我需要在struts 1.3.10 + tomcat 8
中进行基本身份验证我尝试使用以下代码:
<tomcat-users>
<role rolename="tomcat"/>
<role rolename="devteam"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="member1" password="pass1" roles="devteam"/>
<user username="member2" password="pass2" roles="devteam"/>
<user name="admin" password="admin" roles="admin,manager" />
</tomcat-users>
<security-constraint>
<web-resource-collection>
<web-resource-name>My Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>devteam</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
当我在浏览器中提供index.jsp url时,我可以获得身份验证屏幕。即使我将用户名和密码作为 member1&amp; pass1 (如tomcat-users.xml中所述)登录失败。
获取错误消息:
http status 401 this request required authentication.
在我得到的日志中:
org.apache.catalina.realm.LockOutRealm.authenticate An attempt was made to authenticate the locked user
我是否需要在server.xml中做任何事情?