堆栈内存溢出
  简体   繁体   English

配置特定于上下文的Tomcat安全领域

[英]Configuring a Context specific Tomcat Security Realm

 原文  2010-12-09 16:33:16       java/ security/ tomcat

问题描述

I am trying to get a context specific security Realm in Tomcat 6.0, but when I start Tomcat I get the following error: 我试图在Tomcat 6.0中获取特定于上下文的安全领域,但是当我启动Tomcat时,我收到以下错误: 

09-Dec-2010 16:12:40 org.apache.catalina.startup.ContextConfig validateSecurityRoles
INFO: WARNING: Security role name myrole used in an <auth-constraint> without being defined in a <security-role>

I have created the following context.xml file: 我创建了以下context.xml文件: 

<Context debug="0" reloadable="true">

  <Resource name="MyUserDatabase"
            type="org.apache.catalina.UserDatabase"
            description="User database that can be updated and saved"
            factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
            pathname="conf/my-users.xml" />

  <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
         resourceName="MyUserDatabase"/>

</Context>

Created a file: my-users.xml which I have placed under WEB-INF/conf which contains the following: 创建了一个文件:my-users.xml,它放在WEB-INF / conf下,其中包含以下内容: 

<tomcat-users>
  <role rolename="myrole"/>
  <user username="test" password="changeit" roles="myrole" />
</tomcat-users>

Added the following lines to my web.xml file: 在我的web.xml文件中添加了以下行: 

<web-app ...>
  ...
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Entire Application</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection> 
    <auth-constraint>
      <role-name>myrole</role-name>
    </auth-constraint>
  </security-constraint>

  <login-config>
    <auth-method>BASIC</auth-method>
  </login-config>
  ...
</web-app>

But seem to get the error wherever I put conf/my-users.xml. 但无论我把conf / my-users.xml放在哪里,似乎都会出错。 Do I have to specify an explicit PATH in the pathname or is it relative to somewhere? 我是否必须在路径名中指定显式PATH或者它是否相对于某个地方? Ideally I would like to have it packaged up as part of my WAR file. 理想情况下,我希望将其打包为WAR文件的一部分。

Any ideas? 有任何想法吗?

2 个解决方案

解决方案1
 4  2010-12-09 17:01:29

I believe you need the following in your web.xml 我相信你的web.xml需要以下内容 

<security-role>
    <role-name>myrole</role-name>
</security-role>

in order to define the role. 为了定义角色。 Also, I think that you will need to reference the realm in the login-config 另外,我认为你需要在login-config中引用这个领域 

<login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>MyUserDatabase</realm-name>
 </login-config>

or similar. 或类似的。

解决方案2
 0  2010-12-09 17:08:47

Have a look at the tomcat-users.xml file in your Tomcat configuration directory that defines security roles as an example of what you need. 查看Tomcat配置目录中的tomcat-users.xml文件,该文件将安全角色定义为您需要的示例。

Also, refer to the following article for guidance. 另外,请参阅以下文章以获取指导。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Tomcat 7访问特定于上下文的领域 - Accessing a context specific realm with Tomcat 7 在Eclipse中配置tomcat安全管理器 - Configuring tomcat security manager in Eclipse 为特定服务配置tomcat https - Configuring tomcat https for specific service Spring Security-从Tomcat领域读取用户 - Spring Security - read users from Tomcat realm tomcat jdbc领域-j_security不重定向 - tomcat jdbc realm - j_security not redirecting 每个会话或每个请求的Tomcat安全领域? - Tomcat security realm per session or per request? 在上下文文件中配置Tomcat 7 JDNI数据源时出现问题 - Issue configuring Tomcat 7 JDNI datasource in Context file 使用context.xml配置WebApp以用于Tomcat - Configuring WebApp With context.xml For Use Tomcat 在嵌入式Tomcat领域中配置多个用户 - Configuring more than one user in Embedded Tomcat Realm 用以下方法配置tomcat上下文文件的替代方法是什么<Loader delegate = true /> - What is the alternative way for configuring tomcat context file with <Loader delegate = true />
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM