我正在尝试在Tomcat上保护Jersey服务,但是从浏览器访问它时遇到问题。我已经尝试了几个教程,但没有人有正确的解决方案,所以如果你还没有使用REST,请告诉我问题出在哪里。以下是我正在使用的配置文件:
的web.xml
<security-constraint>
<display-name>Security for Your Enterprise</display-name>
<web-resource-collection>
<web-resource-name>Your Enterprise web Security</web-resource-name>
<description>Redirect all to SSL</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description />
<role-name>role1</role-name>
</auth-constraint>
<user-data-constraint>
<description>Protection should be CONFIDENTIAL</description>
<transport-guarantee>INTEGRAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>role1</role-name>
</security-role>
tomcat的sever.xml
<Connector
clientAuth="false"
minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
port="8443"
scheme="https"
secure="true"
SSLEnabled="true"
keystoreFile="serverkey.keystore"
keystorePass="pwd"
protocol="HTTP/1.1"
sslProtocol="TLS"
/>
tomcat-users:
<tomcat-users>
<role rolename="role1"/>
<user
username="CN=10.0.25.21,OU=, O=, L=, ST=, C="
password="pwd" roles="role1"
/>
答案 0 :(得分:0)
将值更改为机密。