请问在web.xml设置的role-name怎么和数据库里面的值对应?

我现在看Service-to-Worker模式,看到里面有role-name在web.xml里面,我想弄个字段表示相应id的人所在的role属性,但是怎么和web.xml的配置对照起来?
另外petstore里面的j_security_check是怎么处理的?

我给你写了一个,你看看吧,在resin下正常使用。如果其它的服务器不好用可以做相应的更改

<web-app>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>

<!--直接把用户和角色配置在xml里
<authenticator>
<class-name>com.caucho.http.security.XmlAuthenticator</class-name>
<init-param user='Harry Potter:quidditch:user,gryffindor'/>
<init-param user='Draco Malfoy:pureblood:user,slytherin'/>
<init-param user='Fish:pwd:admin_user'/>
</authenticator>
-->
<!-- 从数据库里取用户和角色 -->
<authenticator id='com.caucho.http.security.JdbcAuthenticator'>
<pool-name>cncworkdb</pool-name>
<password-query>
SELECT password FROM userInfo WHERE userName=?
</password-query>
<cookie-auth-query>
SELECT cookie FROM userInfo WHERE userName=?
</cookie-auth-query>
<cookie-auth-update>
UPDATE userInfo SET cookie=? WHERE userName=?
</cookie-auth-update>
<role-query>
SELECT userRole FROM userInfo WHERE userName=?
</role-query>
</authenticator>

<!-- 设置被保护的资源 -->
<security-constraint>
<web-resource-collection>
<url-pattern>/FishTest/*.jsp</url-pattern>
<url-pattern>/FishTest/*.htm</url-pattern>
<url-pattern>/FishTest/*.html</url-pattern>
</web-resource-collection>
<auth-constraint role-name='admin'/>
</security-constraint>

<!-- 设置登录页面及登录失败页面 -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>default</realm-name>
<form-login-config>
<form-login-page>/FishTest/Login.jsp</form-login-page>
<form-error-page>/FishTest/LoginError.html</form-error-page>

<internal-forward>false</internal-forward>
<form-uri-priority>true</form-uri-priority>

</form-login-config>
</login-config>

</web-app>



我给你写了一个,你看看吧,在resin下正常使用。如果其它的服务器不好用可以做相应的更改

<web-app>
  <welcome-file-list>
    <welcome-file>index.html</welcome-file>
  </welcome-file-list>

<!--直接把用户和角色配置在xml里
<authenticator>
	<class-name>com.caucho.http.security.XmlAuthenticator</class-name>
	<init-param user='Harry Potter:quidditch:user,gryffindor'/>
	<init-param user='Draco Malfoy:pureblood:user,slytherin'/>
	<init-param user='Fish:pwd:admin_user'/>
</authenticator>
-->
<!-- 从数据库里取用户和角色 -->
<authenticator id='com.caucho.http.security.JdbcAuthenticator'>
	<pool-name>cncworkdb</pool-name>
	<password-query>
		SELECT password FROM userInfo WHERE userName=?
	</password-query>
	<cookie-auth-query>
		SELECT cookie FROM userInfo WHERE userName=?
	</cookie-auth-query>
	<cookie-auth-update>
		UPDATE userInfo SET cookie=? WHERE userName=?
	</cookie-auth-update>
	<role-query>
		SELECT userRole FROM userInfo WHERE userName=?
	</role-query>
</authenticator>

<!-- 设置被保护的资源 -->
  <security-constraint> 
     <web-resource-collection> 
        <url-pattern>/FishTest/*.jsp</url-pattern> 
  	<url-pattern>/FishTest/*.htm</url-pattern> 
  	<url-pattern>/FishTest/*.html</url-pattern> 
     </web-resource-collection> 
     <auth-constraint role-name='admin'/>
  </security-constraint>

<!-- 设置登录页面及登录失败页面 -->
  <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>default</realm-name>
    <form-login-config>
      <form-login-page>/FishTest/Login.jsp</form-login-page>
      <form-error-page>/FishTest/LoginError.html</form-error-page>
      
      <internal-forward>false</internal-forward>	
      <form-uri-priority>true</form-uri-priority>
      
    </form-login-config>
  </login-config>



</web-app>

Fish:
在web.xml这样写能够把数据库里面的信息和role-name对照起来?能不能给一个在登陆处理(.jsp或servlet)中怎么用的代码吗?



这是登录页的代码
<form action='j_security_check' method='POST'>
<table>
<tr><td>User:<td><input name='j_username'>
<tr><td>Password:<td><input name='j_password'>
<tr><td colspan=2>hint: the password is 'quidditch'
<tr><td><input type=submit>
</table>
</form>