有谁知道tomcat是否能够密码保护文件(如apache .htaccess)? 我的意思是当用户从tomcat webapp请求一个文件时,它会提示输入用户名和密码并使用配置进行对话。
或保护文件取决于其IP地址。
希望有人可以帮助我吗?regads
答案 0 :(得分:4)
您可以在tomcat中设置基本身份验证。
将您的用户添加到tomcat-users.xml。类似的东西:
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="tomcat"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="myname" password="mypassword" roles="tomcat"/>
<user username="test" password="test"/>
</tomcat-users>
将配置添加到您的应用web.xml。像:
<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/references/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>your-role</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Application</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Manager Application
</description>
<role-name>your-role</role-name>
</security-role>
链接了解更多:
http://www.avajava.com/tutorials/lessons/how-do-i-use-basic-authentication-with-tomcat.html