基于Tomcat的容器认证配置

07-08-13 banq

JiveJdon3需要容器认证,JiveJdon3安装说明是JBoss,今天搜索其他问题时发现是Tomcat的基于数据库Realm授权解决方案:

Eclisep 3 Tomcat 5.5 and Database Realm Authentication to work you need to:

1. Create your user table and role table in your prefered DB (MySQL in this case) with relevant username, password columns in the users table and username and rolename columns in your roles table

2. Create a context.xml file under META-INF in your Eclipse Web Project or similar (by the way use the context.xml for connection pool management too)

3. Copy the JDBC realm information from Tomcat server.xml (I'm using MySQL) into your context.xml file in Eclipse for example:

<Realm className="org.apache.catalina.realm.JDBCRealm"

driverName="com.mysql.jdbc.Driver"

connectionURL="jdbc:mysql://localhost:3306/secdb"

connectionName="apps" connectionPassword="guessme"

userTable="secuser" userNameCol="username" userCredCol="password"

userRoleTable="secrole" roleNameCol="role" />

这句关键

This is VITAL - I spent day's trawling the web trying to find this information

4. Update your web.xml file with the relevant security constraint, login-config and security role information for example:下面是标准写法

<security-constraint>

<web-resource-collection>

<web-resource-name>

QuoteTool

</web-resource-name>

<url-pattern>

/*.jsp

</url-pattern>

<http-method>GET</http-method>

<http-method>POST</http-method>

</web-resource-collection>

<auth-constraint>

<role-name>admin</role-name>

<role-name>manager</role-name>

</auth-constraint>

</security-constraint>

<login-config>

<auth-method>

FORM

</auth-method>

<realm-name>QuoteTool</realm-name>

<form-login-config>

<form-login-page>/QuoteLogin.jsp</form-login-page>

<form-error-page>/LoginErr.jsp</form-error-page>

</form-login-config>

</login-config>

<security-role>

<role-name>admin</role-name>

</security-role>

<security-role>

<role-name>manager</role-name>

</security-role>

完整说明:

http://www.onjava.com/pub/a/onjava/2002/06/12/form.html

[该贴被banq于2007年08月13日 17:00修改过]