2012-08-16 99 views
2

我正試圖在My Java Web Application中放入用戶訪問級別,但即使輸入了正確的用戶名和密碼,我在tomcat-user.xml文件中聲明瞭它不起作用。它鳴聲登錄器頁面。基本身份驗證方法也不接受正確的用戶名和密碼。Java Web應用程序中的用戶訪問級別

此的tomcat-users.xml中

<tomcat-users> 
<!-- 
    NOTE: By default, no user is included in the "manager-gui" role required 
    to operate the "/manager/html" web application. If you wish to use this app, 
    you must define such a user - the username and password are arbitrary. 
--> 
<!-- 
    NOTE: The sample user and role entries below are wrapped in a comment 
    and thus are ignored when reading this file. Do not forget to remove 
    <!.. ..> that surrounds them. 
--> 
<!-- 
    <role rolename="tomcat"/> 
    <role rolename="role1"/> 
    <user username="tomcat" password="tomcat" roles="tomcat"/> 
    <user username="both" password="tomcat" roles="tomcat,role1"/> 
    <user username="role1" password="tomcat" roles="role1"/> 

--> 
<role rolename=」Admin」/> 
<role rolename=」Member」/> 
<role rolename=」Doctor」/> 
<role rolename=」Guest」/> 
<user username=」sirojan」 password=」sirojan」 roles=」Admin」 /> 
<user username=」ram」 password=」ram123」 roles=」Member」 /> 
<user username=」vithu」 password=」newbie」 roles=」Guest」 /> 
</tomcat-users> 

這是server.xml文件的一部分

<Realm className="org.apache.catalina.realm.LockOutRealm"> 


    <Realm className="org.apache.catalina.realm.MemoryRealm" /> 

     <!-- This Realm uses the UserDatabase configured in the global JNDI 
      resources under the key "UserDatabase". Any edits 
      that are performed against this UserDatabase are immediately 
      available for use by the Realm. --> 
<!-- <Realm className="org.apache.catalina.realm.MemoryRealm" /> --> 
     <!-- This Realm uses the UserDatabase configured in the global JNDI 
      resources under the key "UserDatabase". Any edits 
      that are performed against this UserDatabase are immediately 
      available for use by the Realm. --> 
     <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/><!-- 
-->  </Realm> 

這是我的web.xml文件的一部分

<security-role> 
     <role-name>Admin</role-name> 
    </security-role> 
    <security-role> 
     <role-name>Member</role-name> 
    </security-role> 
    <security-role> 
     <role-name>Guest</role-name> 
    </security-role> 
    <security-role> 
     <role-name>Doctor</role-name> 
    </security-role> 
    <login-config> 
     <auth-method>FORM</auth-method> 
     <form-login-config> 
      <form-login-page>/login2.jsp</form-login-page> 
      <form-error-page>/loginerror.jsp</form-error-page> 
     </form-login-config> 
    </login-config> 
    <security-constraint> 
     <web-resource-collection> 
      <web-resource-name>AdminTasks</web-resource-name> 
      <url-pattern>/Department.jsp</url-pattern> 

      <http-method>GET</http-method> 
      <http-method>POST</http-method> 
     </web-resource-collection> 
     <auth-constraint> 
      <role-name>Admin</role-name> 
      <role-name>Member</role-name> 
     </auth-constraint> 

    </security-constraint> 
    <error-page> 
     <error-code>404</error-code> 
     <location>/notFoundError.jsp</location> 
    </error-page> 

</web-app> 

我有什麼不對嗎?如果你需要進一步的評論它。你可以請給解決方案?

+1

刪除智能引號 - 「'。它*必須是<角色角色名=「管理員」/>' – adatapost 2012-08-16 04:30:07

+0

我根據你的建議改變,但仍然沒有工作... – 2012-08-16 04:52:23

回答

0

首先檢查現有角色是否適合您。

爲u需要取消註釋中的tomcat-users.xml中的角色

,如果他們的工作,和UR能在Tomcat的控制檯登錄,那麼問題是烏拉圭回合的語法,

,如果他們不工作然後你需要去與錯誤頁面文件,並檢查你做的是正確的或不是因爲這是一種簡單,每次都爲我工作。

+0

如何使用控制檯來檢查.... – 2012-08-16 04:56:26

+0

你可以使用Tomcat經理,如果你能夠使用現有角色登錄而不是工作 – 2012-08-30 11:19:43