web实现basic与FORM验证
在web应用中,要经常对用户的身份进行验证的,但其实TOMCAT下配合SERVLET的话,也可以实现一些简单的验证,以往
可能大家都会忽略之,现再简单总结学习之。
1、BASIC验证机制
这有点象WINDOWS集成验证机制,就是验证时弹出一个窗口,要你输入用户名和密码。做法如下
首先建立在webapps下建立目录member,下面放一个需要假设要权限才能查看的页面test.html,
然后在tomcat的\conf目录下找到tomcat-users.xml文件,在其中增加
<user username="test" password="test" roles="member"/>
这里我们定义了角色member
然后再在web.xml里,如下定义
<web-app>
<security-constraint>
<web-resource-collection>
<web-resource-name>
Member Area
</web-resource-name>
<description>
Only registered members can access this area.
</description>
<url-pattern>/member/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>member</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>member</role-name>
</security-role>
</web-app>
这里用<login-config>
<auth-method>BASIC</auth-method>
</login-config>
指出采用basic验证方式,并指出了对于访问/member/*下的文件时,都需要获得 member角色的授权。
2、form表单验证
这里首先搞一个要输入用户名和密码的页面a.html,再搞一个当出错时显示的页面error.html,注意用户名和密码的文本框的设计中,
要规定name='j_username' name='j_password',,并要设定<form action='j_security_check' method='POST'>
然后在tomcat-users.html中设定用户帐号member(同上),web.xml设定如下
<web-app>
<security-constraint>
<web-resource-collection>
<web-resource-name>
Member Area
</web-resource-name>
<description>
Only registered members can access this area.
</description>
<url-pattern>/member/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>member</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login/a.html
</form-login-page>
<form-error-page>/login/error.html
</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>member</role-name>
</security-role>
</web-app>
最后设定web.xml
分享到:
相关推荐
在web.xml文件中配置下面一段内容 <security-constraint> <web-resource-collection> <url-pattern>/*</url-pattern> <http-method>PUT</http-method> ... <auth-method>BASIC</auth-method> </login-config>
<auth-method>BASIC</auth-method> </login-config> </web-app> 然后在src目录下新建一个struts.xml文件,内容如下: <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//...
- req <url> <method> <params> <data> <auth> - toJSON - to_xml <content> <kwargs> - use <cookies> - xml <url> <method> <params> <data> - group - group add_comment <topic_id> <content> <reply_id...
<attr name="auth_play" format="boolean" /> <!--播放次放,默认永远播放--> <attr name="play_count" format="integer" /> <!--播放完成后是否停留在最后一帧,默认false--> <attr name="end_last_frame" ...
<resource-ref><br> <description>DB Connection</description><br> <res-ref-name>jdbc/mysql</res-ref-name><br> <res-type>javax.sql.DataSource</res-type><br> <res-auth>Container</res-auth><br> </resource-...
<Resource name="jdbc/mldn" auth="Container" type="javax.sql.DataSource"/> <ResourceParams name="jdbc/mldn"> <parameter> <name>factory</name> <value>org.apache.commons.dbcp....
<script type="text/javascript" src="/class14a/admin/fckeditor/fckeditor.js"></script> <script type="text/javascript"> window.onload = function() { var oFCKeditor = new FCKeditor( 'content' ) ; ...
DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <servlet> <servlet-name>mailsenderservlet</servlet-name><!--邮件...
<res-auth>Container</res-auth> //引用创建者 </resource-ref> sql方言: RDBMS 方言 DB2 org.hibernate.dialect.DB2Dialect DB2 AS/400 org.hibernate.dialect.DB2400Dialect DB2 OS390 org....
<res-auth>Container</res-auth> </resource-ref> 4.对应java代码中获得连接方法:(代码摘要) private Connection dbcon; Context ic = new InitialContext(); DataSource source = (DataSource) ic.lookup...
<add key="ChinaASPXMailer" value="True" /> <!-- 如果你使用我们定制的邮件发送组件,请设为 True --> <add key="UserName" value="test@yourhost.com" /> <!--ChinaASPXMailer s UserName ,For Auth mail ...
2.启动redis服务端,修改ssm-rs\resources\spring-config目录下spring-shiro.xml中redis的连接信息,没设置密码的话auth留空<br/> 2.创建数据库train_db并执行根目录下的train_db.sql数据库脚本<br/> 3.进入到ssm-...
<groupId>com.google.auth</groupId> <artifactId>google-auth-library-parent</artifactId> <version>0.6.0</version> <relativePath>../pom.xml</relativePath>
该存储库包含 -basic-auth的Dockerfile ,用于将的 发布到公共。 基础Docker映像 安装 安装 。 从公共下载 : docker pull igortimoshenko/docker-nginx-basic-auth (或者,您可以从Dockerfile构建映像:docker ...
<tr><td>使用合作网站账号登录</td><td><a href="#" onclick='toQzoneLogin()'><img src="/login/qqlogin/qq_login.png"></a> <a href="#" onclick='toSinaWeiboLogin()'><img src="/login/sinaweibo/sinaweibo_...
echo auth 0.0.0.0/0 - - >> /etc/opt/ss5/ss5.conf echo permit - 0.0.0.0/0 - 0.0.0.0/0 - - - - - >> /etc/opt/ss5/ss5.conf echo SS5_OPTS=" -u root -b 0.0.0.0:6098" >> /etc/sysconfig/ss5 chmod 755 /etc/rc...
< parent> < groupId>org.apache.geronimo</ groupId> < artifactId>geronimo-microprofile-jwt-auth-spec</ artifactId> < version>${jwtauth.version}</ version></ parent>执行< parent> < groupId>org.apache....
Hiveserver2 Beeline连接设置用户名和密码,通用jar...放到hive lib路径下即可。... <property> <name>hive.jdbc_passwd.auth.root</name><!--用户名为最后一个:用户--> <value>admin</value><!--密码--> </property>
Guestful :: 模块 :: JAX-RS Cookie 身份验证在你的 POM 中添加: <repositories> <repository>...<artifactId>guestful.module.jaxrs-filter-cookie-auth</artifactId> <version>?</version></dependency>结帐最新版本
Auth0 Spring Security for API ... < artifactId>auth0-spring-security-api</ artifactId> < version>1.4.1</ version> </ dependency> 或Gradle: implementation ' com.auth0:auth0-spring-securi