下面给出的代码用于JAAS的用户身份验证。使用Oracle 11g和应用程序服务器Tomcat 8的数据库。
为什么在输入用户名和密码后输入,请输入login-error.html?
表:
CREATE TABLE "USERS"
("USERNAME" NVARCHAR2(50) NOT NULL ENABLE,
"PASSWORD" NVARCHAR2(50) NOT NULL ENABLE,
CONSTRAINT "USERS_PK" PRIMARY KEY ("USERNAME") ENABLE
) ;
CREATE TABLE "USERSROLE"
( "ROLENAME" NVARCHAR2(50) NOT NULL ENABLE,
"USERNAME" NVARCHAR2(50),
CONSTRAINT "USERSROLE_PK" PRIMARY KEY ("ROLENAME") ENABLE
) ;ALTER TABLE "USERSROLE" ADD CONSTRAINT "USERSROLE_FK" FOREIGN KEY ("USERNAME")
REFERENCES "USERS" ("USERNAME") ENABLE;
context.xml中
<?xml version="1.0" encoding="UTF-8"?>
<Context path="/ProjectName"> ">
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="oracle.jdbc.driver.OracleDriver"
connectionURL="jdbc:oracle:thin:@localhost:1521:xe"
connectionName="DBName" connectionPassword="myPassword"
userTable="users" userNameCol="USERNAME" userCredCol="PASSWORD"
userRoleTable="USERSROLE" roleNameCol="ROLENAME" />
</Context>
的web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>wholesale</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/login-error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>Admin</role-name>
</security-role>
的login.html
<form action="j_security_check" method="post">
User Name<input type="text" name="j_username"/> <br/>
Password<input type="password" name="j_password"/> <br/>
<input type="submit" value="Login" />
</form>
与登录的error.html
Login Failed! Try again!
<form action="j_security_check" method="post">
User Name<input type="text" name="j_username"/> <br/>
Password<input type="password" name="j_password"/> <br/>
<input type="submit" value="Login" />
</form>