为什么我这样的部署不能实现想要的权限控制^_^

togetherj 04-01-17



<security-constraint>
<display-name>director</display-name>
<web-resource-collection>
<web-resource-name>director</web-resource-name>
<description>局长</description>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>director</role-name>
</auth-constraint>
<user-data-constraint>
<description>局长</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>login</display-name>
<web-resource-collection>
<web-resource-name>login</web-resource-name>
<description>登陆页面,要求运行在SSL上</description>
<url-pattern>/login.jsp</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<description>登陆页面运行与SSL之上</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>cwgsjl</display-name>
<web-resource-collection>
<web-resource-name>cwgsjl</web-resource-name>
<description>这里定义抄维公司经理有权限访问的页面</description>
<url-pattern>/yygl/fahq.jsp</url-pattern>
<url-pattern>/yygl/fahqlb.jsp</url-pattern>
<url-pattern>/fahqlb.do</url-pattern>
<url-pattern>/fahq.do</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>cwgsjl</role-name>
</auth-constraint>
<user-data-constraint>
<description>抄维公司经理</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>common</display-name>
<web-resource-collection>
<web-resource-name>common</web-resource-name>
<description>所有角色都能够访问的页面</description>
<url-pattern>/index.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<description>所有角色都能够访问的页面</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>bzzr</display-name>
<web-resource-collection>
<web-resource-name>bzzr</web-resource-name>
<url-pattern>/yygl/fahq.jsp</url-pattern>
<url-pattern>/yygl/fahqlb.jsp</url-pattern>
<url-pattern>/fahq.do</url-pattern>
<url-pattern>/fahqlb.do</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>bzzr</role-name>
</auth-constraint>
<user-data-constraint>
<description>报装主任可以访问的资源</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>fz</display-name>
<web-resource-collection>
<web-resource-name>Collection1</web-resource-name>
<url-pattern>/yygl/fahq.jsp</url-pattern>
<url-pattern>/yygl/fahqlb.jsp</url-pattern>
<url-pattern>/fahq.do</url-pattern>
<url-pattern>/fahqlb.do</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>fz</role-name>
</auth-constraint>
<user-data-constraint>
<description>副总</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>jzzl</display-name>
<web-resource-collection>
<web-resource-name>Collection1</web-resource-name>
<url-pattern>/yygl/fahq.jsp</url-pattern>
<url-pattern>/yygl/fahqlb.jsp</url-pattern>
<url-pattern>/fahqlb.do</url-pattern>
<url-pattern>/fahq.do</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>jzzl</role-name>
</auth-constraint>
<user-data-constraint>
<description>局长助理</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>zg</display-name>
<web-resource-collection>
<web-resource-name>Collection1</web-resource-name>
<url-pattern>/yygl/fahqlb.jsp</url-pattern>
<url-pattern>/yygl/fahq.jsp</url-pattern>
<url-pattern>/fahq.do</url-pattern>
<url-pattern>/fahqlb.do</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>zg</role-name>
</auth-constraint>
<user-data-constraint>
<description>总工</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>scfjz</display-name>
<web-resource-collection>
<web-resource-name>Collection1</web-resource-name>
<description>生产副局长</description>
<url-pattern>/yygl/fahqlb.jsp</url-pattern>
<url-pattern>/yygl/fahq.jsp</url-pattern>
<url-pattern>/fahqlb.do</url-pattern>
<url-pattern>/fahq.do</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>scfjz</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>报装主任</description>
<role-name>bzzr</role-name>
</security-role>
<security-role>
<description>抄维公司经理</description>
<role-name>cwgsjl</role-name>
</security-role>
<security-role>
<description>供电局局长</description>
<role-name>director</role-name>
</security-role>
<security-role>
<description>副总</description>
<role-name>fz</role-name>
</security-role>
<security-role>
<description>局长助理</description>
<role-name>jzzl</role-name>
</security-role>
<security-role>
<description>生产副局长</description>
<role-name>scfjz</role-name>
</security-role>
<security-role>
<description>总工</description>
<role-name>zg</role-name>
</security-role>

togetherj
2004-01-17 16:39

怎么贴出来是这个样子呀?