Tomcat保護文件

Question

沒有人知道如果tomcat能夠密碼保護文件（如apache .htaccess）？ 我的意思是，當用戶從tomcat webapp請求一個文件時，它會提示輸入用戶名和密碼的對話框，並使用配置進行設置。

或保護該文件取決於其IP地址。

希望有人能幫助我嗎？

regads

Answer 1

你可以在tomcat中設置基本認證。

將你的用戶添加到tomcat-users.xml。例如：

<?xml version='1.0' encoding='utf-8'?> 
<tomcat-users> 
    <role rolename="tomcat"/> 
    <user username="tomcat" password="tomcat" roles="tomcat"/> 
    <user username="myname" password="mypassword" roles="tomcat"/> 
    <user username="test" password="test"/> 
</tomcat-users> 

並將配置添加到您的應用程序web.xml中。像：

<!-- Define a Security Constraint on this Application --> 
    <security-constraint> 
    <web-resource-collection> 
     <web-resource-name>Entire Application</web-resource-name> 
     <url-pattern>/references/*</url-pattern> 
    </web-resource-collection> 
    <auth-constraint> 
     <role-name>your-role</role-name> 
    </auth-constraint> 
    </security-constraint> 

    <!-- Define the Login Configuration for this Application --> 
    <login-config> 
    <auth-method>BASIC</auth-method> 
    <realm-name>Application</realm-name> 
    </login-config> 

    <!-- Security roles referenced by this web application --> 
    <security-role> 
    <description> 
     The role that is required to log in to the Manager Application 
    </description> 
    <role-name>your-role</role-name> 
    </security-role> 

鏈接，瞭解更多：

http://www.avajava.com/tutorials/lessons/how-do-i-use-basic-authentication-with-tomcat.html