left><SPAN 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt"><FONT 
face=Arial>使用的角色名来自<SPAN lang=EN-US>tomcat</SPAN>的配置文件<SPAN 
lang=EN-US>${CATALINA_HOME}/conf/tomcat-users.xml</SPAN>。<SPAN lang=EN-US> 
<P></SPAN></FONT></SPAN></P>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left><FONT face=Arial><SPAN lang=EN-US 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt">&lt;login-config&gt;</SPAN><SPAN 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt">中设置登录方式，<SPAN 
lang=EN-US>&lt;auth-method&gt;</SPAN>的取值为<SPAN lang=EN-US>BASIC</SPAN>或<SPAN 
lang=EN-US>FORM</SPAN>。如果为<SPAN 
lang=EN-US>BASIC</SPAN>，浏览器在需要登录时弹出一个登录窗口。如果为<SPAN 
lang=EN-US>FORM</SPAN>方式，需要指定登录页面和登录失败时的提示信息显示页面。</SPAN></FONT></P>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left><SPAN 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt"><FONT 
face=Arial>logon.jsp</FONT></SPAN><SPAN 
style="LINE-HEIGHT: 150%; FONT-FAMILY: 新宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-font-kerning: 0pt"></SPAN><BR><FONT 
face=Arial>error.jsp</FONT></P>
<CENTER><CCID_NOBR />
<TABLE cellSpacing=0 borderColorDark=#ffffff cellPadding=2 width=400 
align=center borderColorLight=#000000 border=1>
  <TBODY>
  <TR>
    <TD class=code style="FONT-SIZE: 9pt" bgColor=#e6e6e6><PRE><CCID_CODE /><FONT face=Arial>&lt;%@ page import="java.util.*" %&gt;<BR>&lt;center&gt;<BR>&lt;form action="j_security_check" method=post&gt;<BR>&lt;table&gt;<BR>&lt;tr&gt;<BR>&nbsp;&nbsp; &lt;td align="center" &gt;<BR>&nbsp;&nbsp; &lt;table border="0"&gt;<BR>&nbsp;&nbsp; &lt;tr&gt;<BR>&nbsp;&nbsp; &lt;td&gt;&lt;b&gt;USERNAME:&lt;/b&gt;&lt;/td&gt;<BR>&nbsp;&nbsp; &lt;td&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;input type="text" size="15" name="j_username"&gt; <BR>&nbsp;&nbsp; &lt;/td&gt;<BR>&nbsp;&nbsp; &lt;/tr&gt;<BR>&nbsp;&nbsp; &lt;tr&gt;<BR>&nbsp;&nbsp; &lt;td&gt;&lt;b&gt;Password:&lt;/b&gt;&lt;/td&gt;<BR>&nbsp;&nbsp; &lt;td&gt; <BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;input type="password" size="15" name="j_password"&gt;<BR>&nbsp;&nbsp; &lt;/td&gt;<BR>&nbsp;&nbsp; &lt;/tr&gt;<BR>&nbsp;&nbsp; &lt;tr&gt;<BR>&nbsp;&nbsp; &lt;td&gt;&lt;/td&gt;<BR>&nbsp;&nbsp; &lt;td align="right"&gt; <BR>&nbsp;&nbsp; &lt;input type="submit" value="Submit"&gt;<BR>&nbsp;&nbsp; &lt;/td&gt;<BR>&nbsp;&nbsp; &lt;/tr&gt;<BR>&nbsp;&nbsp; &lt;tr&gt;<BR>&nbsp;&nbsp; &lt;td&gt;&lt;br&gt;&lt;/td&gt;<BR>&nbsp;&nbsp; &lt;/tr&gt;<BR>&lt;/table&gt;<BR>&lt;/td&gt;<BR>&lt;/tr&gt;<BR>&lt;/table&gt;<BR>&lt;/form&gt;<BR>&lt;/center&gt;</FONT></PRE></TD></TR></TBODY></TABLE></CCID_NOBR 
/></CENTER>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left><BR></P>
<CENTER><CCID_NOBR />
<TABLE cellSpacing=0 borderColorDark=#ffffff cellPadding=2 width=400 
align=center borderColorLight=#000000 border=1>
  <TBODY>
  <TR>
    <TD class=code style="FONT-SIZE: 9pt" bgColor=#e6e6e6><PRE><CCID_CODE /><FONT face=Arial> &lt;%@ page import="java.util.*" %&gt;<BR>&lt;h2&gt;Login Error&lt;/h2&gt;</FONT></PRE></TD></TR></TBODY></TABLE></CCID_NOBR 
/></CENTER><FONT face=Arial>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left><BR>有了web.xml,logon.jsp和error.jsp这三个文件后，就可以看看有什么效果了。</P>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=left>可以在tomcat下新建一个application:</P>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=justify>security<BR>|<BR>-logon.jsp<BR>-error.jsp<BR>-WEB-INF<BR>&nbsp;&nbsp;&nbsp;&nbsp; 
|<BR>&nbsp;&nbsp;&nbsp;&nbsp; -web.xml</P>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=justify>在浏览器上输入地址：<A 
href="http://localhost:8080/security">http://localhost:8080/security</A></P>
<P class=MsoNormal 
style="MARGIN: 0cm 0cm 9pt; WORD-BREAK: break-all; LINE-HEIGHT: 150%; TEXT-ALIGN: left; mso-pagination: widow-orphan" 
align=justify>就可来到登陆界面。输入用户名：tomcat，密码：tomcat即可登陆啦。<BR></P></FONT>
<P></P>
<P class=diaryFoot>- 作者： <A 
onclick="window.open('http://publishblog.blogdriver.com/blog/postMessage.b?receiver=517836','发送短消息','width=520, height=455')" 
href="javascript:void(0);">rosonsandy</A> 2005年09月29日, 星期四 22:35 </P></DIV>
<DIV class=operation><A name=trackback>
<H3>Trackback</H3></A>
<P class=trackback>你可以使用这个链接引用该篇日志 
http://publishblog.blogdriver.com/blog/tb.b?diaryID=987063 </P></DIV>
<DIV class=operation><A name=comment>
<H3>回复</H3></A></DIV>
<DIV class=operation>
<TABLE class=comment cellSpacing=0 cellPadding=0 width=700 border=0>
  <FORM id=replyForm method=post><INPUT type=hidden value=356891 name=blogID> 
  <INPUT type=hidden value=987063 name=diaryID> <INPUT type=hidden 
  value=rosonsandy name=blogDomino>
  <SCRIPT>
if(getCookie('userID') == null){        
document.write('<tr><td width="70">发布人：</td>');
document.write('<td width="150"> <input name="remark.authorNameFUI" type="text" size="20" class="inputStyle" maxlength="20"></td>');
document.write('<td width="70">邮箱：</td>');
document.write('<td width="435"> <input name="remark.authorEmail" type="text" size="20" class="inputStyle" maxlength="40"></td>');
document.write('</tr><tr><td>主　页：</td>');
document.write('<td colspan="3"> <input name="remark.authorURL" type="text" class="inputStyle" value="HTTP://" size="63" maxlength="40"></td></tr>');
}else{
document.write('<input type="hidden" name="remark.authorNameFUI" value="Blogdriver">');
}
</SCRIPT>
   
  <TBODY>
  <TR align=left>
    <TD colSpan=4>评论内容：<BR><TEXTAREA class=textStyle id=remark name=remark.remarkFUI rows=8 cols=60>          </TEXTAREA> 
    </TD></TR>
  <TR align=left>
    <TD colSpan=4>　　　　　　 　　　　　　 <INPUT onclick=reply() type=button value=提交> 　 
<INPUT type=reset value=重置> </TD></TR></FORM></TBODY></TABLE></DIV></DIV>
<SCRIPT src="" type=text/javascript></SCRIPT>

<DIV id=footer><A href="http://www.blogdriver.com/jsp/reg/register.jsp"><IMG 
class=logo src="[转贴加修改]J2EE安全策略：为tomcat页面设置访问权限--rosonsandy.files/logo3.gif" 
border=0></A><A href="http://www.blogdriver.com/">2003-2004 BLOGDRIVER.COM All 
rights reserved</A></DIV></BODY></HTML>
💿 文件大小 597 K
👤 上传用户 kyzgq
📂 所属分类 Java书籍
🏷️ 相关标签

#Tomcat4 #版本
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -