Tomcat 配置访问权限
tomcat貌似有个比较好玩的东西,有时候我们的应用部署之后并不需要某些人访问。
我们可以在其访问的时候提示一个密码框之类的。如下图:
tomcat可以实现,可以通过如下配置做到。
web.xml
<security-role> <role-name>validate</role-name> </security-role> <security-constraint> <auth-constraint> <role-name>validate</role-name> </auth-constraint> <web-resource-collection> <url-pattern>/*</url-pattern> </web-resource-collection> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Security Area</realm-name> </login-config>
apache-tomcat-6.0.35\conf\server.xml:
<tomcat-users> <role rolename="validate"/> <user username="tomcat" password="tomcat" roles="validate"/> </tomcat-users>
server.xml
<Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" />
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>